megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 31 Mar 2023 07:41:24 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9851
Expires: Fri, 31 Mar 2023 10:25:35 GMT
Date: Fri, 31 Mar 2023 07:41:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11552
Expires: Fri, 31 Mar 2023 10:53:56 GMT
Date: Fri, 31 Mar 2023 07:41:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10242
Expires: Fri, 31 Mar 2023 10:32:06 GMT
Date: Fri, 31 Mar 2023 07:41:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 07:28:22 GMT
content-type: application/json
age: 782
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3gw5KPmCH0JAIdDBNi9TWv1DrNkGnEjxZDJEAd2RaSeS/4H5XX7nLaq3chW7n+nuvA8VXIPXkD4=
x-amz-request-id: 9WYDP7ZB0DPMRCHB
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 07:03:15 GMT
age: 2289
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2fdd88c5328a20e99bd682e34b8c0173
a6415caf042550cb51822e482d1f5b9178938ea3
f15a1244d7acc3b892df1a3ea767c24ce5f661e2e623fedc25ade8c7094c8af6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 23:25:48 GMT
Expires: Mon, 03 Apr 2023 23:25:47 GMT
Etag: "a6415caf042550cb51822e482d1f5b9178938ea3"
Cache-Control: max-age=315262,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b06f3244f38b50c-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11251
Expires: Fri, 31 Mar 2023 10:48:55 GMT
Date: Fri, 31 Mar 2023 07:41:24 GMT
Connection: keep-alive
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 4.0 kB URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
Hash a735d39bd66d6f44db3bad4226a18757
28eba6e44964abe816e379746ba791a2cbd2fd0b
13debee0b3ccc960710f94ae68a7d026bf8d1393a4cd24d3b56e24c448f228a6
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash 2f3f6a0ff7c36c9fa1c5f6a7250da36a
c49ff3da1b3311fa1db84bdf5d2e85b8509c8b3c
7e4923ae412f84c8adbc0547f01b24d6cdf78ab985d419dd92ff7ded6dc86335
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 07:41:25 GMT
expires: Fri, 31 Mar 2023 07:41:25 GMT
cache-control: private, max-age=900
last-modified: Fri, 31 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45039
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 1.9 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash 8a5d520819e9a0b2471667ce0304c1ea
f53ccc3c931f927174e731b8e8d7cbdc46644987
40c1b78a09ecdae6e1ebf8d5fd709d906254e7f19f0b495a4aad2e69f1710f1a
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7CtsSnDeCOPsBBfvH4jkew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aNBRwdr2C6tNe1yrt27RP34OClM=
Date: Fri, 31 Mar 2023 07:41:25 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 42 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (32341)
Hash 7c98f6b35bcd35d5a706dd712811dc70
0885c1cb26ae625c63603f54249ca46143cf9604
c9f5dfa9b94d012681b04bb60ef28328e3eca18ff0fd35841f08cc666f1fc70d
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 25 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (768)
Hash b1b8f59e8859b1dfef201b697ed455f4
19a76bc4aa1251299a4b2c9ed1fe3b2460757d0f
1404457e3c7f9b7f3dce4cc46c9c1d1d703e28f69ca522863fd721741175da89
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 07:41:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 01-Apr-2023 07:41:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sat, 01-Apr-2023 07:41:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 34 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
Hash c2e2bc2e35006d5791967a6271369db4
3d7af3398c8f285686ba027b5694709dac8f1b0b
40a0852def384bb83ac6b5390c344ec61b1e6039fb3f6788b0a9cdd8b3b85143
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 36 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1259)
Hash e2e3e1526d7f0308bc310e8f2639c74e
a59cfb7268000c154e391fd20ebaf430ae89a2a3
ae0ab3dba6c8d336e661e5b721f8fddcb67137bfe7d504a5454ae4b6237be0f1
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Hash 99ac81a158028ac2023fb3350d2497e7
f08c12c91ab29282a616c3ba8e533f49b5b433ca
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:25 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 22 kB URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1032), with no line terminators
Hash a4a756ba7af90d8743c6166727179da2
0a34bfb49a524b4f8dab42bed0b7eb47610d4745
090a988fdf1cc581a2bbbfd1baa7508c0be4fad738b9d51fa39fe29fe4cc9650
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 5.2 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (971), with no line terminators
Hash e7df0b0f45ff9ea1e70ef66c840d8fbd
75b7ac1dffd92635fb211aa109d3ff1f3665ad87
9b68d8e4d74eeccfef56d9c626095b7476b74455a8c23942bb1ef375c2c01d72
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 07:41:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 01-Apr-2023 07:41:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sat, 01-Apr-2023 07:41:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:0
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:26 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
13.33.189.59200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 13.33.189.59:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 189 kB (188712 bytes)
Hash c59f54f85946541f2d2270408f508499
0f7640b67cf6ea493ddfd1ff5dc507bbb935b125
d7672484c035a49241f774384a17d9d93c834f330025d8a854576513a4955d2e
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188712
date: Fri, 31 Mar 2023 07:41:25 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 51db80ac6a80e49e38b5e898f946de1e.cloudfront.net (CloudFront)
x-amz-cf-pop: TPE52-C1
x-amz-cf-id: ksnYvuvLtt2LKiohzoScCjFoqFPpjBh8iOuIbqDjfh6tTYbfSI1vvg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20658
Expires: Fri, 31 Mar 2023 13:25:44 GMT
Date: Fri, 31 Mar 2023 07:41:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20658
Expires: Fri, 31 Mar 2023 13:25:44 GMT
Date: Fri, 31 Mar 2023 07:41:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: WnrfQr57EWYnXt1xJt9tr5XCuM3gPYULlDdEVpv2Q2kz7MDIPxSPKA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
age: 35616
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 07:41:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L6tgzFrj9t69Rnfd9bziAPiROAX0tvcj9Kcg8sXkto8qRFeKqiwkpg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:17:06 GMT
age: 33860
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36630e1b-1c89-4e55-ac67-f104436fd02c.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36630e1b-1c89-4e55-ac67-f104436fd02c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45a4bac8a91b725def9099fd6f720285
134ace682a567c7e385817c8f8af0d49acfde847
3d60e54132cbbba19ce8ad4bdf79a4b3b6ae74573f45bf4f080a283aa250b53c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36630e1b-1c89-4e55-ac67-f104436fd02c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8358
x-amzn-requestid: 8069495f-4ea5-4975-8369-fc4db9199774
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllH2fIAMFdlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-2e5418a132076d0569e30de6;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: z4Jd4oIn19s5lhDNYlrrh6RlxDz7mxCg1KJKUyFfJfqZsymvADn88g==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:02:05 GMT
age: 34761
etag: "134ace682a567c7e385817c8f8af0d49acfde847"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:44:37 GMT
age: 3409
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2f9b47f-7e28-468a-96d8-f92534ab813e.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2f9b47f-7e28-468a-96d8-f92534ab813e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 809c8ac4f4ec3c118e43e401ff7f1570
5e3437ccd6b18b17b5fd2ffe67ee592acb01eb29
5c8e37e45cabe2b53d654fb01f869846c282f53b36a8fdb3521992aedc96cf70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2f9b47f-7e28-468a-96d8-f92534ab813e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9471
x-amzn-requestid: 3882bb5f-32d0-451d-aeb2-ff6474747a14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVE_Gx_oAMFmsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6426021f-486afb1d6942e493158fe68a;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:51 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 0ovDSxobqvu97QXQme6M_kCrBD9Dyug4z5i6t1eyHFMuUc6H4pq5uw==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:05 GMT
age: 35721
etag: "5e3437ccd6b18b17b5fd2ffe67ee592acb01eb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e55c2ccec92fa37b631f5616ba5e1b77
c3f1113bad672968f22e63693ef4481f7f5616fe
10bfe1a2cf0b6e0a2a548935a1afc061fc61990a121a84580f3969df68b7974c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10706
x-amzn-requestid: 2e382033-306f-40ed-b259-76790e5e3ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUlmGujoAMFamQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-3856db4579fce52a18219166;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: cYDbU2yRL1y7tFVehv7XBDdywykpvl7kVurr1JvsGPTlYkmsOBwczg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:04:58 GMT
age: 34588
etag: "c3f1113bad672968f22e63693ef4481f7f5616fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
alargeredrubygsw.com/N3JSZFAYTTEXbW0kBD4xXAoBPRdfEDRVYVkQPgx1BTQEIxpDJRpcdkMbNlloBUdrVWERAjsAbQRAdBckVgYnF20FQmJTdl4cNAttBVQkWWAZS3xVfgJUJ1lhEQYiBTcKQ3QUJEMeb1VmD0JgUGgDSmRSZwQ
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/N3JSZFAYTTEXbW0kBD4xXAoBPRdfEDRVYVkQPgx1BTQEIxpDJRpcdkMbNlloBUdrVWERAjsAbQRAdBckVgYnF20FQmJTdl4cNAttBVQkWWAZS3xVfgJUJ1lhEQYiBTcKQ3QUJEMeb1VmD0JgUGgDSmRSZwQ
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /N3JSZFAYTTEXbW0kBD4xXAoBPRdfEDRVYVkQPgx1BTQEIxpDJRpcdkMbNlloBUdrVWERAjsAbQRAdBckVgYnF20FQmJTdl4cNAttBVQkWWAZS3xVfgJUJ1lhEQYiBTcKQ3QUJEMeb1VmD0JgUGgDSmRSZwQ HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 07:41:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2B3BiDIVRXLsJ9QGP7AMgLBivnvUipczsfjmwg5mdbFcBgKDOpbveigHU%2B40gjUhD6RrcvSzP2JAezm6uU%2Fn06t3sve95XaqBEFLxm1prSiUclypmcHjEXw74cRrLZ1wAHT4iu47Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f332dc3cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alargeredrubygsw.com/WXpzZHN2RRAXTgMQFBMXah4gIBQxNSEiNhc7GCY1DzsYJSJpP1UQGj1HRFJCaEJFQgMwHk5VVSoOEhAGKkdCQho3HBxZVS9HQkpAbVRAVl1rXAZZQn8OAwUUZEtVFActFk5VRWFKQVBLbUJFUkZu
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/WXpzZHN2RRAXTgMQFBMXah4gIBQxNSEiNhc7GCY1DzsYJSJpP1UQGj1HRFJCaEJFQgMwHk5VVSoOEhAGKkdCQho3HBxZVS9HQkpAbVRAVl1rXAZZQn8OAwUUZEtVFActFk5VRWFKQVBLbUJFUkZu
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WXpzZHN2RRAXTgMQFBMXah4gIBQxNSEiNhc7GCY1DzsYJSJpP1UQGj1HRFJCaEJFQgMwHk5VVSoOEhAGKkdCQho3HBxZVS9HQkpAbVRAVl1rXAZZQn8OAwUUZEtVFActFk5VRWFKQVBLbUJFUkZu HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 07:41:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XO6WUxH79HtEpNZi1PiGKuAP6Hjdjgq7StQTh%2BCLQzKRTRz8QBfhE0yAO3kXhjptlihG0O1T%2FMoVwQ27MW4GiNj9ceNySyt1QP0c1nNXcbqeQFqLcI7rMoRgAGivE%2BapvpFpPCUt%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f332dc36b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alargeredrubygsw.com/dUFpc3RafgoASRQGWUAWMA8MJANMIAxCBCAAP0pHLXBZIyw9Lk8HHRF8UURCRnBRVQQcJVRBTVMyHRIAADJUQlIcLw8cSVM3VEJaRW9fQ1pGZxxORVM1GRITSHBPAwABLVRCQk1xW0dMQXlfRUxF
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/dUFpc3RafgoASRQGWUAWMA8MJANMIAxCBCAAP0pHLXBZIyw9Lk8HHRF8UURCRnBRVQQcJVRBTVMyHRIAADJUQlIcLw8cSVM3VEJaRW9fQ1pGZxxORVM1GRITSHBPAwABLVRCQk1xW0dMQXlfRUxF
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dUFpc3RafgoASRQGWUAWMA8MJANMIAxCBCAAP0pHLXBZIyw9Lk8HHRF8UURCRnBRVQQcJVRBTVMyHRIAADJUQlIcLw8cSVM3VEJaRW9fQ1pGZxxORVM1GRITSHBPAwABLVRCQk1xW0dMQXlfRUxF HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 07:41:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hd6LK1jh9rhp1XF%2FNUBAbqc80UkN9lN7n1Cv2O0%2B%2F6RbGuABgVIh5iHbcgKoi%2F5qt1IP2na2e9iu%2FkBHNA56nKYy1MitK0znNof%2Boc48j943o9embaknIZjYEVj0Pq0l%2F7EceYXWwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f332dc41b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 278 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 659f01ba6f82722266fdb59da503b5b1
dcdd33e38d295ad43328f72b3cdf8f196e4e39cc
62139074159b654b914c0284e45bc8570dd34e013ad21efaa8892cedd086bfd1
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:26 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
alargeredrubygsw.com/eFJxNDFXbRJHDCwaPE1QAgBUBnMrNSdSdSAiPXZ3DxMXcUI6ChZhFww7FQkITGtJAgVeIhhQDElqV0dFGSYERwxJdBhaVxdvV0IMSXxBGgNWYVdBDEl0BURQH29AEkEMJh0JAE5qQQYFQGZJAgdBYg
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/eFJxNDFXbRJHDCwaPE1QAgBUBnMrNSdSdSAiPXZ3DxMXcUI6ChZhFww7FQkITGtJAgVeIhhQDElqV0dFGSYERwxJdBhaVxdvV0IMSXxBGgNWYVdBDEl0BURQH29AEkEMJh0JAE5qQQYFQGZJAgdBYg
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eFJxNDFXbRJHDCwaPE1QAgBUBnMrNSdSdSAiPXZ3DxMXcUI6ChZhFww7FQkITGtJAgVeIhhQDElqV0dFGSYERwxJdBhaVxdvV0IMSXxBGgNWYVdBDEl0BURQH29AEkEMJh0JAE5qQQYFQGZJAgdBYg HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 07:41:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVIWCwwjpwtlxS6T97Zut8iJqgWfqUCNc41RY5Z7NtT%2BFOq%2F46eRl4EXtSZik8YfOO6UhGfIuX4FjABRh0CIJmQ4p4ZyBywT7g2ODfmdCL%2FmusCoEEVrl%2FFUj5OBkwsc%2BMt3eoM7lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f332cc35b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 07:41:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
alargeredrubygsw.com/eXQzeGxWS1ALUR0waTQiLxB3OgIOMWlILT0SRCoLKBN5TS5LQBUMBR1JBE5YSEACXhwQEA5JSgoAUgwZCkkCXgUXElxFSg9JAlZfTVoASkJLUkZFXV8AQxkLREUVCBgNGA5JWkFEAUxUTUwFT1xL
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/eXQzeGxWS1ALUR0waTQiLxB3OgIOMWlILT0SRCoLKBN5TS5LQBUMBR1JBE5YSEACXhwQEA5JSgoAUgwZCkkCXgUXElxFSg9JAlZfTVoASkJLUkZFXV8AQxkLREUVCBgNGA5JWkFEAUxUTUwFT1xL
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eXQzeGxWS1ALUR0waTQiLxB3OgIOMWlILT0SRCoLKBN5TS5LQBUMBR1JBE5YSEACXhwQEA5JSgoAUgwZCkkCXgUXElxFSg9JAlZfTVoASkJLUkZFXV8AQxkLREUVCBgNGA5JWkFEAUxUTUwFT1xL HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 07:41:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfAGZIQQgveD3xGiZSY3F3T58W1duCM9KPlWHfEpPiFq64syMXJw28CIk5PxU5C%2FRB2%2BtxrNEzN%2B1kdRanJHgHqgPEgvsvil7WK%2BEplp6ij%2F16Dfo%2BO5CxgfHinCgS4k8%2Bzk79yAFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f332ec5fb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vingartistictaste.com/U3l5OEIyGxpVfTJEGx43IRVEHXAVXEt+Jj4UA1MkN0FLTyMqF1dbLjwMHV4wPBcNFiw2DVwKBB8sLWFxMCEsQRUFEiFrKwUfLAg6HiMoABIBST8LGhYoHH87FjUdUykENx5tARAOLFkhCzcheREnKjpTBAcpL1wYFRIRCxdiEiprBRIoL1AXCxs4cRAROytLFWIeNXAGYhgvVBAbPw51GAIvO1IAO0E+cAZqKi55GxQdOGkKGw4/CAASHThqGms+PFMLYB04aQoREQ4dcBU4OHYXARE0bAAGPDdiNRoqKFImYzs4WwYSSih+Jjg7P2IANDEufgA5OxUVAwY/E0gYFhI0QhskID5pFwUeO18YBitLfhMLHjRpDGIVKW4HMCE7TyYWLkt9EwISAX1kOQoWVjJuOEFbJWBMA0gJFD0
108.157.229.47200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/U3l5OEIyGxpVfTJEGx43IRVEHXAVXEt+Jj4UA1MkN0FLTyMqF1dbLjwMHV4wPBcNFiw2DVwKBB8sLWFxMCEsQRUFEiFrKwUfLAg6HiMoABIBST8LGhYoHH87FjUdUykENx5tARAOLFkhCzcheREnKjpTBAcpL1wYFRIRCxdiEiprBRIoL1AXCxs4cRAROytLFWIeNXAGYhgvVBAbPw51GAIvO1IAO0E+cAZqKi55GxQdOGkKGw4/CAASHThqGms+PFMLYB04aQoREQ4dcBU4OHYXARE0bAAGPDdiNRoqKFImYzs4WwYSSih+Jjg7P2IANDEufgA5OxUVAwY/E0gYFhI0QhskID5pFwUeO18YBitLfhMLHjRpDGIVKW4HMCE7TyYWLkt9EwISAX1kOQoWVjJuOEFbJWBMA0gJFD0
IP 108.157.229.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Hash 9b1b65472df963a40726da6c14163edb
1936ca491e3b5086a11ffc9d3cc19b996579a4e3
b63eccc51d0d809dd7229172df7a1a8a3137a7289d9d968eb3eb568fa9269855
GET /U3l5OEIyGxpVfTJEGx43IRVEHXAVXEt+Jj4UA1MkN0FLTyMqF1dbLjwMHV4wPBcNFiw2DVwKBB8sLWFxMCEsQRUFEiFrKwUfLAg6HiMoABIBST8LGhYoHH87FjUdUykENx5tARAOLFkhCzcheREnKjpTBAcpL1wYFRIRCxdiEiprBRIoL1AXCxs4cRAROytLFWIeNXAGYhgvVBAbPw51GAIvO1IAO0E+cAZqKi55GxQdOGkKGw4/CAASHThqGms+PFMLYB04aQoREQ4dcBU4OHYXARE0bAAGPDdiNRoqKFImYzs4WwYSSih+Jjg7P2IANDEufgA5OxUVAwY/E0gYFhI0QhskID5pFwUeO18YBitLfhMLHjRpDGIVKW4HMCE7TyYWLkt9EwISAX1kOQoWVjJuOEFbJWBMA0gJFD0 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Fri, 31 Mar 2023 07:41:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: dKiDEbx4aihaL5DswetbRy11-u8XH3ybQeBqtqYD6b21sYHccDxDoQ==
X-Firefox-Spdy: h2
vingartistictaste.com/OFp3YzBZOBQOD1lnFUVFSjZKRgJ+f0UlVFU3DQhWXGJFFFFBNFkAXFcvEwVCVzQDTV5dLlJRdlQ4IlpgYWhDLHl7HzE2YlM3PFIFYg1EFxUKGCFSCXQQIxR9eRhGGntraic7V3UQMwthURkPG2FyHCY7VW0PFiVJTCMiU1d6Fh4mdW1qBBJ5aRgjO3dTLzUUSGk/RQhocD0+CFNfKTUkWWEuMARpfREkNXZ/LQ8aeV8tIiFzdTA2CEReGS8TfmAxH1pWCCktIXN9KDMhW107GVJkeRgbElZuFBE7Z35/RSViVGoBAl4JDjAyYVA/IQd8YD1GEmVubiEGaBUuMDtjASsRNX1bHUUTCHE2TgdVVRwjMQBQYxEUYXQeHjJXajYAEVZgYyQ7XAl/RSFWCRA7OwMAKjQLR3ERJCJSa2tPKVZUFBUyAwEqMQ9+W3wdEF9WKkoFfllpOyVdQhUzMANyYy9V
108.157.229.47200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/OFp3YzBZOBQOD1lnFUVFSjZKRgJ+f0UlVFU3DQhWXGJFFFFBNFkAXFcvEwVCVzQDTV5dLlJRdlQ4IlpgYWhDLHl7HzE2YlM3PFIFYg1EFxUKGCFSCXQQIxR9eRhGGntraic7V3UQMwthURkPG2FyHCY7VW0PFiVJTCMiU1d6Fh4mdW1qBBJ5aRgjO3dTLzUUSGk/RQhocD0+CFNfKTUkWWEuMARpfREkNXZ/LQ8aeV8tIiFzdTA2CEReGS8TfmAxH1pWCCktIXN9KDMhW107GVJkeRgbElZuFBE7Z35/RSViVGoBAl4JDjAyYVA/IQd8YD1GEmVubiEGaBUuMDtjASsRNX1bHUUTCHE2TgdVVRwjMQBQYxEUYXQeHjJXajYAEVZgYyQ7XAl/RSFWCRA7OwMAKjQLR3ERJCJSa2tPKVZUFBUyAwEqMQ9+W3wdEF9WKkoFfllpOyVdQhUzMANyYy9V
IP 108.157.229.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash eb2f8b2d0b9d0f893a5012ba304b4399
d59cf90f62f5ef1913375291fdfcbdaed08daf3b
4062cda809cc63472eb0479ef2e92f23d9a3a9fbc699168cd4ca8600e4eb9681
GET /OFp3YzBZOBQOD1lnFUVFSjZKRgJ+f0UlVFU3DQhWXGJFFFFBNFkAXFcvEwVCVzQDTV5dLlJRdlQ4IlpgYWhDLHl7HzE2YlM3PFIFYg1EFxUKGCFSCXQQIxR9eRhGGntraic7V3UQMwthURkPG2FyHCY7VW0PFiVJTCMiU1d6Fh4mdW1qBBJ5aRgjO3dTLzUUSGk/RQhocD0+CFNfKTUkWWEuMARpfREkNXZ/LQ8aeV8tIiFzdTA2CEReGS8TfmAxH1pWCCktIXN9KDMhW107GVJkeRgbElZuFBE7Z35/RSViVGoBAl4JDjAyYVA/IQd8YD1GEmVubiEGaBUuMDtjASsRNX1bHUUTCHE2TgdVVRwjMQBQYxEUYXQeHjJXajYAEVZgYyQ7XAl/RSFWCRA7OwMAKjQLR3ERJCJSa2tPKVZUFBUyAwEqMQ9+W3wdEF9WKkoFfllpOyVdQhUzMANyYy9V HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1200
date: Fri, 31 Mar 2023 07:41:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 6TZFVYv0ZnK0ogsgwgp0RA6O2seB5r8rH45vGHQdKiF6wMmvUhicFg==
X-Firefox-Spdy: h2
vingartistictaste.com/TXFHRVksEyQoZixMJWMsPx16YGsLVHUDPSAcPS4/KUl1Mjg0H2kmNSIEIyMrIh8zazcoBWJ3Hz0rdBMOAikGAB4nGSERIQASCiILBSQSFzcMJB0HETQnEA0xKTgAEzovMyx1bhoYLAoTDCAhBxt9IyYyNRoyPxRtFRp2BxwJGSYRDxclCXRpHiYsAy4ZIAYMESAFFQ0hDBIJABgUNS8IYQUGEgIKCQUQBj55KwgpMRsnEwszC0EFBgt/KBUHLnkTCikABTcBBzIOI3MRDAogDRQPKRMdLSEJOxEHMg4gJAoefzAJEw8cQiQyLQw5dwswBTQKKQwKXBYPGCU3Fh8BJTMRdRt5MhEpGh9DHSAfHCAiCgs1Mg4QPSAyAgcBHzYeDA8bJwEIHwwyBi0UeCAREw8AQyQPCxgdASYcNT8RIn8nAigrKXA+KS44dRwkHDAcIw
108.157.229.47200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/TXFHRVksEyQoZixMJWMsPx16YGsLVHUDPSAcPS4/KUl1Mjg0H2kmNSIEIyMrIh8zazcoBWJ3Hz0rdBMOAikGAB4nGSERIQASCiILBSQSFzcMJB0HETQnEA0xKTgAEzovMyx1bhoYLAoTDCAhBxt9IyYyNRoyPxRtFRp2BxwJGSYRDxclCXRpHiYsAy4ZIAYMESAFFQ0hDBIJABgUNS8IYQUGEgIKCQUQBj55KwgpMRsnEwszC0EFBgt/KBUHLnkTCikABTcBBzIOI3MRDAogDRQPKRMdLSEJOxEHMg4gJAoefzAJEw8cQiQyLQw5dwswBTQKKQwKXBYPGCU3Fh8BJTMRdRt5MhEpGh9DHSAfHCAiCgs1Mg4QPSAyAgcBHzYeDA8bJwEIHwwyBi0UeCAREw8AQyQPCxgdASYcNT8RIn8nAigrKXA+KS44dRwkHDAcIw
IP 108.157.229.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3039), with no line terminators
Hash afd216b7a17ce9d391274d028ca1fb41
099eec53dc18f094d8fcde15f8495b4e30076d39
118f1ba1f3825c1898417c9270ae0aefbd4db4d39a8202243b44fb90f89bc030
GET /TXFHRVksEyQoZixMJWMsPx16YGsLVHUDPSAcPS4/KUl1Mjg0H2kmNSIEIyMrIh8zazcoBWJ3Hz0rdBMOAikGAB4nGSERIQASCiILBSQSFzcMJB0HETQnEA0xKTgAEzovMyx1bhoYLAoTDCAhBxt9IyYyNRoyPxRtFRp2BxwJGSYRDxclCXRpHiYsAy4ZIAYMESAFFQ0hDBIJABgUNS8IYQUGEgIKCQUQBj55KwgpMRsnEwszC0EFBgt/KBUHLnkTCikABTcBBzIOI3MRDAogDRQPKRMdLSEJOxEHMg4gJAoefzAJEw8cQiQyLQw5dwswBTQKKQwKXBYPGCU3Fh8BJTMRdRt5MhEpGh9DHSAfHCAiCgs1Mg4QPSAyAgcBHzYeDA8bJwEIHwwyBi0UeCAREw8AQyQPCxgdASYcNT8RIn8nAigrKXA+KS44dRwkHDAcIw HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1189
date: Fri, 31 Mar 2023 07:41:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: qoy3QFpThh6n86MqX6rnWmZqG36zXY37rC96d3tFkfKVmShAW558Ow==
X-Firefox-Spdy: h2
vingartistictaste.com/Wlc1T2o7NVYiVTtqV2kfKDsIalgccgcJDjc6TyQMPm8HOAsjORssBjUiUSkYNTlBYQQ/IxB9LCoOYSccD2VWDDwtEgQYKAwFdn1fPAFSegkDOwwHPzIgDQw4HxF5HVsNEwUkJBUgAQgOHzxbBzsPEW18PxYWcxYjODxwCjw9L0AZAT4NdjUsOwFnewgTIFIEKAs0DQorMjZzJRkVFQQFIBAwbyw8CxZFCw1rAnEhMAwdQn4oA2d/GykfNF4LDWM0dAw7DwV0PwwKBXsKKTZuXBlaYh5mIis2BXQ/DBAWAR8uNiMHGSkXM20YJzwBQjchAxRjCik2eg0nLw8GeQMHEA9jDTA8Ml4FPhkWUn0oGydtHAcfP2A4Aj8OBCs7GREAfTwMEVANAx8Ud34JAjNZGgQZAQwiOQwSUAgHbwATJRk1OUVyKBRmWz4IMj5SAw
108.157.229.47200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/Wlc1T2o7NVYiVTtqV2kfKDsIalgccgcJDjc6TyQMPm8HOAsjORssBjUiUSkYNTlBYQQ/IxB9LCoOYSccD2VWDDwtEgQYKAwFdn1fPAFSegkDOwwHPzIgDQw4HxF5HVsNEwUkJBUgAQgOHzxbBzsPEW18PxYWcxYjODxwCjw9L0AZAT4NdjUsOwFnewgTIFIEKAs0DQorMjZzJRkVFQQFIBAwbyw8CxZFCw1rAnEhMAwdQn4oA2d/GykfNF4LDWM0dAw7DwV0PwwKBXsKKTZuXBlaYh5mIis2BXQ/DBAWAR8uNiMHGSkXM20YJzwBQjchAxRjCik2eg0nLw8GeQMHEA9jDTA8Ml4FPhkWUn0oGydtHAcfP2A4Aj8OBCs7GREAfTwMEVANAx8Ud34JAjNZGgQZAQwiOQwSUAgHbwATJRk1OUVyKBRmWz4IMj5SAw
IP 108.157.229.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3036), with no line terminators
Hash d2a9cc235b6a8316b33feeb91def6581
d9791f509401527f6fdd0be5dec0b5e735d0ae20
160686a0216d8a52ca68cce081d7b41010a313db419b357f958d8337623e2b30
GET /Wlc1T2o7NVYiVTtqV2kfKDsIalgccgcJDjc6TyQMPm8HOAsjORssBjUiUSkYNTlBYQQ/IxB9LCoOYSccD2VWDDwtEgQYKAwFdn1fPAFSegkDOwwHPzIgDQw4HxF5HVsNEwUkJBUgAQgOHzxbBzsPEW18PxYWcxYjODxwCjw9L0AZAT4NdjUsOwFnewgTIFIEKAs0DQorMjZzJRkVFQQFIBAwbyw8CxZFCw1rAnEhMAwdQn4oA2d/GykfNF4LDWM0dAw7DwV0PwwKBXsKKTZuXBlaYh5mIis2BXQ/DBAWAR8uNiMHGSkXM20YJzwBQjchAxRjCik2eg0nLw8GeQMHEA9jDTA8Ml4FPhkWUn0oGydtHAcfP2A4Aj8OBCs7GREAfTwMEVANAx8Ud34JAjNZGgQZAQwiOQwSUAgHbwATJRk1OUVyKBRmWz4IMj5SAw HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1187
date: Fri, 31 Mar 2023 07:41:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 7Jd8PCUY3VmZLBMEbCJJc7TtQAldTi7LzDa1NqP9c2UvQ3ddQ7ZdyQ==
X-Firefox-Spdy: h2
vingartistictaste.com/TTNqSkssUQkndCwOCGw+P19Xb3kLFlgMLyBeECEtKQtYPSo0XUQpJyJGDiw5Il0eZCUoR094DQFWARh6KQEvEAA1QDgSLHlHLx87F2AiDAYfXygpBypqMw48PQYlMBo1YzkHMwJLPx4JOmY8GDx5FlgIDhhDOBIIKmYtGxEFagILEQxYDnseNWosDQMhcT8YHgZ4En8AC3E7LQ4PdiMMCAhhPxgaL1Y4LRIKSyclDB9pLxkKB3I9HA0rVwEcLQtbJzsOH1Q9CRwLezg9cwJqPy4DGHYaOxkbeTkFDAt7ODISGXgBBA8fdgENHghlOAslB3E/JgJ5aj9nLwV2HTIjH1kwGxgjdQgYeyVVDiEeHHEoIT0KXyAeGwVpLBgnC3gOHx0KYS8iewhLXh4DNHoLDnsfeishGQVlLBh7GEQgKRg6FQA5JCNDVwQIHXQNDgc5Wik6KQ
108.157.229.47200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/TTNqSkssUQkndCwOCGw+P19Xb3kLFlgMLyBeECEtKQtYPSo0XUQpJyJGDiw5Il0eZCUoR094DQFWARh6KQEvEAA1QDgSLHlHLx87F2AiDAYfXygpBypqMw48PQYlMBo1YzkHMwJLPx4JOmY8GDx5FlgIDhhDOBIIKmYtGxEFagILEQxYDnseNWosDQMhcT8YHgZ4En8AC3E7LQ4PdiMMCAhhPxgaL1Y4LRIKSyclDB9pLxkKB3I9HA0rVwEcLQtbJzsOH1Q9CRwLezg9cwJqPy4DGHYaOxkbeTkFDAt7ODISGXgBBA8fdgENHghlOAslB3E/JgJ5aj9nLwV2HTIjH1kwGxgjdQgYeyVVDiEeHHEoIT0KXyAeGwVpLBgnC3gOHx0KYS8iewhLXh4DNHoLDnsfeishGQVlLBh7GEQgKRg6FQA5JCNDVwQIHXQNDgc5Wik6KQ
IP 108.157.229.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash 74ff76792571c76bf6642b7919df0617
143e9ee5ce7f5045fc37bb04d2db5a5b62abf3f5
830b4a1fb4a1b135a100b977d6cd385daf66c5840de903bea59316a6d47c9f2e
GET /TTNqSkssUQkndCwOCGw+P19Xb3kLFlgMLyBeECEtKQtYPSo0XUQpJyJGDiw5Il0eZCUoR094DQFWARh6KQEvEAA1QDgSLHlHLx87F2AiDAYfXygpBypqMw48PQYlMBo1YzkHMwJLPx4JOmY8GDx5FlgIDhhDOBIIKmYtGxEFagILEQxYDnseNWosDQMhcT8YHgZ4En8AC3E7LQ4PdiMMCAhhPxgaL1Y4LRIKSyclDB9pLxkKB3I9HA0rVwEcLQtbJzsOH1Q9CRwLezg9cwJqPy4DGHYaOxkbeTkFDAt7ODISGXgBBA8fdgENHghlOAslB3E/JgJ5aj9nLwV2HTIjH1kwGxgjdQgYeyVVDiEeHHEoIT0KXyAeGwVpLBgnC3gOHx0KYS8iewhLXh4DNHoLDnsfeishGQVlLBh7GEQgKRg6FQA5JCNDVwQIHXQNDgc5Wik6KQ HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1191
date: Fri, 31 Mar 2023 07:41:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: OsUHWMC1yDK2xYCnM7crHyOyYOXU2RsXWUiNCoRjL-FwoNOpzTeX6Q==
X-Firefox-Spdy: h2
megaup.net/imageads/012.gif
91.209.70.182200 OK 498 kB URL HTTP/2 megaup.net/imageads/012.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 498 kB (498127 bytes)
Hash 008597da36f68c5f0a6324833164297d
bf10c016b0938ad06e51e416d063805d40b0265a
16628c257f8fea93d55efb135f326d1c7bca14645f353abe1a67ca289595ef2f
GET /imageads/012.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: image/gif
content-length: 498127
last-modified: Mon, 29 Mar 2021 20:01:24 GMT
vary: Accept-Encoding
etag: "60623214-799cf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
172.67.74.36200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 172.67.74.36:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Fri, 21 Apr 2023 07:19:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 770150
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P44PZn5W9Iwx2krs50pY2uZXnkVtTIib3NLxEwgFpVl07ekGHD5XuLSuXSPw6eAriWXMeroIYXqt294hBN29ME753nWOCSZ5%2BXzs6FyVcyi3yM8ugz%2BS9pMVOvy9DQyT6v53OMmG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b06f334dc26b503-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ec691b25beda5cc3d9c312b7f23a4e42
96cd0daf3d2b6d28a7f6e35e456e2129294597bf
bcc7756a077b27b23b1a2cca52f8e7e4d4689a79ed4d4db6946685a73b42c52b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCC7756A077B27B23B1A2CCA52F8E7E4D4689A79ED4D4DB6946685A73B42C52B"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6112
Expires: Fri, 31 Mar 2023 09:23:19 GMT
Date: Fri, 31 Mar 2023 07:41:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c90bd7c311e02a4f9063c08ebf5261eb
4e2b8db47531a9c124ab0c6cf5a0900a199348ca
34744e7e236ec71b63064fc97c38099ef3460770078518828afd3078a835ef22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:41:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ce7308102e0dd738be581569aab3c18f
1cad180ddadf6b3f9da7cddb50f6b8295128553d
1927bf86d6f33ee13042472aadda4133d65bc9535025c5f8a36dc76dfbaa6012
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4044
Cache-Control: max-age=92688
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:41:27 GMT
Etag: "642545eb-1d7"
Expires: Sat, 01 Apr 2023 09:26:15 GMT
Last-Modified: Thu, 30 Mar 2023 08:18:51 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0df2e2ff4ead187d9223303ef5099043
d2a02977a9a7606d61848f7df79197c950a487eb
e876264f6b57ac3f7e70b97c840fe9519bfde482e7ffd3009a4d21cc1603f372
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 31 Mar 2023 01:11:36 GMT
Expires: Fri, 07 Apr 2023 01:11:35 GMT
Etag: "d2a02977a9a7606d61848f7df79197c950a487eb"
Cache-Control: max-age=580807,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b06f33589bab4ff-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 282 B IP 172.64.155.188:0
Hash cecf6a46b6a83643b5caa1e729212134
5c840e263bf9296f933f00b9e6eaee2bcf863c3e
ea29e3e79612883b02a1634d0f9280adc0818d0db92ff2aa58d4b0ecf2a7cf59
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:27 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 04:43:13 GMT
Expires: Thu, 06 Apr 2023 04:43:12 GMT
Etag: "5c840e263bf9296f933f00b9e6eaee2bcf863c3e"
Cache-Control: max-age=507104,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b06f3348ff0b50c-OSL
www.google-analytics.com/analytics.js
142.250.74.142200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 31 Mar 2023 06:05:11 GMT
expires: Fri, 31 Mar 2023 08:05:11 GMT
cache-control: public, max-age=7200
age: 5776
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c90bd7c311e02a4f9063c08ebf5261eb
4e2b8db47531a9c124ab0c6cf5a0900a199348ca
34744e7e236ec71b63064fc97c38099ef3460770078518828afd3078a835ef22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:41:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imp9.bidgear.com/rec?t=1&z=6192&uuid=974eceea4c3449d392539e7ef034a2e0&p=28&g=NO&token=4a44335432&tbg=1680248487
172.67.74.36200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=974eceea4c3449d392539e7ef034a2e0&p=28&g=NO&token=4a44335432&tbg=1680248487
IP 172.67.74.36:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=974eceea4c3449d392539e7ef034a2e0&p=28&g=NO&token=4a44335432&tbg=1680248487 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jrworp2GLTuS0PfzNuChe5zeu0%2BBMy%2BO4ayJDJes3D4oMnzG%2F0pHO7VS4HB8BW8lkViRiE7vSU1%2FCMc2ygE%2Fb2v3MbHn3nc1RpmtjjZ%2FkYaJbSvd9kbZRhIR1x1Y5xr1Y8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f3350c86b503-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1201332357&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&ul=en-us&de=UTF-8&dt=The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=868161671&gjid=558393300&cid=1881854737.1680248487&tid=UA-108868042-1&_gid=289397429.1680248487&_r=1>m=457e33t0&jsscut=1&z=360714523
142.250.74.142200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1201332357&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&ul=en-us&de=UTF-8&dt=The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=868161671&gjid=558393300&cid=1881854737.1680248487&tid=UA-108868042-1&_gid=289397429.1680248487&_r=1>m=457e33t0&jsscut=1&z=360714523
IP 142.250.74.142:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j99&a=1201332357&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&ul=en-us&de=UTF-8&dt=The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=868161671&gjid=558393300&cid=1881854737.1680248487&tid=UA-108868042-1&_gid=289397429.1680248487&_r=1>m=457e33t0&jsscut=1&z=360714523 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Fri, 31 Mar 2023 07:41:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 1.1 kB URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
Hash 675a152036d67c14c909482406ac0672
9f9d66f3501914721dc382d68d03a808bed163ab
5c3e7176b6a6ac660b4caf747b5dd835624c60f8a736408c0ddc9541e421e40b
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 3.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 39f75e058b0ed002fc475232f45a93f0
8ef86552b3d1aeb260a7603915dec049da363978
6b71e51f798a06b773a3e73771659cc3860ff156f857c82eb36182475596c7f1
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7QRjcNhxIrUX5CwpEIKTNmT0mkafT5MPeesl2g4oBxXYiU94xD220eDxoKYAV8e31RXT07IfA
142.250.74.109302 Found 390 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7QRjcNhxIrUX5CwpEIKTNmT0mkafT5MPeesl2g4oBxXYiU94xD220eDxoKYAV8e31RXT07IfA
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 11f5773181058b168ad812131472b524
7d24cb05f7c5b445adcbe829d42457a1fec71694
d867add101bf1f08efab2be5cd1d3ecf7fdcc4fb98ecbc3deb54fc77e17118d7
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7QRjcNhxIrUX5CwpEIKTNmT0mkafT5MPeesl2g4oBxXYiU94xD220eDxoKYAV8e31RXT07IfA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 07:41:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-888831677%3A1680248487404972&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7S7zJ3ZTdLkfn5vE5dZpHjpbcAaUnpugVrhdJKu3yvzrOJSpgh-pOgSyE6dkw2HSkO1uFTWog&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-QSN_NaOXZGdhP1JEKG68WA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:-sv3B1C8HXSZIVoTI5BFXitfxexuOQ:6jI2I2_ZCsFgSlvV;Path=/;Expires=Sun, 30-Mar-2025 07:41:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SMgMmInchnqMQTvYqrHL3M5HsVqE-_WgC3aC4QPehh9yuXe02wLyl3BP3BNtN0m08ArS1VVw
142.250.74.109302 Found 399 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SMgMmInchnqMQTvYqrHL3M5HsVqE-_WgC3aC4QPehh9yuXe02wLyl3BP3BNtN0m08ArS1VVw
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 70a3191eb8af57267cbf2289e5b1e300
82669bee666ae7faa003359db40a620c75536538
387a4d9862b57c1c83f0d50d6ad8e38cdef7d1a6923439c683f5462de1974c42
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SMgMmInchnqMQTvYqrHL3M5HsVqE-_WgC3aC4QPehh9yuXe02wLyl3BP3BNtN0m08ArS1VVw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 07:41:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-49760984%3A1680248487430987&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SLFa791kttKR7J7OyxBAlA72Pz554af2nmVa9FaMGxKV4sTF-XoHv7YARvWqXo5gqAGT0AlQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-4nQ-i1XTVS-LEiaH9WQARw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
set-cookie: __Host-GAPS=1:scl9YXON_RKWWJxdF2zRqxvJ0yDcDQ:JTjtDYuqeJbuh0gt;Path=/;Expires=Sun, 30-Mar-2025 07:41:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680248486865
172.67.74.36200 OK 29 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680248486865
IP 172.67.74.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5343), with no line terminators
Hash 5386ce65ed4f59e09ea9f9f50eb2e667
89cc29cae19c16b760af3c27e9a125662d6c5811
0a592430c945c42c3722d9b99ae64ae6021c1e62cf6895d8c7287313fe38dfad
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680248486865 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7POAoTsXfQCod33kU3NqQdxGfp4aVuVEJAUxZXiWVjSZ%2BkOZtmsz4y21LFmwsJwcC5RxDouuwLts2LNLYsOD28QsNq6AFC%2FRSjdYYSWu8OgZdsV8N31V4v21nmLRkErPW5uOyxn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f3340a8db503-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bccde084c491a04e52752f2af1e16d
5a7a761608a0d79d383e104a0455f76bb0d2248e
aed5aade370f65d015700850f0a3a80c5f47066e82d200f5cf1d2d44657388dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:41:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.h12-media.com/load2.js
154.51.131.153200 OK 98 kB URL HTTP/2 tags.h12-media.com/load2.js
IP 154.51.131.153:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1311503caf375d06370a384ecef418e5
a23aabf3dbac3f7fb01214ce3207e02bc154ca1b
8c9bb962a26fc8dec871e0a13156ea5e96f5bfa8703ce574f8e6dae49b0d1675
GET /load2.js HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 10 Dec 2022 17:21:25 GMT
accept-ranges: bytes
etag: "d458c1d4bbcd91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 31 Mar 2023 07:41:26 GMT
content-length: 98135
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ce7308102e0dd738be581569aab3c18f
1cad180ddadf6b3f9da7cddb50f6b8295128553d
1927bf86d6f33ee13042472aadda4133d65bc9535025c5f8a36dc76dfbaa6012
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5997
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:41:27 GMT
Last-Modified: Fri, 31 Mar 2023 06:01:30 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
vingartistictaste.com/utx?cb=5WfgM9LMkqCL&top=megaup.net&tid=764141
108.157.229.47204 No Content 0 B URL HTTP/2 vingartistictaste.com/utx?cb=5WfgM9LMkqCL&top=megaup.net&tid=764141
IP 108.157.229.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=5WfgM9LMkqCL&top=megaup.net&tid=764141 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 07:41:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 31 Mar 2023 07:42:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: exU-cF5SBQOdOVmwXy3pzGxnFkKxv340hCRsvC8XvQDqqApkDLTSDQ==
X-Firefox-Spdy: h2
vingartistictaste.com/utx?cb=z4RTkdhrliCb&top=megaup.net&tid=876318
108.157.229.47204 No Content 0 B URL HTTP/2 vingartistictaste.com/utx?cb=z4RTkdhrliCb&top=megaup.net&tid=876318
IP 108.157.229.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=z4RTkdhrliCb&top=megaup.net&tid=876318 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 07:41:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 31 Mar 2023 07:42:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: XIY0MDcJndV6TfUcIEc7NbM3xvzG0VwF3bGlSEhQpBpwgcY9kFx4TA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/lbU9PY24OICEFURkmK15ZW3t+V19LJTwMAB1yKS0PXgMJDhQiCxxQJFQXeUUaFytyU0gBLiEEU0sqIQBTXGkuBwxQe2kXHgIkcgsBGiYtGgYEKSVFGwxyIgwUBCMjAktfCXpNXkh9f0sZBCErDBkean1TABlqfVNfXWF/Rl0van1TGQQheVdLXg1qUV4VeX-tGXS9qfVMcG2p8Il9demFTR0h9fwQLDiQgRlwrfX9SXl1+f1JLX38pChwIKSAbS18JflNbQ39pFlNc
13.33.189.59200 OK 622 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/lbU9PY24OICEFURkmK15ZW3t+V19LJTwMAB1yKS0PXgMJDhQiCxxQJFQXeUUaFytyU0gBLiEEU0sqIQBTXGkuBwxQe2kXHgIkcgsBGiYtGgYEKSVFGwxyIgwUBCMjAktfCXpNXkh9f0sZBCErDBkean1TABlqfVNfXWF/Rl0van1TGQQheVdLXg1qUV4VeX-tGXS9qfVMcG2p8Il9demFTR0h9fwQLDiQgRlwrfX9SXl1+f1JLX38pChwIKSAbS18JflNbQ39pFlNc
IP 13.33.189.59:0
File type ASCII text, with very long lines (852), with no line terminators
Hash e9aaffe04c26833fdf36f11245e4069b
652fa729f56f28d1dd691d5ec65d46013b469d1e
ebdfedfae0453055e058b6aade567e065878887bf8ae77b43c02ed9f13c98fcf
GET /lbU9PY24OICEFURkmK15ZW3t+V19LJTwMAB1yKS0PXgMJDhQiCxxQJFQXeUUaFytyU0gBLiEEU0sqIQBTXGkuBwxQe2kXHgIkcgsBGiYtGgYEKSVFGwxyIgwUBCMjAktfCXpNXkh9f0sZBCErDBkean1TABlqfVNfXWF/Rl0van1TGQQheVdLXg1qUV4VeX-tGXS9qfVMcG2p8Il9demFTR0h9fwQLDiQgRlwrfX9SXl1+f1JLX38pChwIKSAbS18JflNbQ39pFlNc HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 622
date: Fri, 31 Mar 2023 07:41:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 51db80ac6a80e49e38b5e898f946de1e.cloudfront.net (CloudFront)
x-amz-cf-pop: TPE52-C1
x-amz-cf-id: 900NCd7TDLrwQuQyt_X3iQ1UbgFFa1h_a1k3ZNS2baIDXnx520piqQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/pZ3VWOXAEGjhfTxMcMgRHUURnAUZBHyVWHhdIGVcbBk07WikOJAQfBB0RawlWCxQ4Xk1BEDhaTVZTN10SWkFwTQAIHmtRHxAcNEAYDhM8HwUGSDtWCg4ZOlhVVTNjF0BCR2YRBw4bMlYHFFBkCR4TUGQJQVdbZhxDJVBkCQcOG2ANVVQ3cwtAH0NiHEMlUG-QJAhFQZXhBV0B4CVlCR2ZeFQQeORxCIUdmCEBXRGYIVVVFMFACAhM5QVVVM2cJRUlFcExNVg
13.33.189.59200 OK 611 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/pZ3VWOXAEGjhfTxMcMgRHUURnAUZBHyVWHhdIGVcbBk07WikOJAQfBB0RawlWCxQ4Xk1BEDhaTVZTN10SWkFwTQAIHmtRHxAcNEAYDhM8HwUGSDtWCg4ZOlhVVTNjF0BCR2YRBw4bMlYHFFBkCR4TUGQJQVdbZhxDJVBkCQcOG2ANVVQ3cwtAH0NiHEMlUG-QJAhFQZXhBV0B4CVlCR2ZeFQQeORxCIUdmCEBXRGYIVVVFMFACAhM5QVVVM2cJRUlFcExNVg
IP 13.33.189.59:0
File type ASCII text, with very long lines (847), with no line terminators
Hash 57eaf136c5d39b228f8d435413b2c71f
c73cbe0ce913aa446cecc49b4cfee39aa64f33c1
44abc5cef698c362f4e20edf75df45db12900151e39484bdd68998c02b4d3e44
GET /pZ3VWOXAEGjhfTxMcMgRHUURnAUZBHyVWHhdIGVcbBk07WikOJAQfBB0RawlWCxQ4Xk1BEDhaTVZTN10SWkFwTQAIHmtRHxAcNEAYDhM8HwUGSDtWCg4ZOlhVVTNjF0BCR2YRBw4bMlYHFFBkCR4TUGQJQVdbZhxDJVBkCQcOG2ANVVQ3cwtAH0NiHEMlUG-QJAhFQZXhBV0B4CVlCR2ZeFQQeORxCIUdmCEBXRGYIVVVFMFACAhM5QVVVM2cJRUlFcExNVg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 611
date: Fri, 31 Mar 2023 07:41:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 51db80ac6a80e49e38b5e898f946de1e.cloudfront.net (CloudFront)
x-amz-cf-pop: TPE52-C1
x-amz-cf-id: tThz4_TXjo6_DjszK8d_wLsO3vbNkLhCZ0D9rgj7OOUwWHUOTdtIZA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/LekR1d2EZKxsRXg4tEUpZSHFMRlBcLgYYDwp5OzQxPSMxOxUTBwUVRw4+EUpRXCgUGQZHYhAZAkd1UxYFGHlBURUKKx5KFBQgEBEIFCERURQbeRgYGxMoGRZESAJAWVFfdkVfFhMqERgWCWFHRw8OYUdHUEpqRVJSOGFHRxYTKkNDREkGUEVRAnJBUlI4YU-dHEwxhRjZQSnFbR0hfdkUQBBkvGlJTPHZFRlFKdUVGREh0Ex4THyIaD0RIAkRHVFR0UwJcSw
13.33.189.59200 OK 373 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/LekR1d2EZKxsRXg4tEUpZSHFMRlBcLgYYDwp5OzQxPSMxOxUTBwUVRw4+EUpRXCgUGQZHYhAZAkd1UxYFGHlBURUKKx5KFBQgEBEIFCERURQbeRgYGxMoGRZESAJAWVFfdkVfFhMqERgWCWFHRw8OYUdHUEpqRVJSOGFHRxYTKkNDREkGUEVRAnJBUlI4YU-dHEwxhRjZQSnFbR0hfdkUQBBkvGlJTPHZFRlFKdUVGREh0Ex4THyIaD0RIAkRHVFR0UwJcSw
IP 13.33.189.59:0
File type ASCII text, with very long lines (480), with no line terminators
Hash 8bc6ec9a7f7963e4d0ee32a23e76f584
4ab2a14bce177f41dda099c8a327beb28f3b20b2
977ac112ef09f865f476440b10f536300ca82fee49f7651a191597e06d30e464
GET /LekR1d2EZKxsRXg4tEUpZSHFMRlBcLgYYDwp5OzQxPSMxOxUTBwUVRw4+EUpRXCgUGQZHYhAZAkd1UxYFGHlBURUKKx5KFBQgEBEIFCERURQbeRgYGxMoGRZESAJAWVFfdkVfFhMqERgWCWFHRw8OYUdHUEpqRVJSOGFHRxYTKkNDREkGUEVRAnJBUlI4YU-dHEwxhRjZQSnFbR0hfdkUQBBkvGlJTPHZFRlFKdUVGREh0Ex4THyIaD0RIAkRHVFR0UwJcSw HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 373
date: Fri, 31 Mar 2023 07:41:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 51db80ac6a80e49e38b5e898f946de1e.cloudfront.net (CloudFront)
x-amz-cf-pop: TPE52-C1
x-amz-cf-id: r95u7fbjzUt3uMt7m-Oo6Hhl6fni-SrWl4D-xgaEfaw2P720rBr2NQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/pYThvU2cCVwE1WBVRC25fVg5cYl9HUhw8CREFLR1WD0kNOw4GdEknHQUFX3ULAFYIbkEEVgxuVkdZCzFaVR4bIwgKBQc8EAhaFjsOB1JJJgZcVQApDg1UDnZVJw1BY0JTCEckDg9cACQURApfPRNECl9iV08ISmAlRApfJA4PDlt2VCMdXWMfVwxKYCVECl-8hEUQLLmJXVBZfekJTCAg2BApXSmEhUwheY1dQCF52VVFeBiECB1cXdlUnCV9mSVEeGm5W
13.33.189.59200 OK 456 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/pYThvU2cCVwE1WBVRC25fVg5cYl9HUhw8CREFLR1WD0kNOw4GdEknHQUFX3ULAFYIbkEEVgxuVkdZCzFaVR4bIwgKBQc8EAhaFjsOB1JJJgZcVQApDg1UDnZVJw1BY0JTCEckDg9cACQURApfPRNECl9iV08ISmAlRApfJA4PDlt2VCMdXWMfVwxKYCVECl-8hEUQLLmJXVBZfekJTCAg2BApXSmEhUwheY1dQCF52VVFeBiECB1cXdlUnCV9mSVEeGm5W
IP 13.33.189.59:0
File type ASCII text, with very long lines (598), with no line terminators
Hash 9090502f9d58ff2d58f08a2304ddb8ae
d9d9cdc719a05939378879243a8aeb3359960726
be891382834f2b29e2aa146f2829fcdd5985f0265790eb36821fe273bf107eb0
GET /pYThvU2cCVwE1WBVRC25fVg5cYl9HUhw8CREFLR1WD0kNOw4GdEknHQUFX3ULAFYIbkEEVgxuVkdZCzFaVR4bIwgKBQc8EAhaFjsOB1JJJgZcVQApDg1UDnZVJw1BY0JTCEckDg9cACQURApfPRNECl9iV08ISmAlRApfJA4PDlt2VCMdXWMfVwxKYCVECl-8hEUQLLmJXVBZfekJTCAg2BApXSmEhUwheY1dQCF52VVFeBiECB1cXdlUnCV9mSVEeGm5W HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 456
date: Fri, 31 Mar 2023 07:41:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 51db80ac6a80e49e38b5e898f946de1e.cloudfront.net (CloudFront)
x-amz-cf-pop: TPE52-C1
x-amz-cf-id: YmAv6vSNQH20H6SLIyJChEAdhAu4vDI8mjG6VBcAkiXtwe6-W1eAFw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/LUTY3cXUyWVkXSiVfU0xMZQ8PR0F3XEQeGyELdkkWNgUCCwUacXNXAStSCkFTPVdZFkh3U1kSSGAQVhUXbAIRBBRsW1gLHD1aVlRHFwMZQVBjBh8GHD9SWAYGdAQHHwF0BAdARX8GEkI3dAQHBhw/AANURhMTBUENZwISQjd0BAcDA3QFdkBFZBgHWFBjBl-AUFjpZEkMzYwYGQUVgBgZUR2FQXgMQN1lPVEcXBwdEW2EQQkxE
13.33.189.59200 OK 194 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/LUTY3cXUyWVkXSiVfU0xMZQ8PR0F3XEQeGyELdkkWNgUCCwUacXNXAStSCkFTPVdZFkh3U1kSSGAQVhUXbAIRBBRsW1gLHD1aVlRHFwMZQVBjBh8GHD9SWAYGdAQHHwF0BAdARX8GEkI3dAQHBhw/AANURhMTBUENZwISQjd0BAcDA3QFdkBFZBgHWFBjBl-AUFjpZEkMzYwYGQUVgBgZUR2FQXgMQN1lPVEcXBwdEW2EQQkxE
IP 13.33.189.59:0
File type ASCII text, with no line terminators
Hash a777e60848860804c81d49d7e9746f6e
c1dad7fbee5e4e1a902beff2c414c404dc031e36
11e4989eb0f69d26ce2eb2af5cde49a9cb4a7c32b0af9be7df907da574a80a38
GET /LUTY3cXUyWVkXSiVfU0xMZQ8PR0F3XEQeGyELdkkWNgUCCwUacXNXAStSCkFTPVdZFkh3U1kSSGAQVhUXbAIRBBRsW1gLHD1aVlRHFwMZQVBjBh8GHD9SWAYGdAQHHwF0BAdARX8GEkI3dAQHBhw/AANURhMTBUENZwISQjd0BAcDA3QFdkBFZBgHWFBjBl-AUFjpZEkMzYwYGQUVgBgZUR2FQXgMQN1lPVEcXBwdEW2EQQkxE HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 194
date: Fri, 31 Mar 2023 07:41:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 51db80ac6a80e49e38b5e898f946de1e.cloudfront.net (CloudFront)
x-amz-cf-pop: TPE52-C1
x-amz-cf-id: 0OEZEvAyTh7OA0ZpN_U_1bJB_iw9YzHsOlfCYC0HDunrZvGO8x5FKA==
X-Firefox-Spdy: h2
theharityhild.buzz/ekRiaTgBZhEeZw82DksCWCwWHUgJfk1GVR8jAxxIVCoHHRcJM0wDS1hoQBpVHGZYWBRYNw8fGkBmVkcLWGhAHVkdGwsNGkBmWloKTHdRSxRYNxcLZxMgUEsCWCJaWgsZdFYLFUwhUgsVTiAAWRVDcFpeFRxyBwxdGSEBClsZIUAU
52.20.131.174502 Bad Gateway 0 B URL HTTP/2 theharityhild.buzz/ekRiaTgBZhEeZw82DksCWCwWHUgJfk1GVR8jAxxIVCoHHRcJM0wDS1hoQBpVHGZYWBRYNw8fGkBmVkcLWGhAHVkdGwsNGkBmWloKTHdRSxRYNxcLZxMgUEsCWCJaWgsZdFYLFUwhUgsVTiAAWRVDcFpeFRxyBwxdGSEBClsZIUAU
IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ekRiaTgBZhEeZw82DksCWCwWHUgJfk1GVR8jAxxIVCoHHRcJM0wDS1hoQBpVHGZYWBRYNw8fGkBmVkcLWGhAHVkdGwsNGkBmWloKTHdRSxRYNxcLZxMgUEsCWCJaWgsZdFYLFUwhUgsVTiAAWRVDcFpeFRxyBwxdGSEBClsZIUAU HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: e601af39ede43a6a540c1d604d009886=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
13.33.189.59200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 13.33.189.59:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Fri, 31 Mar 2023 07:41:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 51db80ac6a80e49e38b5e898f946de1e.cloudfront.net (CloudFront)
x-amz-cf-pop: TPE52-C1
x-amz-cf-id: YVwOcH7hF7VD40KbYgcuE-vXTX8sliaYpGRtPOruHV0p3k_Mwi8Bqg==
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
176.9.77.232200 OK 504 kB URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 176.9.77.232:0
ASN #24940 Hetzner Online GmbH
Size 504 kB (504340 bytes)
Hash bdedcb98c4e95cc37871edab626a8e5b
b321175b9de828d6da160ecd8d05dd752e6847c7
1a2facad1cfbbba18c23b13fa0466cbfcedde1a81aa78111cbaf194eca9e6e94
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
95.211.229.246200 OK 861 B URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1184), with no line terminators
Hash d8917d3284896d76d926fdc9e55d5a05
464ed539d10e2017a045fe91cdbe5b0988023529
cee0afb83d9fa555f177721a1e7096b5053906b805359f3434f0d610666f7e29
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 343
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 07:41:27 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2264268ea78763d7.883686402360031999%22%3B%7D; expires=Sun, 30-Mar-2025 07:41:27 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.205.35200 OK 16 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.205.35:0
Hash a639afa816ac8dcd3211a3cae09c6f18
de960b376b164f095cefa4502f1b14fc75420cb4
05210f771b4d68cca289ffcab24274317e9749bce0962181cd5655efe13a7108
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: it3WzFfzdfgnE9+RPPN6j3ftWMNXwIFsnQ4/0wi8TWs0rWeQTLcaOKphoRKTNhA+XDLIAcfZ6qXSPjglP1nFng==
date: Fri, 31 Mar 2023 07:41:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 116 kB IP 172.64.132.29:0
Size 116 kB (115624 bytes)
Hash 527f8bd920b8bdc9802ccf69e92249aa
bd10b0c337e496649783bccc61f7b97ce596964f
b5df6735d5a6f8d7dbbe4ec313ec14267323d28b6cd460966770acc9166a690e
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2673
last-modified: Fri, 31 Mar 2023 06:56:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDh15e9ltvzGYa2S7tGuajcdzfWZpTJWzkIE2IX%2B42idmKbdi4%2FFkGAF7fK78Pgwf3%2B93tGbog5YlhQO6mWIGeIBOSEcx%2BXMl9aRWHR78hvImmqkEtFEYnYdKXwRbZEI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b06f33669467198-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vingartistictaste.com/multi?cs=cjJRT0pEBGl5ckALZ3x%2BRQJpf3M&abt=0&red=1&sm=76&k=download%20file%20last%20part%20update%20rune&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_GfQ0=1680248487412&crc=1
108.157.229.47200 OK 1.6 kB URL HTTP/2 vingartistictaste.com/multi?cs=cjJRT0pEBGl5ckALZ3x%2BRQJpf3M&abt=0&red=1&sm=76&k=download%20file%20last%20part%20update%20rune&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_GfQ0=1680248487412&crc=1
IP 108.157.229.47:0
File type ASCII text, with very long lines (3319), with no line terminators
Hash b661a3e1f9886f023269aa0a9805e8a2
7d7b86756bfdceea7e8aebe08cf27d99e4be0618
66a5605cea1cafa20ad6b3dba7b10918bbc348b1c2acabc8f5050973265abd0f
GET /multi?cs=cjJRT0pEBGl5ckALZ3x%2BRQJpf3M&abt=0&red=1&sm=76&k=download%20file%20last%20part%20update%20rune&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_GfQ0=1680248487412&crc=1 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1635
date: Fri, 31 Mar 2023 07:41:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=67e28f19-a7fd-4ee2-9373-e1d9d079ac4a
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: ILTiazwEl9Nlyk5Y-HEmkPI2kHW-xkcNlgiHBrMklqueYKHTPiHiiA==
X-Firefox-Spdy: h2
theharityhild.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 353
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/173290/aa68fc7c6a0638701bbb72f7992e1094895ec2ff.webp
185.76.9.25200 OK 11 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/173290/aa68fc7c6a0638701bbb72f7992e1094895ec2ff.webp
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3c995f51d1e127f1154682cc250ebf0d
aa68fc7c6a0638701bbb72f7992e1094895ec2ff
a1ec6a07b965a746b10df04adfb7f578760762fa2e9ad3f7626a58286a44edf8
GET /library/173290/aa68fc7c6a0638701bbb72f7992e1094895ec2ff.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:28 GMT
content-type: image/webp
content-length: 11058
last-modified: Thu, 04 Nov 2021 10:05:55 GMT
etag: "6183b083-2b32"
expires: Wed, 25 Oct 2023 04:40:35 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRSdg+v/SWmWAA
x-77-nzt-ray: af5856304c0b21f5a88e26646a731200
x-accel-expires: @1701927135
x-cache: HIT
x-age: 9857353
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:28 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b06f33aadc9b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vingartistictaste.com/floater?cs=ZVVJZkZSYHhXdV1nflR1VGJ9VHU&abt=0&red=1&sm=83&k=download%20file%20last%20part%20update%20rune&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_UBIV=1680248487409&crc=1
108.157.229.47200 OK 5.0 kB URL HTTP/2 vingartistictaste.com/floater?cs=ZVVJZkZSYHhXdV1nflR1VGJ9VHU&abt=0&red=1&sm=83&k=download%20file%20last%20part%20update%20rune&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_UBIV=1680248487409&crc=1
IP 108.157.229.47:0
File type ASCII text, with very long lines (7191), with no line terminators
Hash e0f104f2c72d0187eb56c8c311d03e01
180af33c0c9c0457ad3942a953d4da0c2a187e90
66007f49dbd7443db813c82d130b5b4b98fa6e006d8e936bc53d683ed0666ad3
GET /floater?cs=ZVVJZkZSYHhXdV1nflR1VGJ9VHU&abt=0&red=1&sm=83&k=download%20file%20last%20part%20update%20rune&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_UBIV=1680248487409&crc=1 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 4951
date: Fri, 31 Mar 2023 07:41:28 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=a5cb1642-91d4-4028-abce-149ba48bc024
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: jgOxJr5siYL8HzSLZjQMm5UrJAoO-xFblIZzjKiJLoZ9m6ioy83NKA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 88c13c4b60ee9b78d532e463858fc5cd
478c0d74b4be2d1154d69c8aedb93e374281f19c
76207d5f63bbe6efeb7457e722e95f5dc26a2af5806d9c49dba680463ac2fabe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76207D5F63BBE6EFEB7457E722E95F5DC26A2AF5806D9C49DBA680463AC2FABE"
Last-Modified: Wed, 29 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11049
Expires: Fri, 31 Mar 2023 10:45:37 GMT
Date: Fri, 31 Mar 2023 07:41:28 GMT
Connection: keep-alive
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
xixhcm1vvda8.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 xixhcm1vvda8.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xixhcm1vvda8.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:28 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
theharityhild.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1; _ga=GA1.2.1881854737.1680248487; _gid=GA1.2.289397429.1680248487; _gat_gtag_UA_108868042_1=1; a=T1bqBMOs2Eqzv613JAFXQ0M8fRS1PkT9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:28 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 844cb76d84e051ab3709ed690f0cce4a
8b0c3757d4e692acca542fefc6109986ae546f61
6eea12aaeada523c06d1ec7532a8a3d652e07701e04ed825e9f9f3b62da2fcfd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6EEA12AAEADA523C06D1EC7532A8A3D652E07701E04ED825E9F9F3B62DA2FCFD"
Last-Modified: Wed, 29 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4025
Expires: Fri, 31 Mar 2023 08:48:33 GMT
Date: Fri, 31 Mar 2023 07:41:28 GMT
Connection: keep-alive
xixhcm1vvda8.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 xixhcm1vvda8.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xixhcm1vvda8.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:28 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 132 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash eec55d69983867cc28a3a72a84d17955
0f035e9f1c26cbbc31139e7c04fd77db5bd0f4bf
51acf53f932b59f6d45678e8386e668350816403212aeecc4331655dcafdc789
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Length: 2035
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
engine.4dsply.com/verify?sig=BAYAZCaOqAFkJo6ogAGBAcAAIIdZ8e6-INjspGNOl2_ol8xG1iZHPD2YDKA8yGJ2URE8wQAgUllj9pLzAdtOCQ-t0LuYaPaJt72KRToluLwFlkDAsX0
104.16.159.17200 OK 17 B URL HTTP/2 engine.4dsply.com/verify?sig=BAYAZCaOqAFkJo6ogAGBAcAAIIdZ8e6-INjspGNOl2_ol8xG1iZHPD2YDKA8yGJ2URE8wQAgUllj9pLzAdtOCQ-t0LuYaPaJt72KRToluLwFlkDAsX0
IP 104.16.159.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f9bf086d73f8b7cc483324aedb224ed0
be03b282679354a90df7b59b4c92da6e8caeaccc
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
GET /verify?sig=BAYAZCaOqAFkJo6ogAGBAcAAIIdZ8e6-INjspGNOl2_ol8xG1iZHPD2YDKA8yGJ2URE8wQAgUllj9pLzAdtOCQ-t0LuYaPaJt72KRToluLwFlkDAsX0 HTTP/1.1
Host: engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:28 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
x-adscore-status: bot
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b06f33f2b660b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 94b9360d6bed8d7f7d31351dd3928ab9
c770bda52fa3e973c714ce02c1897a0215622f7c
1a156d2762988df93aa0cd4312ac5c2e225863d62e6d01ad123a3d03c76d8cf2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A156D2762988DF93AA0CD4312AC5C2E225863D62E6D01AD123A3D03C76D8CF2"
Last-Modified: Wed, 29 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1806
Expires: Fri, 31 Mar 2023 08:11:34 GMT
Date: Fri, 31 Mar 2023 07:41:28 GMT
Connection: keep-alive
tags.h12-media.com/v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2228061%22%2C%22topurl%22%3A%22https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22k92ayft4uli%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A7%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C898%5D%2C%22ddims%22%3A%5B1280%2C898%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B643%2C518%5D%2C%22pwidth%22%3A%5B100%2C0%2C1170%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C0%2C256%2C286%2C505%2C550%2C790%5D%2C%22maxwidth%22%3A1280%2C%22maxheight%22%3A898%7D&rnd=0.8429188827748921
154.51.131.153200 OK 25 kB URL HTTP/2 tags.h12-media.com/v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2228061%22%2C%22topurl%22%3A%22https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22k92ayft4uli%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A7%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C898%5D%2C%22ddims%22%3A%5B1280%2C898%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B643%2C518%5D%2C%22pwidth%22%3A%5B100%2C0%2C1170%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C0%2C256%2C286%2C505%2C550%2C790%5D%2C%22maxwidth%22%3A1280%2C%22maxheight%22%3A898%7D&rnd=0.8429188827748921
IP 154.51.131.153:0
File type ISO-8859 text, with very long lines (10181), with CRLF line terminators
Hash 41c03f7bb4f9ff609c2a63d986e14e3c
71217183fd6bce66ae1b1f09ccbb1abe1be1c295
0b0f1e7963ab96f67677252fbb93ef0c32e07577949c9c53a513efe86b97441b
GET /v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2228061%22%2C%22topurl%22%3A%22https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%22k92ayft4uli%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A7%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1280%2C898%5D%2C%22ddims%22%3A%5B1280%2C898%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B643%2C518%5D%2C%22pwidth%22%3A%5B100%2C0%2C1170%2C1280%5D%2C%22pheight%22%3A%5Bnull%2C0%2C256%2C286%2C505%2C550%2C790%5D%2C%22maxwidth%22%3A1280%2C%22maxheight%22%3A898%7D&rnd=0.8429188827748921 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: 7thMile=a552a468%2Da817%2D4676%2Db10c%2Db4343357d213; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin:
srg-x: x-.187
x-powered-by: ARR/3.0
date: Fri, 31 Mar 2023 07:41:28 GMT
content-length: 25000
X-Firefox-Spdy: h2
xixhcm1vvda8.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 xixhcm1vvda8.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xixhcm1vvda8.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:29 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 817f973b08ee5d5f9c4c947e6e7ceb40
d0c53d82d95f1a5412b3827a870bd77112848872
5c438cb7eb0df827d4093a1be7b89e674aa4bc886c2859501a6b78c1895f0cfc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C438CB7EB0DF827D4093A1BE7B89E674AA4BC886C2859501A6B78C1895F0CFC"
Last-Modified: Thu, 30 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21228
Expires: Fri, 31 Mar 2023 13:35:17 GMT
Date: Fri, 31 Mar 2023 07:41:29 GMT
Connection: keep-alive
bidder.h12-media.com/prebid/default.asp?payload=5SpCaXnGXLZHOw9dziA1zJD9dF70xpqGLeM4gTioqOUSG82O6LrO9IVMTEyQ0Ryuxi0hHioLxZjJrRJT9bibqS20jLCXpN04aAWnRjJZnlUpks7CX0MeCWis-l61o-Wnmd-XWjJN-pIKozvDq4_iHKfNbNKg0zp_sMJvck75CXOxaqnIzSuv7GDHhzbk2qbrjEfitB8NBb5RLh9sBlfZbmpH1YMFSYoNMu5ZJl9nUI6Urv19DZpOvwQzFuvruHXNfKOSMlstnC7-vDmjGQad6uZnEWOtljcpXUPIkMWrYyHPRsAOSlCXKPv0ylVMd1cUaI5WYnblfOK6UG4Z4ZHI0wz_12ecP0m4HrItpyHcxmhN3EKQMoZTUhaOeXrxF41TXP6umol8eCjKcVY51f-9Z1dLO0Gnl1d-8VK37Nde9zm_zY3mT_Zfs3YLvW3SHWvz-70
154.51.131.153200 OK 3.1 kB URL HTTP/2 bidder.h12-media.com/prebid/default.asp?payload=5SpCaXnGXLZHOw9dziA1zJD9dF70xpqGLeM4gTioqOUSG82O6LrO9IVMTEyQ0Ryuxi0hHioLxZjJrRJT9bibqS20jLCXpN04aAWnRjJZnlUpks7CX0MeCWis-l61o-Wnmd-XWjJN-pIKozvDq4_iHKfNbNKg0zp_sMJvck75CXOxaqnIzSuv7GDHhzbk2qbrjEfitB8NBb5RLh9sBlfZbmpH1YMFSYoNMu5ZJl9nUI6Urv19DZpOvwQzFuvruHXNfKOSMlstnC7-vDmjGQad6uZnEWOtljcpXUPIkMWrYyHPRsAOSlCXKPv0ylVMd1cUaI5WYnblfOK6UG4Z4ZHI0wz_12ecP0m4HrItpyHcxmhN3EKQMoZTUhaOeXrxF41TXP6umol8eCjKcVY51f-9Z1dLO0Gnl1d-8VK37Nde9zm_zY3mT_Zfs3YLvW3SHWvz-70
IP 154.51.131.153:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (3076), with no line terminators
Hash 5d49f3d2b1fd51b4742c4a8e7140b2b7
f62dfeaa13481e625396dd94cb35130ab43fffb6
69dbd83f29fa553481e0725064202a479eb3ea223d42f04e0bcdc63b1fa990eb
POST /prebid/default.asp?payload=5SpCaXnGXLZHOw9dziA1zJD9dF70xpqGLeM4gTioqOUSG82O6LrO9IVMTEyQ0Ryuxi0hHioLxZjJrRJT9bibqS20jLCXpN04aAWnRjJZnlUpks7CX0MeCWis-l61o-Wnmd-XWjJN-pIKozvDq4_iHKfNbNKg0zp_sMJvck75CXOxaqnIzSuv7GDHhzbk2qbrjEfitB8NBb5RLh9sBlfZbmpH1YMFSYoNMu5ZJl9nUI6Urv19DZpOvwQzFuvruHXNfKOSMlstnC7-vDmjGQad6uZnEWOtljcpXUPIkMWrYyHPRsAOSlCXKPv0ylVMd1cUaI5WYnblfOK6UG4Z4ZHI0wz_12ecP0m4HrItpyHcxmhN3EKQMoZTUhaOeXrxF41TXP6umol8eCjKcVY51f-9Z1dLO0Gnl1d-8VK37Nde9zm_zY3mT_Zfs3YLvW3SHWvz-70 HTTP/1.1
Host: bidder.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1153
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: 7thMile=a552a468%2Da817%2D4676%2Db10c%2Db4343357d213
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/json; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: 7thMile=4d37d7bb%2D9b01%2D4e7f%2D9568%2Dc3762ff15964; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
srg-x: x-.178
procadsent: 0.0625
x-powered-by: ASP.NET, ARR/3.0
date: Fri, 31 Mar 2023 07:41:29 GMT
content-length: 3099
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1526
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Fri, 31 Mar 2023 07:41:29 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
set-cookie: X-Contour-Session-Affinity="3df554524b927a64"; Path=/; HttpOnly
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 314 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash dbdbaf18597d885c3615068e728dd0ec
32263a37bd38997558bfb893b6d67d6992c02e09
e0f16fae643fb5a5b27d064aac48c6e48977261e65ec8725017003c71cf14c9a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:29 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 17:15:14 GMT
Expires: Tue, 04 Apr 2023 17:15:13 GMT
Etag: "32263a37bd38997558bfb893b6d67d6992c02e09"
Cache-Control: max-age=379423,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b06f344bb3e0b3d-OSL
ghb.adtelligent.com/v2/auction/
185.239.173.226200 OK 1.1 kB URL HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP 185.239.173.226:0
File type JSON data\012- , ASCII text, with very long lines (3091), with no line terminators
Hash bcb6a926708c5cdf21558694e987f0bd
ea325b69f494ecbd016aca86c87d1b3942037673
359ac345272bb40a3ffbab2106f795e892494fba3a5c6769bc0f1cc23cb912c1
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 853
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 31 Mar 2023 07:41:29 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1099
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
widgets.outbrain.com/outbrain.js
2.18.173.74200 OK 72 kB URL HTTP/2 widgets.outbrain.com/outbrain.js
IP 2.18.173.74:0
File type ASCII text, with very long lines (1610)
Hash ab183a0a7fdfe7c58bb5460e0795f04f
1de49abf1403d60d0db2a44fe87f77c54d936ada
7ee7da86f8ecc93bf1ce58071cb70dd266dc5c19dbdf5f7f08e66c1a73b22605
GET /outbrain.js HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 72296
x-traceid: f9cb5aeb56caaea2c51c56e4c2af0727
etag: "13-RfWCJFN6w10LTTqXCMiMczkMP/k"
last-modified: Tue, 28 Mar 2023 09:20:26 GMT
cache-control: max-age=14500
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 31 Mar 2023 07:41:29 GMT
edge-cache-tag: widget-cheetah
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
2.18.173.74200 OK 43 B URL HTTP/2 widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
IP 2.18.173.74:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /widget/detect/px.gif?ch=1 HTTP/1.1
Host: widget-pixels.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 43
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
tcheck.outbrainimg.com/tcheck/check/bWVnYXVwLm5ldA==
2.18.173.172200 OK 16 B URL HTTP/1.1 tcheck.outbrainimg.com/tcheck/check/bWVnYXVwLm5ldA==
IP 2.18.173.172:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ce08a60aa308225db15c98edf4ae2447
bacf25489bad0312aa2f37fc735fa7e57b2d7306
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
GET /tcheck/check/bWVnYXVwLm5ldA== HTTP/1.1
Host: tcheck.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 16
X-TraceId: 978124122b562e8986213e0ba89925c9
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Cache-Control: max-age=29325
Expires: Fri, 31 Mar 2023 15:50:15 GMT
Date: Fri, 31 Mar 2023 07:41:30 GMT
Connection: keep-alive
Access-Control-Max-Age: 43200
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&idx=0&rand=42258&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1679894&pubImpId=74f820764e55318&px=0&py=0&vpd=0&cnsntv2=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=H12ME1OGI4M4PLMMGPJ01MHAC&version=2010244&sig=TI2UGFHb&apv=false&&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ogn=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
151.101.86.132200 OK 12 kB URL HTTP/2 odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&idx=0&rand=42258&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1679894&pubImpId=74f820764e55318&px=0&py=0&vpd=0&cnsntv2=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=H12ME1OGI4M4PLMMGPJ01MHAC&version=2010244&sig=TI2UGFHb&apv=false&&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ogn=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
IP 151.101.86.132:0
File type Unicode text, UTF-8 text, with very long lines (47687), with no line terminators
Hash 2dff10d0643e1bb71213655366dbd20e
b12d4987d2398791265c2734ae187cf13583dfe5
4491f58627b68aa5f4a4d3e205d6f3fff29f4dcf24a70c5f7eea39e5b2ff7c5c
GET /utils/platforms?contentUrl=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar&idx=0&rand=42258&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1679894&pubImpId=74f820764e55318&px=0&py=0&vpd=0&cnsntv2=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=H12ME1OGI4M4PLMMGPJ01MHAC&version=2010244&sig=TI2UGFHb&apv=false&&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ogn=https%3A%2F%2Fmegaup.net%2F1T6o9%2FThe.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar HTTP/1.1
Host: odb.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
pragma: no-cache
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
set-cookie: obsessionid-p178258=32b17a23-2de0-857d-0000-0187369d4927|0|1; Max-Age=1800; Expires=Fri, 31 Mar 2023 08:11:30 GMT; Path=/; Domain=outbrain.com
obuid=5d424866-bf85-4623-9f5b-817f5611d239; Max-Age=7776000; Expires=Thu, 29 Jun 2023 07:41:30 GMT; Path=/; Domain=outbrain.com
recs_0e09b76906f3d0384655dc8f8e514e9e=0B5129393819A4902139065ACD1; Max-Age=60; Expires=Fri, 31 Mar 2023 07:42:30 GMT; Path=/; Domain=outbrain.com
x-traceid: e117d19992e838cc326368aaaba20726
content-encoding: br
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Fri, 31 Mar 2023 07:41:30 GMT
x-served-by: cache-lga13624-LGA, cache-bma1652-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1680248490.232637,VS0,VE215
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, LGA, BMA, Europe1
content-length: 12366
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=5d424866-bf85-4623-9f5b-817f5611d239
2.18.173.74200 OK 686 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=5d424866-bf85-4623-9f5b-817f5611d239
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5b97ec90c55f5357b412825e5e67525a
7dd2ad14245380a730735d18b06346dcbb7aa254
ee4237548288e67df37898219464bc7bd57bf2eb4238a627dcbbb15815090037
GET /nanoWidget/externals/obUserFrame/test.html?lsd=5d424866-bf85-4623-9f5b-817f5611d239 HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "1e015194a0e596827cb8971f884eb43c:1679997890.05285"
last-modified: Tue, 28 Mar 2023 09:17:03 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
content-length: 686
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/put.html
2.18.173.74200 OK 416 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/put.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c0311cf15c21ddda054005e92fad3f9e
5276eceeb0576cbee82010f611dfd6fd305991f9
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
GET /nanoWidget/externals/cookie/put.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1679997887.217072"
last-modified: Tue, 28 Mar 2023 09:17:03 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/widgetOBUserSync/obUserSync.html
2.18.173.74200 OK 6.1 kB URL HTTP/2 widgets.outbrain.com/widgetOBUserSync/obUserSync.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19460)
Hash a0deb47fce706a3510d91dc6bc095f9b
ae9e49270f51dc7001a645befe31735a294cb064
7ad2fddee52f08e29670d8480bd03e93454797497e3eea2faec69e2900967af5
GET /widgetOBUserSync/obUserSync.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "aaa80e35f63de779238a27102307cdae:1679991752.353208"
last-modified: Tue, 28 Mar 2023 08:16:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
content-length: 6068
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/test.html
2.18.173.74200 OK 610 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/test.html
IP 2.18.173.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48053d50141031b1511dbd30f9a31288
06966364d22a02a4ed89c18c38d6ddfc6de254c6
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
GET /nanoWidget/externals/cookie/test.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1679997887.904184"
last-modified: Tue, 28 Mar 2023 09:17:03 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6ImE3NWYxNTQyNzVlOGE1ZmQ3NGI4ODU3ODY4YzYwMjcxMGE2NWMyY2E1M2JlNTM5YzJkZjlhOGQ1NTI4OWNlMzgiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
2.18.173.172200 OK 8.9 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6ImE3NWYxNTQyNzVlOGE1ZmQ3NGI4ODU3ODY4YzYwMjcxMGE2NWMyY2E1M2JlNTM5YzJkZjlhOGQ1NTI4OWNlMzgiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
IP 2.18.173.172:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd53f73f5ad5d9cf048fc579939ca729
c82a52501928716cbc21006c9e1a8861d94ad915
b661ce2a970b29fc9ad4c823a30ce087739b11f3c26eaea3cf667c20b09bf7e0
GET /transform/v3/eyJpdSI6ImE3NWYxNTQyNzVlOGE1ZmQ3NGI4ODU3ODY4YzYwMjcxMGE2NWMyY2E1M2JlNTM5YzJkZjlhOGQ1NTI4OWNlMzgiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 8878
last-modified: Fri, 31 Mar 2023 02:52:15 GMT
x-traceid: c66984dc5edde9cb825e80d66981ae76
cache-control: max-age=2450880
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6IjhkMTRhN2JmY2RlY2E0MmQzMGU3NTgxMDFlYzlmZmU4ZTA0NzExYzNkOWI3YmZkZTQ0Y2Q4YjQyMGU5ODNkN2EiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
2.18.173.172200 OK 6.0 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6IjhkMTRhN2JmY2RlY2E0MmQzMGU3NTgxMDFlYzlmZmU4ZTA0NzExYzNkOWI3YmZkZTQ0Y2Q4YjQyMGU5ODNkN2EiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
IP 2.18.173.172:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad13cb940634f5286c47b9d62399f25f
ef0c3b44dd09adac2269aa3b5a1bf6a9a055c14c
b199f53f786069fb17d0d682e0aca7e4d04f505ca670012b2a72596c0c06b3a1
GET /transform/v3/eyJpdSI6IjhkMTRhN2JmY2RlY2E0MmQzMGU3NTgxMDFlYzlmZmU4ZTA0NzExYzNkOWI3YmZkZTQ0Y2Q4YjQyMGU5ODNkN2EiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 6000
last-modified: Tue, 21 Feb 2023 12:45:50 GMT
x-traceid: 0ba36710138f9154589fe6a823301cea
cache-control: max-age=1559978
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQPCl6EHIYbwoy2z3TM9tjCMGYRIMxWZLI3oTqqu7d5%2FRUNVXd07ML4qIgOcmoB3Os%2FfYX6irmD5BIrxcZEDIXWdH9FxSF4FFmMmb0Qff78T2Kr9776qPt4oR5KPjxylt6k9KUL7UbXv3FVVJSl7Z%2B%2FXbd9xreufoqqU5wrj6c%2FszgFd9rN7yX6q%2FHoqeXmp7veb7n16%2BQiRM9XJqhoOyw6ze6XiNoNvx2gKFxsEUNltcgByfsGZCcPLn%2B4z2QqKD6316KbS%2FX2cuX%2B0XKc20wkAdvq57SpUJ%2FESamhkQdzLuh7YSxu6eg1cGcNfRgd8oaEU1Y7WcfkTqYU0M02HvELkoRK0TyKZSDCnFagXgFoT8EyQcMEBLXb0D1969rU%2FKNRyifohN2%2BuFfoHLCTv%2F2LFT%2Fm4spDeu3dFrkpJXFMHGgYQVaq5AVR8g3Gag8gsg%2FAMmf2NLDa1D93Rs21SDpZrcnqkBJhTQegVuGYvoRQ5HUUGQ19OVxnbe7iectJ1HSaoWBEKLVEqIddmRbtoIw8VCIKb0R8mwEkY4gzBYys4UejWCKj0G2QsEdKHPI7H7YbHd9H7EYX%2FibzQycjuvSbwcBTwQPm8uxiFpREnZagZQyCttxt7WMiMYXzr93%2F433x58iJYaYj%2B%2F%2FMT%2FAKgdVuB1lyMHEYza3HSPz8YXHXesOVjLYnGEgHcqYobQMJWcoiaHMGcqB25OpbVq3L1NbRP7cN%2Be%2B5XZ0vub2dL4WK7adnbCnZ7v5U7yDXnxcTzzRDJNu0GqGQbcbhTJYbnXCjhS%2BDOMglLD07wTIngK3NWzShD336%2B%2FIprKRnyHiR7DpEQS9AF6cBS8d%2BLrDpnKQ%2BjDSusclpQ2h%2B8jyM8g3atvpCXt%2BxqNz987%2FRiuMQ2Yc3qUfGNbSOzs3dcl2b%2BrSsns3spz6tMmn%2BrmV8zx%2B4ss3441SG3n1kh198aqYAtPw8HZs82tcSVJrln11kaSMzRVtRMy%2Bu2pX42ilsOsXC6OK7NrKa1eu9jMTW0taVeD04PLnEDRhZz75ZfYyzn59HmQqmMKhXzxeFUhXENkWbLaoWc1g0kUeZQxl4XZMM1oUp2JIFzsHjxzsf%2FJoEW%2Fb72HJIbfsHwAAAP%2F%2FAQAA%2F%2F9fOH%2FWgwQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1680248487&pid=91283&sub2=icon&auid=d1544afca827ecb3bf8634dddb85e937&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
172.67.159.187307 Temporary Redirect 0 B URL HTTP/2 bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQPCl6EHIYbwoy2z3TM9tjCMGYRIMxWZLI3oTqqu7d5%2FRUNVXd07ML4qIgOcmoB3Os%2FfYX6irmD5BIrxcZEDIXWdH9FxSF4FFmMmb0Qff78T2Kr9776qPt4oR5KPjxylt6k9KUL7UbXv3FVVJSl7Z%2B%2FXbd9xreufoqqU5wrj6c%2FszgFd9rN7yX6q%2FHoqeXmp7veb7n16%2BQiRM9XJqhoOyw6ze6XiNoNvx2gKFxsEUNltcgByfsGZCcPLn%2B4z2QqKD6316KbS%2FX2cuX%2B0XKc20wkAdvq57SpUJ%2FESamhkQdzLuh7YSxu6eg1cGcNfRgd8oaEU1Y7WcfkTqYU0M02HvELkoRK0TyKZSDCnFagXgFoT8EyQcMEBLXb0D1969rU%2FKNRyifohN2%2BuFfoHLCTv%2F2LFT%2Fm4spDeu3dFrkpJXFMHGgYQVaq5AVR8g3Gag8gsg%2FAMmf2NLDa1D93Rs21SDpZrcnqkBJhTQegVuGYvoRQ5HUUGQ19OVxnbe7iectJ1HSaoWBEKLVEqIddmRbtoIw8VCIKb0R8mwEkY4gzBYys4UejWCKj0G2QsEdKHPI7H7YbHd9H7EYX%2FibzQycjuvSbwcBTwQPm8uxiFpREnZagZQyCttxt7WMiMYXzr93%2F433x58iJYaYj%2B%2F%2FMT%2FAKgdVuB1lyMHEYza3HSPz8YXHXesOVjLYnGEgHcqYobQMJWcoiaHMGcqB25OpbVq3L1NbRP7cN%2Be%2B5XZ0vub2dL4WK7adnbCnZ7v5U7yDXnxcTzzRDJNu0GqGQbcbhTJYbnXCjhS%2BDOMglLD07wTIngK3NWzShD336%2B%2FIprKRnyHiR7DpEQS9AF6cBS8d%2BLrDpnKQ%2BjDSusclpQ2h%2B8jyM8g3atvpCXt%2BxqNz987%2FRiuMQ2Yc3qUfGNbSOzs3dcl2b%2BrSsns3spz6tMmn%2BrmV8zx%2B4ss3441SG3n1kh198aqYAtPw8HZs82tcSVJrln11kaSMzRVtRMy%2Bu2pX42ilsOsXC6OK7NrKa1eu9jMTW0taVeD04PLnEDRhZz75ZfYyzn59HmQqmMKhXzxeFUhXENkWbLaoWc1g0kUeZQxl4XZMM1oUp2JIFzsHjxzsf%2FJoEW%2Fb72HJIbfsHwAAAP%2F%2FAQAA%2F%2F9fOH%2FWgwQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1680248487&pid=91283&sub2=icon&auid=d1544afca827ecb3bf8634dddb85e937&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 172.67.159.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQPCl6EHIYbwoy2z3TM9tjCMGYRIMxWZLI3oTqqu7d5%2FRUNVXd07ML4qIgOcmoB3Os%2FfYX6irmD5BIrxcZEDIXWdH9FxSF4FFmMmb0Qff78T2Kr9776qPt4oR5KPjxylt6k9KUL7UbXv3FVVJSl7Z%2B%2FXbd9xreufoqqU5wrj6c%2FszgFd9rN7yX6q%2FHoqeXmp7veb7n16%2BQiRM9XJqhoOyw6ze6XiNoNvx2gKFxsEUNltcgByfsGZCcPLn%2B4z2QqKD6316KbS%2FX2cuX%2B0XKc20wkAdvq57SpUJ%2FESamhkQdzLuh7YSxu6eg1cGcNfRgd8oaEU1Y7WcfkTqYU0M02HvELkoRK0TyKZSDCnFagXgFoT8EyQcMEBLXb0D1969rU%2FKNRyifohN2%2BuFfoHLCTv%2F2LFT%2Fm4spDeu3dFrkpJXFMHGgYQVaq5AVR8g3Gag8gsg%2FAMmf2NLDa1D93Rs21SDpZrcnqkBJhTQegVuGYvoRQ5HUUGQ19OVxnbe7iectJ1HSaoWBEKLVEqIddmRbtoIw8VCIKb0R8mwEkY4gzBYys4UejWCKj0G2QsEdKHPI7H7YbHd9H7EYX%2FibzQycjuvSbwcBTwQPm8uxiFpREnZagZQyCttxt7WMiMYXzr93%2F433x58iJYaYj%2B%2F%2FMT%2FAKgdVuB1lyMHEYza3HSPz8YXHXesOVjLYnGEgHcqYobQMJWcoiaHMGcqB25OpbVq3L1NbRP7cN%2Be%2B5XZ0vub2dL4WK7adnbCnZ7v5U7yDXnxcTzzRDJNu0GqGQbcbhTJYbnXCjhS%2BDOMglLD07wTIngK3NWzShD336%2B%2FIprKRnyHiR7DpEQS9AF6cBS8d%2BLrDpnKQ%2BjDSusclpQ2h%2B8jyM8g3atvpCXt%2BxqNz987%2FRiuMQ2Yc3qUfGNbSOzs3dcl2b%2BrSsns3spz6tMmn%2BrmV8zx%2B4ss3441SG3n1kh198aqYAtPw8HZs82tcSVJrln11kaSMzRVtRMy%2Bu2pX42ilsOsXC6OK7NrKa1eu9jMTW0taVeD04PLnEDRhZz75ZfYyzn59HmQqmMKhXzxeFUhXENkWbLaoWc1g0kUeZQxl4XZMM1oUp2JIFzsHjxzsf%2FJoEW%2Fb72HJIbfsHwAAAP%2F%2FAQAA%2F%2F9fOH%2FWgwQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1680248487&pid=91283&sub2=icon&auid=d1544afca827ecb3bf8634dddb85e937&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: bookadil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
date: Fri, 31 Mar 2023 07:41:30 GMT
content-length: 0
location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-request-id: 1c4c51243976d8f312843aec0e709eb3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lz5Szg6CzsueybVcqEhmJLA0yV8FwbAC0DwZe9J24TY2reWDPAPyiVXI0Hz7uTIOuG00P2BWYhAqLje%2FyGz%2FWhX1DahqqPL5ATsIGWojo2r5sVLU4TumUmrw%2BMVvvPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b06f349293db52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
2.18.173.74200 OK 990 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (990), with no line terminators
Hash 5ab8e16b5f46213840bcd403e349419c
f03f6dc8e2206a94119af76f9a3b3c835390cae7
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 990
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/Close.svg
2.18.173.74200 OK 765 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/Close.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (635)
Hash f740f788e2e26736856f7a3a12457a63
d0ec57a47f6a40f23011dd93219873a5eaee96e2
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac
GET /images/widgetIcons/Close.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "f740f788e2e26736856f7a3a12457a63:1673369390.457553"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 765
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/2010244/module/userZapping.js?e=1
2.18.173.74200 OK 7.1 kB URL HTTP/2 widgets.outbrain.com/nanoWidget/2010244/module/userZapping.js?e=1
IP 2.18.173.74:0
File type ASCII text, with very long lines (14642)
Hash a441f47389afcb4d4a2aa73cfaa06bdd
7225900ae5d790c4cc192402fec9f3134db5dd4d
0adeef22d13c9370db8547393913eddf60b0fbc085f0a62c4d853dae9d989627
GET /nanoWidget/2010244/module/userZapping.js?e=1 HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b8b418abf7a4799a9ee5e62ef475713b:1679997809.627056"
last-modified: Tue, 28 Mar 2023 09:19:29 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
content-length: 7104
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
2.18.173.74200 OK 559 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (363)
Hash 854eb39a3d94a8ec9977261db0c8acc8
ef852997961f946b34e996504912b0606e4c6593
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5
GET /images/widgetIcons/icon-x-white.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "854eb39a3d94a8ec9977261db0c8acc8:1673369404.25082"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 559
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
2.18.173.74200 OK 524 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (422)
Hash c1dc41410784b37a37e29a21baf9aa1f
9b1a4b46b77322f217c3395e32bbb177199c327c
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9
GET /images/widgetIcons/ChevronRight.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "c1dc41410784b37a37e29a21baf9aa1f:1673369389.756676"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 524
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-vi.svg
2.18.173.74200 OK 182 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-vi.svg
IP 2.18.173.74:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c065312fdb5e02c1399f2622776530df
785d98e9025f7b5cd7e2bd4f80098e44cda01ebf
b9e07d8e5143b4764aeebb012b1b020f60eb1cdca44ed1bc22ba9bc85f3af5eb
GET /images/widgetIcons/icon-vi.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "91990280dce13a095a0da3a6b2fc6816:1673369403.63584"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 07:41:30 GMT
date: Fri, 31 Mar 2023 07:41:30 GMT
content-length: 182
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e8a3b8a853c039f5040dd19672b463fb
0d7a1cbce6da857f7120c96a3257dd6fb6f64895
6e24915b58b8def7786aa0584a1e7d3e3e93e10ff4a29d844ad9d3b7a9bc8bb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E24915B58B8DEF7786AA0584A1E7D3E3E93E10FF4A29D844AD9D3B7A9BC8BB1"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11298
Expires: Fri, 31 Mar 2023 10:49:48 GMT
Date: Fri, 31 Mar 2023 07:41:30 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.10200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:30 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Sun, 02 Apr 2023 07:41:30 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 3b855e7ee510fc57849b70ad5796c546
00b430b578a2c77decf6fd116def22aa2de7de97
d6151067b6e25139d5f2a1586ff16d6374c2d1c9c0c233c395a1ba125009d247
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5999
Cache-Control: max-age=157636
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 07:41:30 GMT
Etag: "64263bff-1d7"
Expires: Sun, 02 Apr 2023 03:28:46 GMT
Last-Modified: Fri, 31 Mar 2023 01:48:47 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=5SpCaXnGXLZHOw9dziA1zJD9dF70xpqGLeM4gTioqOUSG82O6LrO9IVMTEyQ0Ryuxi0hHioLxZjJrRJT9bibqS20jLCXpN04aAWnRjJZnlUpks7CX0MeCWis%2Dl61o%2DWnmd%2DXWjJN%2DpIKozvDq4%5FiHKfNbNKg0zp%5FsMJvck75CXOxaqnIzSuv7GDHhzbk2qbrjEfitB8NBb5RLh9sBlfZbmpH1YMFSYoNMu5ZJl9nUI6Urv19DZpOvwQzFuvruHXNfKOSMlstnC7%2DvDmjGQad6uZnEWOtljcpXUPIkMWrYyHPRsAOSlCXKPv0ylVMd1cUaI5WYnblfOK6UG4Z4ZHI0wz%5F12ecP0m4HrItpyHcxmhN3EKQMoZTUhaOeXrxF41TXP6umol8eCjKcVY51f%2D9Z1dLO0Gnl1d%2D8VK37Nde9zm%5FzY3mT%5FZfs3YLvW3SHWvz%2D70&size=970x90&wp=0%2E00001&bd=OBT&d=1
154.51.131.153200 OK 145 B URL HTTP/2 tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=5SpCaXnGXLZHOw9dziA1zJD9dF70xpqGLeM4gTioqOUSG82O6LrO9IVMTEyQ0Ryuxi0hHioLxZjJrRJT9bibqS20jLCXpN04aAWnRjJZnlUpks7CX0MeCWis%2Dl61o%2DWnmd%2DXWjJN%2DpIKozvDq4%5FiHKfNbNKg0zp%5FsMJvck75CXOxaqnIzSuv7GDHhzbk2qbrjEfitB8NBb5RLh9sBlfZbmpH1YMFSYoNMu5ZJl9nUI6Urv19DZpOvwQzFuvruHXNfKOSMlstnC7%2DvDmjGQad6uZnEWOtljcpXUPIkMWrYyHPRsAOSlCXKPv0ylVMd1cUaI5WYnblfOK6UG4Z4ZHI0wz%5F12ecP0m4HrItpyHcxmhN3EKQMoZTUhaOeXrxF41TXP6umol8eCjKcVY51f%2D9Z1dLO0Gnl1d%2D8VK37Nde9zm%5FzY3mT%5FZfs3YLvW3SHWvz%2D70&size=970x90&wp=0%2E00001&bd=OBT&d=1
IP 154.51.131.153:0
File type ASCII text, with no line terminators
Hash 7ed96945d942f7b2b6e8e42cdb5d8652
57bc32892c212b7aef47825c70af1e504b0b697b
b77d72cd756d30cb7838af0700cf1e6854df46596bb08c3ed2b60aa49db084a5
GET /rtb/?pname=hb_result_v3&impdata=5SpCaXnGXLZHOw9dziA1zJD9dF70xpqGLeM4gTioqOUSG82O6LrO9IVMTEyQ0Ryuxi0hHioLxZjJrRJT9bibqS20jLCXpN04aAWnRjJZnlUpks7CX0MeCWis%2Dl61o%2DWnmd%2DXWjJN%2DpIKozvDq4%5FiHKfNbNKg0zp%5FsMJvck75CXOxaqnIzSuv7GDHhzbk2qbrjEfitB8NBb5RLh9sBlfZbmpH1YMFSYoNMu5ZJl9nUI6Urv19DZpOvwQzFuvruHXNfKOSMlstnC7%2DvDmjGQad6uZnEWOtljcpXUPIkMWrYyHPRsAOSlCXKPv0ylVMd1cUaI5WYnblfOK6UG4Z4ZHI0wz%5F12ecP0m4HrItpyHcxmhN3EKQMoZTUhaOeXrxF41TXP6umol8eCjKcVY51f%2D9Z1dLO0Gnl1d%2D8VK37Nde9zm%5FzY3mT%5FZfs3YLvW3SHWvz%2D70&size=970x90&wp=0%2E00001&bd=OBT&d=1 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Cookie: 7thMile=4d37d7bb%2D9b01%2D4e7f%2D9568%2Dc3762ff15964
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.145
x-powered-by: ARR/3.0
date: Fri, 31 Mar 2023 07:41:30 GMT
content-length: 145
X-Firefox-Spdy: h2
mcdp-nydc1.outbrain.com/l?token=70712cb8f463d94e7ec9a7820ed367fc_178258_1680248490387&tm=570&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2010244&pVis=1&lsd=5d424866-bf85-4623-9f5b-817f5611d239&eIdx=&cnsntV2=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=377&oo=false&lo=859&odbreq=1108&odbres=1484&to=1680248488869&umv=0&ll=0&chs=2&ab=0&wl=0
70.42.32.95200 OK 2 B URL HTTP/1.1 mcdp-nydc1.outbrain.com/l?token=70712cb8f463d94e7ec9a7820ed367fc_178258_1680248490387&tm=570&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2010244&pVis=1&lsd=5d424866-bf85-4623-9f5b-817f5611d239&eIdx=&cnsntV2=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=377&oo=false&lo=859&odbreq=1108&odbres=1484&to=1680248488869&umv=0&ll=0&chs=2&ab=0&wl=0
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
GET /l?token=70712cb8f463d94e7ec9a7820ed367fc_178258_1680248490387&tm=570&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2010244&pVis=1&lsd=5d424866-bf85-4623-9f5b-817f5611d239&eIdx=&cnsntV2=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=377&oo=false&lo=859&odbreq=1108&odbres=1484&to=1680248488869&umv=0&ll=0&chs=2&ab=0&wl=0 HTTP/1.1
Host: mcdp-nydc1.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:31 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 5c87ea037a1a5a65330b9bd62f77ae7d
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=70712cb8f463d94e7ec9a7820ed367fc&pvId=70712cb8f463d94e7ec9a7820ed367fc&sid=8662499&pid=178258&idx=0&wId=101&pad=2&org=0&tm=597&eT=3&cnsnt=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2010244&pVis=1&lsd=5d424866-bf85-4623-9f5b-817f5611d239&eIdx=0&oo=false&ab=0&wl=0
70.42.32.95200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=70712cb8f463d94e7ec9a7820ed367fc&pvId=70712cb8f463d94e7ec9a7820ed367fc&sid=8662499&pid=178258&idx=0&wId=101&pad=2&org=0&tm=597&eT=3&cnsnt=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2010244&pVis=1&lsd=5d424866-bf85-4623-9f5b-817f5611d239&eIdx=0&oo=false&ab=0&wl=0
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=70712cb8f463d94e7ec9a7820ed367fc&pvId=70712cb8f463d94e7ec9a7820ed367fc&sid=8662499&pid=178258&idx=0&wId=101&pad=2&org=0&tm=597&eT=3&cnsnt=CPpgZKdPpgZKdBBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2010244&pVis=1&lsd=5d424866-bf85-4623-9f5b-817f5611d239&eIdx=0&oo=false&ab=0&wl=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:31 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 67cb1a39a9bb27d835a4346b127532b7
log.outbrainimg.com/api/loggerBatch/log-viewability
70.42.32.95200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/api/loggerBatch/log-viewability
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
POST /api/loggerBatch/log-viewability HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 685
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 07:41:33 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 32a69e551c78cfb068b60bd6e352bede
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
f.h12-media.com/?init=1&rnd=0.12361963595594827
188.114.97.1200 OK 0 B URL HTTP/2 f.h12-media.com/?init=1&rnd=0.12361963595594827
IP 188.114.97.1:0
GET /?init=1&rnd=0.12361963595594827 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:28 GMT
content-type: application/json; Charset=UTF-8
cache-control: max-age=3600,private
vary: Accept-Encoding
access-control-allow-origin: *
x-powered-by: ASP.NET, ARR/3.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBlFf8cQVFblq4EsMngLau1BqGMAFAx%2B3iUgHf6iTtdKFQcZf%2FXum95em8k3Eu5ZpDmbDMvOFm07cdOIrqm8e5rwCMUzhbMoK9D1TgDxljp18CcBfwV3f245ssk5AqLC5VI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f3392e66b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 0 B IP 91.209.70.182:0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
104.16.158.17200 OK 0 B URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP 104.16.158.17:0
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Fri, 31 Mar 2023 07:31:42 GMT
cf-cache-status: HIT
expires: Fri, 31 Mar 2023 07:56:27 GMT
server: cloudflare
cf-ray: 7b06f3377be60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 07:41:27 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7QRjcNhxIrUX5CwpEIKTNmT0mkafT5MPeesl2g4oBxXYiU94xD220eDxoKYAV8e31RXT07IfA
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-3dPOv7zknBNUk5KyzOo5dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:iWExELSbkl4uxe7ynMomGJRzbYkbZA:3pbYTvkK336HF-RO; Expires=Sun, 30-Mar-2025 07:41:27 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
IP 91.209.70.182:0
GET /1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1; expires=Sat, 01-Apr-2023 07:41:24 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 0 B IP 172.64.132.29:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: text/plain
set-cookie: csu=833827688400802@1@1680248487; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCXhIMjFhUBgwDGTSpsI42g3nQeU6i7qRUMzYtg2qvDc4PN%2FDKnn3IkcQflJOQAUHBv0pM%2Fq002NANEO9AzrPEh5w4WpyB8c9bZ%2FcgJZorP0vfjaxs5LSCahqyMFp%2B14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f33669397198-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-888831677%3A1680248487404972&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7S7zJ3ZTdLkfn5vE5dZpHjpbcAaUnpugVrhdJKu3yvzrOJSpgh-pOgSyE6dkw2HSkO1uFTWog&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-888831677%3A1680248487404972&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7S7zJ3ZTdLkfn5vE5dZpHjpbcAaUnpugVrhdJKu3yvzrOJSpgh-pOgSyE6dkw2HSkO1uFTWog&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S-888831677%3A1680248487404972&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7S7zJ3ZTdLkfn5vE5dZpHjpbcAaUnpugVrhdJKu3yvzrOJSpgh-pOgSyE6dkw2HSkO1uFTWog&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 07:41:27 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-uSPND86f3iD7Mfaf9e9Prw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
f.h12-media.com/?init=1&rnd=0.7134420688310646
188.114.97.1200 OK 0 B URL HTTP/2 f.h12-media.com/?init=1&rnd=0.7134420688310646
IP 188.114.97.1:0
GET /?init=1&rnd=0.7134420688310646 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 07:41:27 GMT
content-type: application/json; Charset=UTF-8
cache-control: max-age=3600,private
vary: Accept-Encoding
access-control-allow-origin: *
x-powered-by: ASP.NET, ARR/3.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnbiBE2gaMV5yKvWu0ARZrsZAam58olbFyxa%2Fzo838L%2B5%2B8O8FXDfkb3kYtEWCB2IBMsVZS4YNOMA5xz%2B2GfQIyx7S2RfxkW6LcVNe0fjEv6aW8FFQMU1UnLqVeITPbULIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b06f337bc54b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 07:41:27 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SMgMmInchnqMQTvYqrHL3M5HsVqE-_WgC3aC4QPehh9yuXe02wLyl3BP3BNtN0m08ArS1VVw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-fB4d1wYORpKs2CeY7hLpYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:b3B3FquiL_KFsZTVp1VC2ZjFdGTgUA:y6lADIN94tkgLXa1; Expires=Sun, 30-Mar-2025 07:41:27 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1T6o9/The.Last.of.Us.Part.I.Update.v1.0.1.5-RUNE.rar
Connection: keep-alive
Cookie: filehosting=t9m56j3omfh1u6vitum7r47hi1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 07:41:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2