megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 05 Feb 2023 00:55:24 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3212
Expires: Sun, 05 Feb 2023 01:48:56 GMT
Date: Sun, 05 Feb 2023 00:55:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11797
Expires: Sun, 05 Feb 2023 04:12:01 GMT
Date: Sun, 05 Feb 2023 00:55:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19383
Expires: Sun, 05 Feb 2023 06:18:27 GMT
Date: Sun, 05 Feb 2023 00:55:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 00:43:39 GMT
content-type: application/json
age: 705
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +k5nsWFBoyqd6Ms59AweGMTneiVD2HQLWWW+m5AeuJxxGc/OTYu/0gZAWBG6VUBTXz/88MEZGD0=
x-amz-request-id: 08RD74767PR75EE1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 00:24:14 GMT
age: 1870
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f07c85aa578735b0e76244950ffb3817
c71d6ec04f5bd87ac50b0787d2879bbda854c3d0
afdaa526bc344a8f1766a8b635a8e34ca30b0288eab4539ee68ab917a525fc05
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 11:25:43 GMT
Expires: Fri, 10 Feb 2023 11:25:42 GMT
Etag: "c71d6ec04f5bd87ac50b0787d2879bbda854c3d0"
Cache-Control: max-age=469217,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947ae296c7cb518-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 30 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (23470)
Hash dc395235840569af4c487c57ce9ac103
ce9849d9ea8564b314a60d2cc9007172182e5b8b
3bf91a70344b990cee609f01f84fdf335b2c37a561d7f54c9337bc8332dce9ad
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash cd2b69ed56bface3f077bb2dd5c7fb79
55b7f9c2d130870498ca6d696caec16c53f03cbc
f031240ee66523be031a06a77eb6edd3a0943b8f0c7a7044e73091cd0e83bd6c
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 00:55:24 GMT
expires: Sun, 05 Feb 2023 00:55:24 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 1.9 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
Hash 64aa8d501f46f689f5abb776b0df31ee
73fa3ce1094062dcf18ea1e68c648bf955804307
e5ad90e96c8d54611360e4b58e273d58c44a233a8ae98be3045ff4264fd528f0
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP 91.209.70.182:0
Hash 8b24e683e2c5ef5d7a2b38cd790f7f70
dece3dd7e557d946c04c701e54251b61858830e3
5a4ecd804556d94135739c7180d5fd60dde71c1cd2360504ac843c4107349227
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 5.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1285)
Hash 8315d1968a3af1b570701976d38c9aea
d711b51a499a3c2b490f41377a55f2b45e1ff609
449dbb649c94dfb0411c0434c1036bc614840daa23ac085d02813ca23973d0a4
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash d2850734c9baac52087ee6ad9fb5a2e8
b3169fe7f04b8337fc3f13d36a8f4d46ec55df63
79caeba8f4079596e989ca24f36a9ca1794b098e42ad7ac3d16289a79b689634
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
143.204.42.228200 OK 191 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 143.204.42.228:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 191 kB (190956 bytes)
Hash 12bf621b2cc4dfd21a00842e6f3515db
45c24c107b1c94e9ac3a7d9466653fbff995da99
3d1069e7e495b01c501d74bbda02f29e08efb83bb47f706b1761b48599581369
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 190956
date: Sun, 05 Feb 2023 00:55:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fDnEbKtMPuRK90GTBkabVaxdpzLvJMma9wLFP_tymHYliu7gTJ6vcA==
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 91 kB IP 91.209.70.182:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 38be6165cbed40cdaf666cff7c920482
7a498dafbe0567032f57c74c483a4cdb30c69c3f
7763e510abcce18fe2a73ca0bc7d01b4b817da3213de17c0b9c8840141ee278d
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 40 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (464), with CRLF line terminators
Hash eb949bf83e05eb777dcd0e402d73f832
61d919a8ce89190e04b7dbb08426637951a36950
c85ff48e7e0cc68562febf2e0fac7fa82458b2a7205bd05b72ef3711e2d74e13
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
91.209.70.182200 OK 21 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 3.0 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash 98a6c321e72bb2f34b61a79b443287c9
4ee11342142d2d7d691fef32b82c2841176ca0ea
c5d88c8f9a4d59e73e58d7f18e2af721b5d6c912b9db79b1957a0b5316f3e0c9
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8998
Expires: Sun, 05 Feb 2023 03:25:23 GMT
Date: Sun, 05 Feb 2023 00:55:25 GMT
Connection: keep-alive
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.144200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.144:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 00:55:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 06-Feb-2023 00:55:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Mon, 06-Feb-2023 00:55:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
altowriestwispy.com/tysaSHG1FMaM/18410
172.255.6.140200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 172.255.6.140:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 00:55:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 06-Feb-2023 00:55:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Mon, 06-Feb-2023 00:55:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
altowriestwispy.com/tysaSHG1FMaM/18410
172.255.6.140200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 172.255.6.140:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 00:55:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
verysilenit.com/V2lIZTI2CysIDTZUKkNHJQV1QAARTHojVjoEMg5UM1F6ElMuB2YGXjgcLANAOAc8S1wyHW1XdCY7IidgBjwFCWotUSYDdh0zBj1KZwoJI1UyMR4CZT4gPSlmDicBLVpnIBkgdBYefBV0Pjx/LwEkKCwcAj4iDgFBDRARCmdlET8/YTM8BVZKZDANNFobACBSYAMaJihIASwCHEE4Iho8WR4hfBdqLhonKUsnOywtfxEKMFBaDSEOV3UUMCcpYR0PAg94Og0JJBdlLwYyaGcoDydKNTERM2swJyUBcxYEAyYDICsAN0sWPgUmawMFeQZaAQAJV2hnKAtIf2QzJjNKDiEOV1MWK3w/ehFbHh9jPiILDmQOHiwdVjAvIAZqHVsJPWAtCjEnaB4QGQl5AgF4BkUBWgkiYCEKeid0NSEJQ1gkBiYVDyZQfwIDAysFCg
143.204.55.59200 OK 1.2 kB URL HTTP/2 verysilenit.com/V2lIZTI2CysIDTZUKkNHJQV1QAARTHojVjoEMg5UM1F6ElMuB2YGXjgcLANAOAc8S1wyHW1XdCY7IidgBjwFCWotUSYDdh0zBj1KZwoJI1UyMR4CZT4gPSlmDicBLVpnIBkgdBYefBV0Pjx/LwEkKCwcAj4iDgFBDRARCmdlET8/YTM8BVZKZDANNFobACBSYAMaJihIASwCHEE4Iho8WR4hfBdqLhonKUsnOywtfxEKMFBaDSEOV3UUMCcpYR0PAg94Og0JJBdlLwYyaGcoDydKNTERM2swJyUBcxYEAyYDICsAN0sWPgUmawMFeQZaAQAJV2hnKAtIf2QzJjNKDiEOV1MWK3w/ehFbHh9jPiILDmQOHiwdVjAvIAZqHVsJPWAtCjEnaB4QGQl5AgF4BkUBWgkiYCEKeid0NSEJQ1gkBiYVDyZQfwIDAysFCg
IP 143.204.55.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash 8ffc915e128ac351bb8f8747bd32681c
21f1a2631584c171ba67153f70925a12e5405ea7
2cd0f905c24cc5a1c815dbd155996c1630e0038a8b6b285ec47b6516e9faefd7
GET /V2lIZTI2CysIDTZUKkNHJQV1QAARTHojVjoEMg5UM1F6ElMuB2YGXjgcLANAOAc8S1wyHW1XdCY7IidgBjwFCWotUSYDdh0zBj1KZwoJI1UyMR4CZT4gPSlmDicBLVpnIBkgdBYefBV0Pjx/LwEkKCwcAj4iDgFBDRARCmdlET8/YTM8BVZKZDANNFobACBSYAMaJihIASwCHEE4Iho8WR4hfBdqLhonKUsnOywtfxEKMFBaDSEOV3UUMCcpYR0PAg94Og0JJBdlLwYyaGcoDydKNTERM2swJyUBcxYEAyYDICsAN0sWPgUmawMFeQZaAQAJV2hnKAtIf2QzJjNKDiEOV1MWK3w/ehFbHh9jPiILDmQOHiwdVjAvIAZqHVsJPWAtCjEnaB4QGQl5AgF4BkUBWgkiYCEKeid0NSEJQ1gkBiYVDyZQfwIDAysFCg HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1184
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t8Mth8OLVoJteWhvR3JPYj7D118V8-W_iiETQFskTAnjO1vrU1NbVw==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP 142.250.74.131:0
Hash f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21
POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.42.252.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.252.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IrFVZ13+rRvWGYFz7P4dbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yBqE3WkrA+AQtlxjIlvm9HJCwjU=
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.144200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.144:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 00:55:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 109 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (840)
Size 109 kB (108992 bytes)
Hash 35d045ef3f901a933252d4ff46d3f391
fd71c35fcc597b5a8fad5c271117adcc9bb017bc
9e5e4729b77d9ef58c4b7520e1481801166a1883eafe7830063895de1a318384
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP 142.250.74.131:0
Hash f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21
POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP 142.250.74.131:0
Hash f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21
POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verysilenit.com/b1NYZTIOMTsIDQ5uOkNHHT9lQAApdmojVgI+Ig5UC2tqElMWPXYGXgAmPANAAD0sS1wKJ31XdAIJDS9AIBsdIn4+BT0xWiohHBJkJQY2N2ssBjQheS07AC1KOXZqI39dY2AmSD0KACcLNxUZAWUgADMTZjokFCRqVjEQDQIqHxkSdDkkGRZxLgUZNEsiAw8OSj0JGlx7JzRtQAApGzQsaikHHQNmByAXKWdeHR0jVRkRHSxrLABsLno6HjIBAjoaDiNWFgJoXWssKgEgZhgZGQZ0GwQaMHAYBC8JcDxgEipxFR0ZBnQbAx8kRl8LIFRxJWE8P3EuPwwBWUJnFCgCLSQPVV0nAhAgQywGHjRQKSAKM3QLKhwjAjwXMVR9LDk8PVEDPBE0ZD0qDw0DKwULNHE8Owkhfj0ePDRLISkPEgMJBQ80Vy0GGUNYHDw2FQ83BhULRFw3NldkAz0QKV8
143.204.55.59200 OK 1.2 kB URL HTTP/2 verysilenit.com/b1NYZTIOMTsIDQ5uOkNHHT9lQAApdmojVgI+Ig5UC2tqElMWPXYGXgAmPANAAD0sS1wKJ31XdAIJDS9AIBsdIn4+BT0xWiohHBJkJQY2N2ssBjQheS07AC1KOXZqI39dY2AmSD0KACcLNxUZAWUgADMTZjokFCRqVjEQDQIqHxkSdDkkGRZxLgUZNEsiAw8OSj0JGlx7JzRtQAApGzQsaikHHQNmByAXKWdeHR0jVRkRHSxrLABsLno6HjIBAjoaDiNWFgJoXWssKgEgZhgZGQZ0GwQaMHAYBC8JcDxgEipxFR0ZBnQbAx8kRl8LIFRxJWE8P3EuPwwBWUJnFCgCLSQPVV0nAhAgQywGHjRQKSAKM3QLKhwjAjwXMVR9LDk8PVEDPBE0ZD0qDw0DKwULNHE8Owkhfj0ePDRLISkPEgMJBQ80Vy0GGUNYHDw2FQ83BhULRFw3NldkAz0QKV8
IP 143.204.55.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3048), with no line terminators
Hash 6b09246fc45b9f214f919163dd91b464
c9d7ca3e779444015a1a082a2dd2c471132b0986
e8757c26f96a66225e140ede072055e8b6dcbe48320a04e448309022aef167c4
GET /b1NYZTIOMTsIDQ5uOkNHHT9lQAApdmojVgI+Ig5UC2tqElMWPXYGXgAmPANAAD0sS1wKJ31XdAIJDS9AIBsdIn4+BT0xWiohHBJkJQY2N2ssBjQheS07AC1KOXZqI39dY2AmSD0KACcLNxUZAWUgADMTZjokFCRqVjEQDQIqHxkSdDkkGRZxLgUZNEsiAw8OSj0JGlx7JzRtQAApGzQsaikHHQNmByAXKWdeHR0jVRkRHSxrLABsLno6HjIBAjoaDiNWFgJoXWssKgEgZhgZGQZ0GwQaMHAYBC8JcDxgEipxFR0ZBnQbAx8kRl8LIFRxJWE8P3EuPwwBWUJnFCgCLSQPVV0nAhAgQywGHjRQKSAKM3QLKhwjAjwXMVR9LDk8PVEDPBE0ZD0qDw0DKwULNHE8Owkhfj0ePDRLISkPEgMJBQ80Vy0GGUNYHDw2FQ83BhULRFw3NldkAz0QKV8 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1198
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RqElWZL57uxwmvcD0ERooCEHOXSjMf10hHvaWVujKWhiX1e79-oOVw==
X-Firefox-Spdy: h2
verysilenit.com/SktadkwrKTkbcyt2OFA5OCdnU34MbmgwKCcmIB0qLnNoAS0zJXQVICU+PhA+JSUuWCIvP39ECngRHyQIBx41PgczegISHgs/EAE0Mx00MHoLAy41ACAJPzwOGH4cPgYzCS0zIRx4ayMoLQITFA4Lbmg0Bj0zbCclLSICD30QEjMsKgEdNkcWHAovNCImeBwMeB8AIxEBGjw1EQYmKDA1JQ8lHAx0DC4JQykHCmoZAHsJLCArAHkSRTwILzQ7FhoaagcGe39jMH4MMxslHRsSAjMOL3oIBy8yGW88IQwzGyJ8BAA0IwooejkxFi0FbD4EAHgcPicnEgJbCQgEGDwkKQMYQRoCDS43GwQJPhgCHQctFToGCQhCBSQRIDcEOh4+LgELKWssfAAdPUINGQIpJRtzHBsYBQgtagZ8EB4IRRobbTAFIyQ7ZyEPcigfEyp9e2g3dQ
143.204.55.59200 OK 1.2 kB URL HTTP/2 verysilenit.com/SktadkwrKTkbcyt2OFA5OCdnU34MbmgwKCcmIB0qLnNoAS0zJXQVICU+PhA+JSUuWCIvP39ECngRHyQIBx41PgczegISHgs/EAE0Mx00MHoLAy41ACAJPzwOGH4cPgYzCS0zIRx4ayMoLQITFA4Lbmg0Bj0zbCclLSICD30QEjMsKgEdNkcWHAovNCImeBwMeB8AIxEBGjw1EQYmKDA1JQ8lHAx0DC4JQykHCmoZAHsJLCArAHkSRTwILzQ7FhoaagcGe39jMH4MMxslHRsSAjMOL3oIBy8yGW88IQwzGyJ8BAA0IwooejkxFi0FbD4EAHgcPicnEgJbCQgEGDwkKQMYQRoCDS43GwQJPhgCHQctFToGCQhCBSQRIDcEOh4+LgELKWssfAAdPUINGQIpJRtzHBsYBQgtagZ8EB4IRRobbTAFIyQ7ZyEPcigfEyp9e2g3dQ
IP 143.204.55.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash 408a84c697781494fc2645cfdc7f6809
8e77960dd4bd3a1238e28260da46426fd5c105c5
bf52ec55cd70cf124a5db63820c244a0c4bd895be0cf31be9798dafb8246c1d8
GET /SktadkwrKTkbcyt2OFA5OCdnU34MbmgwKCcmIB0qLnNoAS0zJXQVICU+PhA+JSUuWCIvP39ECngRHyQIBx41PgczegISHgs/EAE0Mx00MHoLAy41ACAJPzwOGH4cPgYzCS0zIRx4ayMoLQITFA4Lbmg0Bj0zbCclLSICD30QEjMsKgEdNkcWHAovNCImeBwMeB8AIxEBGjw1EQYmKDA1JQ8lHAx0DC4JQykHCmoZAHsJLCArAHkSRTwILzQ7FhoaagcGe39jMH4MMxslHRsSAjMOL3oIBy8yGW88IQwzGyJ8BAA0IwooejkxFi0FbD4EAHgcPicnEgJbCQgEGDwkKQMYQRoCDS43GwQJPhgCHQctFToGCQhCBSQRIDcEOh4+LgELKWssfAAdPUINGQIpJRtzHBsYBQgtagZ8EB4IRRobbTAFIyQ7ZyEPcigfEyp9e2g3dQ HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1193
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eRRwa1qXuaQYCD0Ycn5EXTPBWyjxioCLzsJSrj1fEiFRXOuOO9JAew==
X-Firefox-Spdy: h2
verysilenit.com/ZFdEaE0FNScFcgVqJk44Fjt5TX8icnYuKQk6PgMrAG92HywdOWoLIQsiIA4/CzkwRiMBI2FaCzQ0ARAbNjkBPAQeJCM8KjU7CTA5LQUMPjkHEhI/Bw0ONCA6Ji8OLAxcHgw9KiwSHVwHHRJ0JjQHJw5aDCIULQAiADsnCwEwJCw8Cz0nCxEbKQYTB30tPwomKCwaPi0IVD8LAjo9HwcpfT1nCVooPCN2PggubyI8CD0fLQ97KQYOPisJAisqGzJydioXPDMGMCMcICA8AzIxKT01IxVxXhQzGQclIAg5IA8hIzIMKnwpZhJNfyYNEDkFMg98PSlUEQIxIEkBMj4ILm8JAQA3ED0mOgATICsrIwV2ORgibx4vAyAGBwd1KhUVPwQdZi45Nz5uHjADAgYDByoBZwVOJxc4KhhwFSEJOHQRDXMgJhAlAj8oFg
143.204.55.59200 OK 1.2 kB URL HTTP/2 verysilenit.com/ZFdEaE0FNScFcgVqJk44Fjt5TX8icnYuKQk6PgMrAG92HywdOWoLIQsiIA4/CzkwRiMBI2FaCzQ0ARAbNjkBPAQeJCM8KjU7CTA5LQUMPjkHEhI/Bw0ONCA6Ji8OLAxcHgw9KiwSHVwHHRJ0JjQHJw5aDCIULQAiADsnCwEwJCw8Cz0nCxEbKQYTB30tPwomKCwaPi0IVD8LAjo9HwcpfT1nCVooPCN2PggubyI8CD0fLQ97KQYOPisJAisqGzJydioXPDMGMCMcICA8AzIxKT01IxVxXhQzGQclIAg5IA8hIzIMKnwpZhJNfyYNEDkFMg98PSlUEQIxIEkBMj4ILm8JAQA3ED0mOgATICsrIwV2ORgibx4vAyAGBwd1KhUVPwQdZi45Nz5uHjADAgYDByoBZwVOJxc4KhhwFSEJOHQRDXMgJhAlAj8oFg
IP 143.204.55.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3029), with no line terminators
Hash aa48a444ec8836dada139aeff328e183
bef4eae8bddaa6af05d0dcd864eed4536de4ad6d
5f9d9d774934671408d870385c8602eaafc12357c833fb5fb51d8e349630deca
GET /ZFdEaE0FNScFcgVqJk44Fjt5TX8icnYuKQk6PgMrAG92HywdOWoLIQsiIA4/CzkwRiMBI2FaCzQ0ARAbNjkBPAQeJCM8KjU7CTA5LQUMPjkHEhI/Bw0ONCA6Ji8OLAxcHgw9KiwSHVwHHRJ0JjQHJw5aDCIULQAiADsnCwEwJCw8Cz0nCxEbKQYTB30tPwomKCwaPi0IVD8LAjo9HwcpfT1nCVooPCN2PggubyI8CD0fLQ97KQYOPisJAisqGzJydioXPDMGMCMcICA8AzIxKT01IxVxXhQzGQclIAg5IA8hIzIMKnwpZhJNfyYNEDkFMg98PSlUEQIxIEkBMj4ILm8JAQA3ED0mOgATICsrIwV2ORgibx4vAyAGBwd1KhUVPwQdZi45Nz5uHjADAgYDByoBZwVOJxc4KhhwFSEJOHQRDXMgJhAlAj8oFg HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1181
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cWWdP30yrhfszjMXXC8-fuLeiV7Wdr-wKH4w9Ms8PyPhPDtLlXD2hA==
X-Firefox-Spdy: h2
verysilenit.com/QVhMUVcgOi88aCBlLnciMzRxdGUHfX4XMyw1NjoxJWB+JjY4NmIyOy4tKDclLjY4fzkkLGljEQ4PBD0bFh90ZhEoDWljFRQbOwAbcw4VMzxwbi4XYmRqDhQtJmsNAj8EGg4mEyAMKzg2ABEpAgQEYRpjMBYQImU1CDB9YzYEM3wWFBR9fhcCL2wvGwM1Cy0HbzAIDWA7FQ98Ih87Ox81PnEeHDY8dRQOOi4EMR50ZQMfJj0SCzIvBxoTDSIeAjEpHGJicwB/YBskaw0IGhM7Oh8vJioUGTsuGR8pNCQPJDQ2Bzx7NwE2ORQZOy4fCBQPJw80GjY7LDkwO3k/GGJ6eGEUEyciPRs2Mw00NGUQF20jBRAXNx4/Zg09NmkcDiAFOjEXaCkCZDUoFGM/CD1+PRwgMyclGhNodRkuED8fPDhkago0Oik5KDo7NRQaGydnMj8+OTFlAxU7cBklYToHaCY0b3E3GQ
143.204.55.59200 OK 1.2 kB URL HTTP/2 verysilenit.com/QVhMUVcgOi88aCBlLnciMzRxdGUHfX4XMyw1NjoxJWB+JjY4NmIyOy4tKDclLjY4fzkkLGljEQ4PBD0bFh90ZhEoDWljFRQbOwAbcw4VMzxwbi4XYmRqDhQtJmsNAj8EGg4mEyAMKzg2ABEpAgQEYRpjMBYQImU1CDB9YzYEM3wWFBR9fhcCL2wvGwM1Cy0HbzAIDWA7FQ98Ih87Ox81PnEeHDY8dRQOOi4EMR50ZQMfJj0SCzIvBxoTDSIeAjEpHGJicwB/YBskaw0IGhM7Oh8vJioUGTsuGR8pNCQPJDQ2Bzx7NwE2ORQZOy4fCBQPJw80GjY7LDkwO3k/GGJ6eGEUEyciPRs2Mw00NGUQF20jBRAXNx4/Zg09NmkcDiAFOjEXaCkCZDUoFGM/CD1+PRwgMyclGhNodRkuED8fPDhkago0Oik5KDo7NRQaGydnMj8+OTFlAxU7cBklYToHaCY0b3E3GQ
IP 143.204.55.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash 7c1d73f7712171ef6b54113088eb77ca
1a5d2c884dafba8a9453570306a18a8b47f6a74c
ef0d039fd8c271786c99dacd4d1ce29b6c0059b39bfab5c2254900cc9ad57e0d
GET /QVhMUVcgOi88aCBlLnciMzRxdGUHfX4XMyw1NjoxJWB+JjY4NmIyOy4tKDclLjY4fzkkLGljEQ4PBD0bFh90ZhEoDWljFRQbOwAbcw4VMzxwbi4XYmRqDhQtJmsNAj8EGg4mEyAMKzg2ABEpAgQEYRpjMBYQImU1CDB9YzYEM3wWFBR9fhcCL2wvGwM1Cy0HbzAIDWA7FQ98Ih87Ox81PnEeHDY8dRQOOi4EMR50ZQMfJj0SCzIvBxoTDSIeAjEpHGJicwB/YBskaw0IGhM7Oh8vJioUGTsuGR8pNCQPJDQ2Bzx7NwE2ORQZOy4fCBQPJw80GjY7LDkwO3k/GGJ6eGEUEyciPRs2Mw00NGUQF20jBRAXNx4/Zg09NmkcDiAFOjEXaCkCZDUoFGM/CD1+PRwgMyclGhNodRkuED8fPDhkago0Oik5KDo7NRQaGydnMj8+OTFlAxU7cBklYToHaCY0b3E3GQ HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6wfHYi0PRpHjUnlTvEzdzejpfyJsXXq_okfdFi4nneSSOAOaz8ZWyA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1713c15fba0437ba75fae3ddd1689ebf
3de22e362779c24fe37a4e66d02c46069942a2f3
4ec7ba6239b5423e17462a1ca7cf45a4114b4aa3cac01c3f98c46345b8d6c677
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5322
Cache-Control: max-age=106112
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Etag: "63dde533-117"
Expires: Mon, 06 Feb 2023 06:23:57 GMT
Last-Modified: Sat, 04 Feb 2023 04:55:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP 142.250.74.131:0
Hash f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21
POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/imageads/003.gif
91.209.70.182200 OK 414 kB URL HTTP/2 megaup.net/imageads/003.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 414 kB (413764 bytes)
Hash b519247f61e29375d326bd19d89513b4
7eba5fe7ba18dd0fc359f96cf8b799519a920ed0
e528ff79f09b5299616f7820ba5daaf59233d430f612a5fb8f24f338c9d295da
GET /imageads/003.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: image/gif
content-length: 413764
last-modified: Thu, 02 Aug 2018 17:12:56 GMT
vary: Accept-Encoding
etag: "5b633b98-65044"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
yneationsliee.xyz/b210Q1VAUhcwaCA5JnAMAQI5AgBWOycCOi0/MhEFLiwyBgMEClI3PAtQTHFgVlxFZSUGCUlwZ0keACIhGh5JcWVfWlIqOwkCSXFzGVBEbWxBXFpzcxpQRWUhHwwTfmRJHQA3OVJcQnRgWlhMdmNcXEF3
172.67.193.20204 No Content 0 B URL HTTP/2 yneationsliee.xyz/b210Q1VAUhcwaCA5JnAMAQI5AgBWOycCOi0/MhEFLiwyBgMEClI3PAtQTHFgVlxFZSUGCUlwZ0keACIhGh5JcWVfWlIqOwkCSXFzGVBEbWxBXFpzcxpQRWUhHwwTfmRJHQA3OVJcQnRgWlhMdmNcXEF3
IP 172.67.193.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b210Q1VAUhcwaCA5JnAMAQI5AgBWOycCOi0/MhEFLiwyBgMEClI3PAtQTHFgVlxFZSUGCUlwZ0keACIhGh5JcWVfWlIqOwkCSXFzGVBEbWxBXFpzcxpQRWUhHwwTfmRJHQA3OVJcQnRgWlhMdmNcXEF3 HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvIXCfZZnEWfj3Jfs8wKYkprKnhwDhOZV0iDCojT%2BMCKuzhtOgskAnjlNG5FlbhmdVRA2ZYtkXLr0ox1RlhShgUKlBdM9VU4nu%2FfoMpsRY%2BDzfFMzCUhZcP2Eae4CcGMy5LsfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947ae2fbcf2b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yneationsliee.xyz/WjNuS2p1DA04Vw1mPCoIDFcdKD0QUjQcGiJSOD8DA3soOz0NZkg/Az4OVnlfYwJfbRozV1N4WHxAGioeL0BTekwzXQgkV3xFU3tEYx1fZVp8RlN6TC5DDyxXaxUePx42Dl99XW8GW3NfbABffls
172.67.193.20204 No Content 0 B URL HTTP/2 yneationsliee.xyz/WjNuS2p1DA04Vw1mPCoIDFcdKD0QUjQcGiJSOD8DA3soOz0NZkg/Az4OVnlfYwJfbRozV1N4WHxAGioeL0BTekwzXQgkV3xFU3tEYx1fZVp8RlN6TC5DDyxXaxUePx42Dl99XW8GW3NfbABffls
IP 172.67.193.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WjNuS2p1DA04Vw1mPCoIDFcdKD0QUjQcGiJSOD8DA3soOz0NZkg/Az4OVnlfYwJfbRozV1N4WHxAGioeL0BTekwzXQgkV3xFU3tEYx1fZVp8RlN6TC5DDyxXaxUePx42Dl99XW8GW3NfbABffls HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ac4Wm29Gc0wv6nzfIpRvf3AzCm3J1xg%2FeRHafVTFdQLZkNs1UoxJeOZ0QLz9Vz9C9Gz4IKdoCNe6UB%2FdsX2WHLLgtSJyVz0AkjlIOtwyPGR8coY%2FQHfF10HF3QTTpR%2BUzQlNHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947ae2fccfdb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yneationsliee.xyz/a3lPcVZERiwCawgSHRo0PisOEmc9GikkBFksfgUvOTErKQEFSWkFPw9EdkVvU097VyYCHXJAbk0KOxAiHgpyQHACFykea00PckB4W1d9X2RNDHJAcB8JLhZrWl8/BSIHRH5HYV5MekljXUp+Rmc
172.67.193.20204 No Content 0 B URL HTTP/2 yneationsliee.xyz/a3lPcVZERiwCawgSHRo0PisOEmc9GikkBFksfgUvOTErKQEFSWkFPw9EdkVvU097VyYCHXJAbk0KOxAiHgpyQHACFykea00PckB4W1d9X2RNDHJAcB8JLhZrWl8/BSIHRH5HYV5MekljXUp+Rmc
IP 172.67.193.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a3lPcVZERiwCawgSHRo0PisOEmc9GikkBFksfgUvOTErKQEFSWkFPw9EdkVvU097VyYCHXJAbk0KOxAiHgpyQHACFykea00PckB4W1d9X2RNDHJAcB8JLhZrWl8/BSIHRH5HYV5MekljXUp+Rmc HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guF4g0rdF6E7eJ%2BJ68CmggodtY51plsSi%2BcmJBSlHgZwegmmn5rXw9pm1eMBxKsobua1aIO6lDOwEZE2v3D0qtk%2BITJA4HCvy8hcWQDfLIz%2BWDWZjm7UwapyfF0p6otreuEIhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947ae2fccfeb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yneationsliee.xyz/b3o4Z1FARVsUbDwXUBIABAoBPz1eSF0JIQoiYC1mCksNBjVcHR4TOAtHD1FlXk4JQSEGHgVWdxwOWRMkHEcJQTgBHFdadxlHCUliW1QLVn9dXE1aYEkOSAY2UkseFyUbFgVWZ1hPDVJpWkwLVmld
172.67.193.20204 No Content 0 B URL HTTP/2 yneationsliee.xyz/b3o4Z1FARVsUbDwXUBIABAoBPz1eSF0JIQoiYC1mCksNBjVcHR4TOAtHD1FlXk4JQSEGHgVWdxwOWRMkHEcJQTgBHFdadxlHCUliW1QLVn9dXE1aYEkOSAY2UkseFyUbFgVWZ1hPDVJpWkwLVmld
IP 172.67.193.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b3o4Z1FARVsUbDwXUBIABAoBPz1eSF0JIQoiYC1mCksNBjVcHR4TOAtHD1FlXk4JQSEGHgVWdxwOWRMkHEcJQTgBHFdadxlHCUliW1QLVn9dXE1aYEkOSAY2UkseFyUbFgVWZ1hPDVJpWkwLVmld HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcZMquIzXhHviAoZrpLsXcs5MIOTo541bjM0ypivkUjdLQ3IOpJerxM8NA2JJ1Z9mjXoWaWDTlNrL%2Fo9c6XKTr7apCnNmWQ8Ja4BIx8OTb9mRnQFWtTWavaCl2nkL4DmnDWfEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947ae2fcd02b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yneationsliee.xyz/YkNsaWxNfA8aUTMuKhM2NStaPikkFTsHCDURADsIBy8mKjlTMEodBQZ+VF5aUXJUTxwLJ1FbVUQwGAgYFzBRWEoLLQoGUUQ1UVhCUm1aWUJTZRlUXUQ3HAgLX3JKGRgWL1FYWlV2WVxUV3VfWFpQ
172.67.193.20204 No Content 0 B URL HTTP/2 yneationsliee.xyz/YkNsaWxNfA8aUTMuKhM2NStaPikkFTsHCDURADsIBy8mKjlTMEodBQZ+VF5aUXJUTxwLJ1FbVUQwGAgYFzBRWEoLLQoGUUQ1UVhCUm1aWUJTZRlUXUQ3HAgLX3JKGRgWL1FYWlV2WVxUV3VfWFpQ
IP 172.67.193.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YkNsaWxNfA8aUTMuKhM2NStaPikkFTsHCDURADsIBy8mKjlTMEodBQZ+VF5aUXJUTxwLJ1FbVUQwGAgYFzBRWEoLLQoGUUQ1UVhCUm1aWUJTZRlUXUQ3HAgLX3JKGRgWL1FYWlV2WVxUV3VfWFpQ HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3A2%2BHKmwGQefzEM2n0phKp5LQFJiVeZhzwlEhjPLTCRSSRbzFS1aFfcyI%2Bi6M7BTwVh%2FkXKCSl0t5m9nsrmsUbZqOMyZGvgfOHU6CDOmdaWWjpr3WWeB%2B2zVdxAXd2Q2oM3dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947ae2fccfbb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/qRjBRQUMlXz8nfDJZNXx0cAFgeXVgWiIuLTYNIHh0IQEFAw4pFiU7J3sAdy0iKFdsZyYoU2xwZSdUM3x3YEQhLih7RTsnMzVEJysoKRYkIH4rXysoLypRdHMFcx5hZHF2GCYoLSJfJjJmdAA/NWZ0AGBxbXYVYgNmdAAmKC1wBHRyAWMCYTl1chViA2Z0AC-M3ZnVxYHF2aAB4ZHF2VzQiKCkVYwdxdgFhcXJ2AXRzcyBZIyQlKUh0cwV3AGRvc2BFbHA
143.204.42.228200 OK 584 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/qRjBRQUMlXz8nfDJZNXx0cAFgeXVgWiIuLTYNIHh0IQEFAw4pFiU7J3sAdy0iKFdsZyYoU2xwZSdUM3x3YEQhLih7RTsnMzVEJysoKRYkIH4rXysoLypRdHMFcx5hZHF2GCYoLSJfJjJmdAA/NWZ0AGBxbXYVYgNmdAAmKC1wBHRyAWMCYTl1chViA2Z0AC-M3ZnVxYHF2aAB4ZHF2VzQiKCkVYwdxdgFhcXJ2AXRzcyBZIyQlKUh0cwV3AGRvc2BFbHA
IP 143.204.42.228:0
File type ASCII text, with very long lines (809), with no line terminators
Hash e50b0470b986aee587bbccef8c40abdd
590f51fa4d1bf12073fdb2dcba60ec5fa7c13584
8d7405463aeef3e97ba2d520489d00bc97accf9748b438e13a9d8561748876cf
GET /qRjBRQUMlXz8nfDJZNXx0cAFgeXVgWiIuLTYNIHh0IQEFAw4pFiU7J3sAdy0iKFdsZyYoU2xwZSdUM3x3YEQhLih7RTsnMzVEJysoKRYkIH4rXysoLypRdHMFcx5hZHF2GCYoLSJfJjJmdAA/NWZ0AGBxbXYVYgNmdAAmKC1wBHRyAWMCYTl1chViA2Z0AC-M3ZnVxYHF2aAB4ZHF2VzQiKCkVYwdxdgFhcXJ2AXRzcyBZIyQlKUh0cwV3AGRvc2BFbHA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://verysilenit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 584
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lI3ynIGIiciYk1bZ2_lL5Gqsa0KIoOPmrzrk1H1-9HKB2hJHPdyFVQ==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 280 B IP 104.18.32.68:0
Hash a276193a48c4e77877da81e099a3b504
a641e796e689acb14da9d8f820f6d3795bc69a06
07f6df38eec3e8357decd9388da978f0a43519a76d96be8d03be1a8b6cd64f67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:25 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 04:43:15 GMT
Expires: Thu, 09 Feb 2023 04:43:14 GMT
Etag: "a641e796e689acb14da9d8f820f6d3795bc69a06"
Cache-Control: max-age=358668,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947ae30698eb518-OSL
platform.bidgear.com/media/img/b15.png
172.67.74.36200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 172.67.74.36:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Mon, 20 Feb 2023 09:45:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1264205
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXL8GV5LIzhymhaKqvjR51GjW3dpjcmLBsS2YMkd5Lu8rC2ejMop5%2BATcQOy1eYnS3bh7PL5Bn2OxrE%2BZRYbqYE6mPDsItHLrVaapD7x%2BWDfGjOc6GOAdfR%2B1Hwjg%2FzM8ZBXG1Gv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947ae30e9b81c16-OSL
X-Firefox-Spdy: h2
yneationsliee.xyz/UnpEaUp9RScadwUXDgcTYiA3PHsYGyJbIgYsAjN7MBYSMRw8QmIdIzZHc197Y0JyTzo7HnlYbCEOJR0/IUd1TyM8HCtUbCRHdUd5ZlR3WGRgXDFUe3QONAgtb0tiGT4mFnlYfGVPcVxyZ0x3WHlq
172.67.193.20204 No Content 0 B URL HTTP/2 yneationsliee.xyz/UnpEaUp9RScadwUXDgcTYiA3PHsYGyJbIgYsAjN7MBYSMRw8QmIdIzZHc197Y0JyTzo7HnlYbCEOJR0/IUd1TyM8HCtUbCRHdUd5ZlR3WGRgXDFUe3QONAgtb0tiGT4mFnlYfGVPcVxyZ0x3WHlq
IP 172.67.193.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UnpEaUp9RScadwUXDgcTYiA3PHsYGyJbIgYsAjN7MBYSMRw8QmIdIzZHc197Y0JyTzo7HnlYbCEOJR0/IUd1TyM8HCtUbCRHdUd5ZlR3WGRgXDFUe3QONAgtb0tiGT4mFnlYfGVPcVxyZ0x3WHlq HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp%2FTWj6rlhCamlX1PKJlGM4QQr3TLEKSDDsSERSduwqJpW0SpKCBpEeX0%2BWZqGIDn11RfGTMObkshyP1%2FIneaoT4gCW8CZW%2FCrsKJSHaDSdRX4Oe%2F92%2FcaJBaNIcV%2FvvDKDvMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947ae304d68b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
143.204.55.90200 OK 16 kB URL HTTP/2 cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
IP 143.204.55.90:0
File type Unicode text, UTF-8 text, with very long lines (46539), with no line terminators
Hash 21d8c1af95ef899fdd41e7c655a8a8ff
ada4811f05f926093a0e3ed76d0f57eda0b5e087
d134e761ac1f89bd0e118cd5c9f05d4bc32e04ae6119411cdef6caf44918e9c2
GET /video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 15835
last-modified: Tue, 20 Dec 2022 09:10:30 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 01:02:58 GMT
etag: "21d8c1af95ef899fdd41e7c655a8a8ff"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V9ylhd2oE49dqxFCIJuydqOAa4M5S_axbPAitYXEhpj7imidMas_sA==
age: 85948
X-Firefox-Spdy: h2
cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
143.204.55.90200 OK 20 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 143.204.55.90:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash a4862f4863ac0228f9e002f8a8968d8f
eec7f481e7c17f96f443d3ccd4a4355eda02dab7
d2c03d713e9051df9c62eae50da4b35f0f2782a0c69aafbe4d4315b3e09607e8
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19872
last-modified: Thu, 26 Jan 2023 10:15:40 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 10:15:59 GMT
etag: "a4862f4863ac0228f9e002f8a8968d8f"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YBIC5Rs9rP93a9wK7CqETLNAzTEJSDsWO7yfW22EGF13jm_r_dRo1A==
age: 52766
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP 142.250.74.131:0
Hash f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21
POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmmzkfd82wayn.cloudfront.net/OWHlLWG87FiU+UCwQL2VYbk16bF5+Ezg3AShEBBwDaTgiaAIeSSE9V2gWHn4bIh12aEk0GCU/Un4cJTtSaV8qPA1lTW0sHzcSdi0FPgk4LBkyEiR+GjlEJjcVMRUnOUpqP352X31Le3AYMRcvNxgrXHloASxceWheaFd7fVwaXHloGDEXfWxKaztual8gT3-99XBpceWgdLlx4GV5oTGVoRn1Lez8KOxIkfV0eS3tpX2hIe2lKakktMR09HyQgSmo/emhadkltLVJp
143.204.42.228200 OK 595 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/OWHlLWG87FiU+UCwQL2VYbk16bF5+Ezg3AShEBBwDaTgiaAIeSSE9V2gWHn4bIh12aEk0GCU/Un4cJTtSaV8qPA1lTW0sHzcSdi0FPgk4LBkyEiR+GjlEJjcVMRUnOUpqP352X31Le3AYMRcvNxgrXHloASxceWheaFd7fVwaXHloGDEXfWxKaztual8gT3-99XBpceWgdLlx4GV5oTGVoRn1Lez8KOxIkfV0eS3tpX2hIe2lKakktMR09HyQgSmo/emhadkltLVJp
IP 143.204.42.228:0
File type ASCII text, with very long lines (816), with no line terminators
Hash df2be52b93488df40c42deda51668ae1
34843a2e6722037cc1cfd6027e53da6629dbd135
b46abb23c4794e51c5fa5a93494f7af89a0d3c1a7d4616898ad8e25ba3375bf4
GET /OWHlLWG87FiU+UCwQL2VYbk16bF5+Ezg3AShEBBwDaTgiaAIeSSE9V2gWHn4bIh12aEk0GCU/Un4cJTtSaV8qPA1lTW0sHzcSdi0FPgk4LBkyEiR+GjlEJjcVMRUnOUpqP352X31Le3AYMRcvNxgrXHloASxceWheaFd7fVwaXHloGDEXfWxKaztual8gT3-99XBpceWgdLlx4GV5oTGVoRn1Lez8KOxIkfV0eS3tpX2hIe2lKakktMR09HyQgSmo/emhadkltLVJp HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://verysilenit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 595
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YxOi-Zfo6wyQYAqu7p9-oEm8-naVtjHPKmaKg5S_D5ltNz_4m4Cnng==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/PcExVRnETIzsgTgQlMXtIRHVtcEVWJiYpHwBxJDA8IHUgHEY4JyE0NycpJ2AFCihodlccLTshTFYpOyVMQWo0IhNNeHMzEE0hOjwYHCA0Y0M2eXt2VEJ8fTEYHig6MQJVfmUoBVV+ZXdBXnxwdTNVfmUxGB56YWNCMmlndglGeHB1M1V+ZTQHVX8Ud0FFYm-VvVEJ8MiMSGyNwdDdCfGR2QUF8ZGNDQCo8NBQWIy1jQzZ9ZXNfQGoge0A
143.204.42.228200 OK 191 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/PcExVRnETIzsgTgQlMXtIRHVtcEVWJiYpHwBxJDA8IHUgHEY4JyE0NycpJ2AFCihodlccLTshTFYpOyVMQWo0IhNNeHMzEE0hOjwYHCA0Y0M2eXt2VEJ8fTEYHig6MQJVfmUoBVV+ZXdBXnxwdTNVfmUxGB56YWNCMmlndglGeHB1M1V+ZTQHVX8Ud0FFYm-VvVEJ8MiMSGyNwdDdCfGR2QUF8ZGNDQCo8NBQWIy1jQzZ9ZXNfQGoge0A
IP 143.204.42.228:0
File type ASCII text, with no line terminators
Hash 02aacd670f9d96a3d855201947209897
e7d8eac385293b214b97ba06798e9e91b5d7efe0
0c549cedd3555478e257ab08c0941026db129c8ab46d31ab2da23378df506cb1
GET /PcExVRnETIzsgTgQlMXtIRHVtcEVWJiYpHwBxJDA8IHUgHEY4JyE0NycpJ2AFCihodlccLTshTFYpOyVMQWo0IhNNeHMzEE0hOjwYHCA0Y0M2eXt2VEJ8fTEYHig6MQJVfmUoBVV+ZXdBXnxwdTNVfmUxGB56YWNCMmlndglGeHB1M1V+ZTQHVX8Ud0FFYm-VvVEJ8MiMSGyNwdDdCfGR2QUF8ZGNDQCo8NBQWIy1jQzZ9ZXNfQGoge0A HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://verysilenit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 191
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mJ78BhU1IY1UAezJerQfR6GU8MD-0TfbjjajtlSBoYlQ30ihCXGv8w==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/mZUJrOHEGLQVeThErDwVJUnRYCUlDKBhXHxV/M208CzRYXB9XFAdWOSkvTUwLAX9bHh0ELAwFVwAsCAVAQyMPWkxRZB9IHg5/HlIXFTEfThsOLU1NEFgvBEIYCS4KHUMjd0UIVFdyQ08YCyYETwJAcFtWBUBwWwlBS3JOCzNAcFtPGAt0Xx1CJ2dZCAlTdk-4LM0BwW0oHQHEqCUFQbFsRVFdyDF0SDi1OCjdXcloIQVRyWh1DVSQCShQDLRMdQyNzWw1fVWQeBUA
143.204.42.228200 OK 445 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/mZUJrOHEGLQVeThErDwVJUnRYCUlDKBhXHxV/M208CzRYXB9XFAdWOSkvTUwLAX9bHh0ELAwFVwAsCAVAQyMPWkxRZB9IHg5/HlIXFTEfThsOLU1NEFgvBEIYCS4KHUMjd0UIVFdyQ08YCyYETwJAcFtWBUBwWwlBS3JOCzNAcFtPGAt0Xx1CJ2dZCAlTdk-4LM0BwW0oHQHEqCUFQbFsRVFdyDF0SDi1OCjdXcloIQVRyWh1DVSQCShQDLRMdQyNzWw1fVWQeBUA
IP 143.204.42.228:0
File type ASCII text, with very long lines (591), with no line terminators
Hash 0c3198f0078bc52c482bc74d4970dfa1
b2dd8c060f0dcbc9703ee321128db0a37cab41d5
ff41cfa0d8e7b5bc8c8710520c735099f12ad7e26b5815ea4420555111440d1b
GET /mZUJrOHEGLQVeThErDwVJUnRYCUlDKBhXHxV/M208CzRYXB9XFAdWOSkvTUwLAX9bHh0ELAwFVwAsCAVAQyMPWkxRZB9IHg5/HlIXFTEfThsOLU1NEFgvBEIYCS4KHUMjd0UIVFdyQ08YCyYETwJAcFtWBUBwWwlBS3JOCzNAcFtPGAt0Xx1CJ2dZCAlTdk-4LM0BwW0oHQHEqCUFQbFsRVFdyDF0SDi1OCjdXcloIQVRyWh1DVSQCShQDLRMdQyNzWw1fVWQeBUA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://verysilenit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 445
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DPzm3moYfJii4QDjdb7T2rXABiSZdqIV36YrT34FVJfG6MawfFuSxg==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/2ZERDMUoHKy1XdRAtJwxyVnF6AHtCLjBeJBR5FHJyBwEmV31UdgIIbBA+Jwx6QigiXy1ZYiZfKVl1ZVAuBnl3Fz4UKygMPwogJlcjCiEnFz8FeS5eMA0oL1BvVgJ2H3pBdnMZPQ0qJ149F2FxASQQYXEBe1RqcxR5JmFxAT0NKnUFb1cGZgN6HHJ3FHkmYX-EBOBJhcHB7VHFtAWNBdnNWLwcvLBR4InZzAHpUdXMAb1Z0JVg4ASIsSW9WAnIBf0p0ZUR3VQ
143.204.42.228200 OK 364 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/2ZERDMUoHKy1XdRAtJwxyVnF6AHtCLjBeJBR5FHJyBwEmV31UdgIIbBA+Jwx6QigiXy1ZYiZfKVl1ZVAuBnl3Fz4UKygMPwogJlcjCiEnFz8FeS5eMA0oL1BvVgJ2H3pBdnMZPQ0qJ149F2FxASQQYXEBe1RqcxR5JmFxAT0NKnUFb1cGZgN6HHJ3FHkmYX-EBOBJhcHB7VHFtAWNBdnNWLwcvLBR4InZzAHpUdXMAb1Z0JVg4ASIsSW9WAnIBf0p0ZUR3VQ
IP 143.204.42.228:0
File type ASCII text, with very long lines (464), with no line terminators
Hash 7ea633964cd610174981c0b6c9ff48f9
f60ca93777febe68748889ae67be17ae4a7686d8
30b27e6b995131f9614d6b711b33ede6ab81c684c3a3f7f735daf90523944fc3
GET /2ZERDMUoHKy1XdRAtJwxyVnF6AHtCLjBeJBR5FHJyBwEmV31UdgIIbBA+Jwx6QigiXy1ZYiZfKVl1ZVAuBnl3Fz4UKygMPwogJlcjCiEnFz8FeS5eMA0oL1BvVgJ2H3pBdnMZPQ0qJ149F2FxASQQYXEBe1RqcxR5JmFxAT0NKnUFb1cGZgN6HHJ3FHkmYX-EBOBJhcHB7VHFtAWNBdnNWLwcvLBR4InZzAHpUdXMAb1Z0JVg4ASIsSW9WAnIBf0p0ZUR3VQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://verysilenit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 364
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Cek8SZEw7F9aVyRZkp3xc2QASg-Oy-z9b2VLkcRWDe3JkZKi4D_kvA==
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1675558563354
172.67.74.36200 OK 2.8 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1675558563354
IP 172.67.74.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (5362), with no line terminators
Hash d4994d7b426381eb7c0b3f3e4d108fe6
cc1f2f3f2b2edef3baeeea65106b9ead4e3256c0
6b8516806c53229f42e8523e4a47c002182b91acb839492fb2ca9963f65200cf
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1675558563354 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42G%2FbYkhrtACZG2t9Cppx9a1OAjCFRCU7ZF0DwPR%2BqeO8V0rhLcV%2ByPDcUfcIobqqgLMkJqbJRyiveJK8S%2FiBQ1%2BEo4LHgCeYboU1CfMuKnr2SDR1L6mikz4wLmKsv79lnrIn6JG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947ae30094b1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a486ae31689d6b3ebb9d30ec2b1b18eb
7fd7f4ef3749593b2b1520d0251197d42b0c02f3
eea9b7dd661e276f4b85112fb06e352564fa6c8a4dbb19e0db1db704e28f66c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEA9B7DD661E276F4B85112FB06E352564FA6C8A4DBB19E0DB1DB704E28F66C3"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12275
Expires: Sun, 05 Feb 2023 04:20:00 GMT
Date: Sun, 05 Feb 2023 00:55:25 GMT
Connection: keep-alive
ad.a-ads.com/1811811?size=300x250
46.4.20.137200 OK 5.7 kB URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 46.4.20.137:0
ASN #24940 Hetzner Online GmbH
Hash dca1c13995831ff77c53764fa601fbbb
5222ff2e2188cb74f8a33c23a041733a67c1e46a
6f7fecd74f41a7fee06c4b91a2ff61216164ee2d6bd33f189a8ab1b0d8fbc8ab
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
205.185.216.42200 OK 86 kB URL HTTP/2 cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (65020)
Hash 700d1de734b4979c4c3059b613e9d7b1
0a7d2ad10cba258cfc2e0376240852a4ae5f4012
2031fbefbf1b070dcf0ebb746438e628fdd59c7daac6952000ef9056b7294eb6
GET /prebid-video-7.22.0-2022-10-26.gz.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:25 GMT
content-encoding: gzip
content-length: 86507
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:24:00 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "700d1de734b4979c4c3059b613e9d7b1"
cache-control: max-age=31536000
x-amz-request-id: tx000000000000005698a63-0063deeb22-42d52fad-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675558525.dop018.sk1.t,1675558525.cds260.sk1.hn,1675558525.cds218.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d09cd05d951779967af874274fbb4875
119e58de80b389f59c445f045371d49e4414767e
1a3f1b8c4f3a485afca5745a30c8402d66b56434f360e11d7ec2063fc9851908
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 23:44:08 GMT
expires: Sun, 05 Feb 2023 01:44:08 GMT
cache-control: public, max-age=7200
age: 4277
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d09cd05d951779967af874274fbb4875
119e58de80b389f59c445f045371d49e4414767e
1a3f1b8c4f3a485afca5745a30c8402d66b56434f360e11d7ec2063fc9851908
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3187
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Last-Modified: Sun, 05 Feb 2023 00:02:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
verysilenit.com/utx?cb=BzCv8WgNl6Qx&top=megaup.net&tid=761186
143.204.55.59204 No Content 0 B URL HTTP/2 verysilenit.com/utx?cb=BzCv8WgNl6Qx&top=megaup.net&tid=761186
IP 143.204.55.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=BzCv8WgNl6Qx&top=megaup.net&tid=761186 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 00:56:25 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s3n0lZdYkkjw-RrmqonvEoDKM35j_TZHEvGdJTxJLDwA0m8TDOGXYw==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 398 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 6a8ec645b124575584715155fdaee43e
6ecca2af037c749acfe64d3c79ae28138a7564b4
12663b07f2808386bfb2b54e868de7e9a3394279f45772a5acf16d2c64940b3e
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 00:55:25 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2063172313%3A1675558525843409&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfTP3isLe2HGWKURJKXQ_tlTQjZpIj7iyKlVr47-QyqJdY6w4NpQnpdb1Z9LGgRGO1kg2-QHA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-ZfabdBJtJKIVBMitDW0Q1A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:fbkQv9sWOH0uSPXUaVrA62ywQ4KsDA:NuRJOXRpOHHmgbCt;Path=/;Expires=Tue, 04-Feb-2025 00:55:25 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
46.4.20.137200 OK 500 kB URL HTTP/2 static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
IP 46.4.20.137:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 500 kB (499628 bytes)
Hash e4eb2c4ec1794d4e05b77ec20607b881
4abdedcc14882e200a685cfd4240e69c60732aea
4f2c5f4d5efd47fd8d0fc9e0ceca3d637d907a682b748102378c2aa677395efe
GET /a-ads-banners/426618/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: image/gif
content-length: 499628
x-amz-id-2: cbkY4HFAruX0i64X4SsNAHAqn/Ey5wq8xJUjjo0miTC/J5orW3Z9utAC2X62hdyTMTKeQ+oDA1I=
x-amz-request-id: HGNRQXXMZA2X08AJ
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 16:37:46 GMT
etag: "e4eb2c4ec1794d4e05b77ec20607b881"
cache-control: max-age=315360000
x-amz-version-id: aMmfct8jferkXctt.IjET.eVL2M61OoN
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1866361211&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&ul=en-us&de=UTF-8&dt=POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=460479241&gjid=1991439535&cid=795692205.1675558564&tid=UA-108868042-1&_gid=911673261.1675558564&_r=1&_slc=1>m=457e3210&z=443479206
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1866361211&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&ul=en-us&de=UTF-8&dt=POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=460479241&gjid=1991439535&cid=795692205.1675558564&tid=UA-108868042-1&_gid=911673261.1675558564&_r=1&_slc=1>m=457e3210&z=443479206
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1866361211&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&ul=en-us&de=UTF-8&dt=POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=460479241&gjid=1991439535&cid=795692205.1675558564&tid=UA-108868042-1&_gid=911673261.1675558564&_r=1&_slc=1>m=457e3210&z=443479206 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Sun, 05 Feb 2023 00:55:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash c145f1ea43cecdbc2edcad2e900c70a5
cc4e9ceb17d3f7dff36369b1dc9dbd3f5d39fea2
c4fab2a3ba89c1a5d287f0ff878a9c7a4f767a66f71c702977a5d3d36da87cc0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 00:55:25 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1107624282%3A1675558525888322&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHecFujhD_0KENuPN5oztLFX6FsMeC3_2vGQbBuoqg8gOzc6F6Acoi3jMWoU_RtUc5xj2kNajw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-CK1vgMjOHeJi3fVeNR0aEA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:_204yZpKOXxw22h1oT9MzDerObrGBA:3y24NvYyBYQ1kvxT;Path=/;Expires=Tue, 04-Feb-2025 00:55:25 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Sun, 05 Feb 2023 04:16:06 GMT
Date: Sun, 05 Feb 2023 00:55:25 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Sun, 05 Feb 2023 04:16:06 GMT
Date: Sun, 05 Feb 2023 00:55:25 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Sun, 05 Feb 2023 04:16:06 GMT
Date: Sun, 05 Feb 2023 00:55:25 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Sun, 05 Feb 2023 04:16:06 GMT
Date: Sun, 05 Feb 2023 00:55:25 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12041
Expires: Sun, 05 Feb 2023 04:16:06 GMT
Date: Sun, 05 Feb 2023 00:55:25 GMT
Connection: keep-alive
dmmzkfd82wayn.cloudfront.net/
143.204.42.228200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 143.204.42.228:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Sun, 05 Feb 2023 00:55:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pf-KBOhKHP9skVFcH0jxpqmxKXTwsW1XJjDdhdiweC3Lv7XISxa6wQ==
X-Firefox-Spdy: h2
verysilenit.com/utx?cb=FgtxRyx5tA9J&top=megaup.net&tid=876318
143.204.55.59204 No Content 0 B URL HTTP/2 verysilenit.com/utx?cb=FgtxRyx5tA9J&top=megaup.net&tid=876318
IP 143.204.55.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=FgtxRyx5tA9J&top=megaup.net&tid=876318 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 00:56:25 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 06FRwLu4yKEWyVdMA_ERTwEmizTIy88ZTKV1oDwwSotG-xxQqd4qvg==
X-Firefox-Spdy: h2
verysilenit.com/utx?cb=4uyk5HB5dPIb&top=megaup.net&tid=764141
143.204.55.59204 No Content 0 B URL HTTP/2 verysilenit.com/utx?cb=4uyk5HB5dPIb&top=megaup.net&tid=764141
IP 143.204.55.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=4uyk5HB5dPIb&top=megaup.net&tid=764141 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 00:56:25 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5HNG9Zr1IbnuvvOUIi9PfXmh-vEHDv85W5fuNkqNr52V7fg1s86vyg==
X-Firefox-Spdy: h2
verysilenit.com/utx?cb=amoqK36q71Co&top=megaup.net&tid=825911
143.204.55.59204 No Content 0 B URL HTTP/2 verysilenit.com/utx?cb=amoqK36q71Co&top=megaup.net&tid=825911
IP 143.204.55.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=amoqK36q71Co&top=megaup.net&tid=825911 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:25 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 00:56:25 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ILA3_sQwO5fN58TUFGOhzzG5HGpMZJ8U1KMNOMfkzYr_E7a2hOrvjw==
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.211.10200 OK 126 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (2846)
Size 126 kB (125826 bytes)
Hash 98b1fe69946e421b8ece280ad4995eed
e6e0b95673083dd5319db64472e9505964998bc0
3ce90bb62a4f3d7a503d1a819ce1b7016837a27c17065adb97c94680a7cd870a
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125826
date: Sun, 05 Feb 2023 00:55:25 GMT
expires: Sun, 05 Feb 2023 00:55:25 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3188
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:26 GMT
Last-Modified: Sun, 05 Feb 2023 00:02:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12040
Expires: Sun, 05 Feb 2023 04:16:06 GMT
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 015f5c5bcac8621c22627b1ce089dc69
6323621b7e270307f37a3634fd0f227ac2a1af97
a9dc64acbc551f0069ff22fa2efb7aa75c371b10302fd31e6a432d8c06a9b2d3
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:55:26 GMT
Last-Modified: Sat, 04 Feb 2023 23:37:06 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WVKD2CK-_LkbgV7RfoHVR3SBA_q9IS67dIbC3YWD2bG7pDt_Y1YonQ==
Age: 4700
parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=uEjyOz2dPTSi
108.157.214.68204 No Content 0 B URL HTTP/2 parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=uEjyOz2dPTSi
IP 108.157.214.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=uEjyOz2dPTSi HTTP/1.1
Host: parrecleftne.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 00:56:26 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: pzhRzyIqvWOhdrOF9aNbgD2DOwnN6xW9NFyYbTtA3z8R3tCk6xJNTA==
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1675558563602
54.209.197.115200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1675558563602
IP 54.209.197.115:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1675558563602 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzEyQW43L1BPS0xFR0FSQy1OU3dUY0gtTlNQLVVwZGF0ZTExMC1aaXBlcnRvLnJhcg==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 5c10eac2-3e4a-4989-893b-de87efcdcd01
x-api-version: 0.44.8
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b32d45a75459dc3d6106bdaa187bad2
ac8c14aab07ccf9e2361b6e97dd99533a7cf663c
78d2731715d2c9787631e6e6d3d073b6e96af3e5373a25080d298b8214591bbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 00:04:31 GMT
Expires: Thu, 09 Feb 2023 00:04:30 GMT
Etag: "ac8c14aab07ccf9e2361b6e97dd99533a7cf663c"
Cache-Control: max-age=341943,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947ae34cc4cb518-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b32d45a75459dc3d6106bdaa187bad2
ac8c14aab07ccf9e2361b6e97dd99533a7cf663c
78d2731715d2c9787631e6e6d3d073b6e96af3e5373a25080d298b8214591bbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 00:04:31 GMT
Expires: Thu, 09 Feb 2023 00:04:30 GMT
Etag: "ac8c14aab07ccf9e2361b6e97dd99533a7cf663c"
Cache-Control: max-age=341943,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947ae353ca5b518-OSL
theharityhild.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 396
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
theharityhild.buzz/ZmN2b3M9QU5cQVBQRU1fREFaTRVeUEUMQ1IBW1kWVgFbWxcEU1tWR15UWwlFAwYTDBYFABUMFkRPVAtFBFFAC0NRThBZQldOQlcQUk4UX0tSTk5ZQgBSRA1DVwUVXVFKQQUYUUpBAgcWDgIEBgcfCx8DF0gBAxUJRE9UXkNIVlRDFQcPBQpfAAIaHBZKBRcDAAM%2B
52.20.131.174200 OK 13 kB URL HTTP/2 theharityhild.buzz/ZmN2b3M9QU5cQVBQRU1fREFaTRVeUEUMQ1IBW1kWVgFbWxcEU1tWR15UWwlFAwYTDBYFABUMFkRPVAtFBFFAC0NRThBZQldOQlcQUk4UX0tSTk5ZQgBSRA1DVwUVXVFKQQUYUUpBAgcWDgIEBgcfCx8DF0gBAxUJRE9UXkNIVlRDFQcPBQpfAAIaHBZKBRcDAAM%2B
IP 52.20.131.174:0
File type ASCII text, with very long lines (33865), with no line terminators
Hash ff2d5061901e60a61ba1ff970971ce90
9e4c21f8dc5dd0063f4839ba1eb73b54976092de
762a6b5dac71a50462005779618b2c4ed61933579957744068b9f7627f61fe7d
GET /ZmN2b3M9QU5cQVBQRU1fREFaTRVeUEUMQ1IBW1kWVgFbWxcEU1tWR15UWwlFAwYTDBYFABUMFkRPVAtFBFFAC0NRThBZQldOQlcQUk4UX0tSTk5ZQgBSRA1DVwUVXVFKQQUYUUpBAgcWDgIEBgcfCx8DF0gBAxUJRE9UXkNIVlRDFQcPBQpfAAIaHBZKBRcDAAM%2B HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 12d8f0f65b651c801866d291c7c269c1=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8449-Lqfhtmzkjzm/WEIcKamBJpMbtMA"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947ae360b140b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 102 kB IP 172.64.173.27:0
Size 102 kB (102462 bytes)
Hash ee2a3f2ac3b4a1a5b0f9ddd6624f4b34
f2fa880c48e4b26ad8cdf9e211775aa7ca762d1c
7ee8cc601b10494df6756e9db43d303528d7430b4d4a43946a1d54f6509a2275
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4674
last-modified: Sat, 04 Feb 2023 23:37:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNHs8TyF%2Bn%2FBDZ9Tbep3fnFgH56IFPUN1ArVTd7%2FUXg33wVRv1RrdEF9oSDM0IpCyx7APPp5DLEihFyrUDW%2B15%2BDtWFnB8mO7RXZWN7R9UMxwhR7yQuw%2FWJjHsYcOYcc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947ae333dde24ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 559 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 94d040971869caa0fbae3b09985b683f
7422b1b46bb30c29b1f12fd8b60eedeae471b2de
a313580e4cec6093b64bb1fc741106c1c1577593b7b09d8782395badd9a8fc17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B66E9F9073E01F210A393EE3D55AC5F381D3CC19B16728D797612FFB1BB77273"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7848
Expires: Sun, 05 Feb 2023 03:06:14 GMT
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
dxgm9flkxdqq.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 dxgm9flkxdqq.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: dxgm9flkxdqq.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:26 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
pogothere.xyz/asd100.bin
172.64.173.27200 OK 102 kB IP 172.64.173.27:0
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4674
last-modified: Sat, 04 Feb 2023 23:37:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BS42GX86lySdjeiuk%2BmDSpTsDgqkulIfwwM5T7KcOV8KSRMbtDBrv7mpEjQEwoBp3iWCwnrGCap9AaE13QGAcbnkwKt26vOR8AZ8VpU1sOqxtelSE9A%2FI6h%2FW%2BKeDYz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947ae334de424ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
verysilenit.com/multi?cs=ZjduVGReDlxkVlMAW2VRXgRfYlc&abt=0&red=1&sm=76&k=download%20file%20poklegarc%20nswtch%20update110%20ziperto&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=110.37527593818984&ref=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Kwm2=1675558564085&crc=1
143.204.55.59200 OK 1.6 kB URL HTTP/2 verysilenit.com/multi?cs=ZjduVGReDlxkVlMAW2VRXgRfYlc&abt=0&red=1&sm=76&k=download%20file%20poklegarc%20nswtch%20update110%20ziperto&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=110.37527593818984&ref=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Kwm2=1675558564085&crc=1
IP 143.204.55.59:0
File type ASCII text, with very long lines (3299), with no line terminators
Hash 92175da60a09288e1147864f2ba3728a
ff9c5c81dffde5c8ebf17e8ca1c6a90d5ae078eb
1de6fa174db703ff2b1e99633b9001dc6850507228f89e236cb81cbbd09cabcd
GET /multi?cs=ZjduVGReDlxkVlMAW2VRXgRfYlc&abt=0&red=1&sm=76&k=download%20file%20poklegarc%20nswtch%20update110%20ziperto&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=110.37527593818984&ref=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Kwm2=1675558564085&crc=1 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1587
date: Sun, 05 Feb 2023 00:55:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=07386a0d-04b2-4513-8c9a-b6d26bd0327f
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qEblfs8sgl-ZZZQp55kQ32jjE6eW5DzaK-NKA0DGeHwOs5B_XiMlHQ==
X-Firefox-Spdy: h2
theharityhild.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 360
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 576a17ec7fb5f36c6d5bb5f6b279b364
597aa074548b37188e076b4dfbb009a14545765e
aafa5e0c6f850cfefbf0729f539ad905161452f8eda46b9e2eedc287f817d2ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAFA5E0C6F850CFEFBF0729F539AD905161452F8EDA46B9E2EEDC287F817D2CE"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=634
Expires: Sun, 05 Feb 2023 01:06:00 GMT
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6; _ga=GA1.2.795692205.1675558564; _gid=GA1.2.911673261.1675558564; _gat_gtag_UA_108868042_1=1; a=rx1ETT7mqZ2HaMTF6qaQCFLCLdvhq306
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:26 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-2023-01-25.js
205.185.216.42200 OK 120 kB URL HTTP/2 cdn.psdn.xyz/prebid-2023-01-25.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (64850)
Size 120 kB (119462 bytes)
Hash a77d424b9b6e1c7570d6a0db5b34b30f
4a99df09bfd37946861ca046aacbaf7e56cc528f
2c04eba6e2c5bf858a574c8ba092b3c82a4488db0f8986375875174dcbd67389
GET /prebid-2023-01-25.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
content-encoding: gzip
content-length: 119462
content-type: application/javascript
last-modified: Wed, 25 Jan 2023 08:39:03 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "a77d424b9b6e1c7570d6a0db5b34b30f"
cache-control: max-age=31536000
x-amz-request-id: tx00000000000027ce145bc-0063d0f211-34c5ae65-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675558526.dop018.sk1.t,1675558526.cds260.sk1.hn,1675558526.cds263.sk1.c
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 129838
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QikVMbFyNmpNSgbMqGiXSYdb7hN7ndm3tNsb42nQClawVOZude2%2BdyjJgNIiyI%2FtjNb6OQnanffrZn2UFe3pFsemGFw7FxW3TdaecDf%2F9pL%2BjHUve4K3JF%2B9%2BLUDYVhh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7947ae385dc61c16-OSL
Content-Encoding: br
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3198
Expires: Sun, 05 Feb 2023 01:48:44 GMT
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3198
Expires: Sun, 05 Feb 2023 01:48:44 GMT
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3198
Expires: Sun, 05 Feb 2023 01:48:44 GMT
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
IP 34.120.237.76:0
File type gzip compressed data, max compression\012- data
Hash 71a4ab0be3f4907eefefbceb077c93d1
e0d9df704741f515b1ff6f911288cf5687b218a0
cc7b257157928b4a3c5de21deb20a914a6117173f5fecde3041ba9205069f9b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5801
x-amzn-requestid: 441284a8-923a-4b22-b39f-95dec713c292
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fjj9jHu_IAMFZ-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7b389-788174a773fcd695540cc95e;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 12:09:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DgvqiQwdytO2caPNzg2OhGcv8ly9N_YeQTzpuf6iwAVt8AQZEXRLqw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 11494
etag: "48c408d37a7bd7f96653174359178eed46ddf298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f28ffcf384ce958b6302d05b6690c088
e5d4cbfc7482d35ee2ca03a7178426f3e2e97010
725d42a020d496f596074794cc2abdaca8a9b821e1a3502eee26056d0f528506
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7665
x-amzn-requestid: 001ba86d-ebc8-4819-89f7-1604bc059cd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGibFeqIAMFqMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8475-076d982b5fccf2b931a05976;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:10:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gnkjykHYcMthJkIb-A1P1rRw9FZieh3TmoTT3qVaceWw03TQNX8qfQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:32:24 GMT
age: 8582
etag: "e5d4cbfc7482d35ee2ca03a7178426f3e2e97010"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b596a8e984911df703e15c72d25d513
a1fa1355f4de6f246d35bed9f128e13fc9dc4e72
aba708124199ec6b0ce86ac14c6c18d233ff405071a7f22522217c2fcb0aa9b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13557
x-amzn-requestid: 981a0f31-e874-4392-a81d-12d667020700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-JGEsoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca85a-7398031f2676734c65447e5b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3dw5Oj2su-_kCvpC1jDJsyAEUPzaexgTzhAC9yAYSyXTFRVge2FR6Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 9883
etag: "a1fa1355f4de6f246d35bed9f128e13fc9dc4e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 111 kB IP 172.64.173.27:0
Size 111 kB (111091 bytes)
Hash a81b5c0d8839bdd6657261173d2fde8c
384370b4bfdab685eb7c5ed6b3daedea9c91793a
84812815da9c47cec0b228c22c570571cfcf8f1afdfc3ed4e8e75e268082db86
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4674
last-modified: Sat, 04 Feb 2023 23:37:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnUxtoLWx%2BkZ9P%2Fy636J8pPJNssk9DmieI90TBtLj7JeJFdpthE63m7thZtS%2Bxaq%2BpUWY3eI%2BwdhzCey%2FqBxONvX%2BqNoMO5ikp1BzioEM5Z1lXkBMO4dvspx7%2F73%2FBvw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947ae334de924ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3e7140400336984afc6093c1246f863
59e0b21cdf4cfdac3f1ea05badd007727939ac42
4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:55:41 GMT
age: 46785
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dvxlk1iSyNfjmNRI_8HcmhG9_xe0ZlaZ0Pzj0H9EBR6wwXKg0L7YVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 05:55:27 GMT
age: 68399
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e825fa17a623e7dfc3a144c1fbefb7fe
50d637cac8808b59196ff18040db1369cad9d51e
dfe2a451b1389c328ed0867dd6cff4fcec3f17c5444d206c902956792aa721a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFE2A451B1389C328ED0867DD6CFF4FCEC3F17C5444D206C902956792AA721A8"
Last-Modified: Thu, 02 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18477
Expires: Sun, 05 Feb 2023 06:03:23 GMT
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
script.4dex.io/adagio.js
104.26.8.169200 OK 23 kB IP 104.26.8.169:0
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1062422
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCkKZPJ4mpLYQB3mzW67nkobr9KVAJyJS6B8WUjkzN%2B%2BfNZsu9fEPj24%2F7N94WnG%2FcEA5Z%2FmcD6GzkTqWMR%2FBrtl0m647mZURDYAeSJm4gcOrtcYMRWzd3ORHKV4aQ4W"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7947ae38e86ab4f9-OSL
Content-Encoding: br
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 8538588a56a58ae265f337c34aa913bf
2902f7ca459bd342268bdc18ae524f85281748b5
7ed6f5637c766a0c6635aeb0cfc67df462bdc4a1f296b46c7cc656fef88d5443
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 07:45:26 GMT
Expires: Sat, 11 Feb 2023 07:45:25 GMT
Etag: "2902f7ca459bd342268bdc18ae524f85281748b5"
Cache-Control: max-age=542398,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947ae38beabb518-OSL
script.4dex.io/localstore.js
104.26.8.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 129838
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdkeIOAZdLplMip7emoe3lcMbMR%2B24vvToaDUf3midKp6xpmWbGvnRI6fbnLvAecaLXVeP0mDZO3nzjXQWxYQ%2BSH%2BsRLOi9b%2Bnx%2BxDdLPuaU5IFqodWeOgjeXqmUDGqK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7947ae390e061c16-OSL
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1157
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Sun, 05 Feb 2023 00:55:26 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
dxgm9flkxdqq.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 dxgm9flkxdqq.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: dxgm9flkxdqq.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:26 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1144
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Sun, 05 Feb 2023 00:55:26 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 66843e195ea56e920f9c1ddca996d227
2299eecb5587bbd1ba1701f9951e208840060616
0aa2394a29ad83a5bb73a7e83f637ab64a2119a52516c24def386fd1df2617ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3384
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:26 GMT
Last-Modified: Sat, 04 Feb 2023 23:59:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
script.4dex.io/adagio.js
104.26.8.169304 Not Modified 0 B IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Sun, 05 Feb 2023 00:55:26 GMT
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1062422
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6BYPyDEiTTwcoxSRHYJqmgZ7yoLfKQmqcnLkxkB2OVnNkOwJ9K86HaePNScHtS%2BP0uDx%2BJDNB4tEECKVo5ZaHbQzi2cDtnbrAro%2BtTFPsYA12n7eZEqDyaw71Plgqiw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7947ae3958e1b4f9-OSL
verysilenit.com/floater?cs=RWNjYmtwVltVWXZWUFRefFZQVlk&abt=0&red=1&sm=83&k=download%20file%20poklegarc%20nswtch%20update110%20ziperto&v=0.9.1.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=110.37527593818984&ref=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_TuHL=1675558564084&crc=1
143.204.55.59200 OK 5.5 kB URL HTTP/2 verysilenit.com/floater?cs=RWNjYmtwVltVWXZWUFRefFZQVlk&abt=0&red=1&sm=83&k=download%20file%20poklegarc%20nswtch%20update110%20ziperto&v=0.9.1.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=110.37527593818984&ref=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_TuHL=1675558564084&crc=1
IP 143.204.55.59:0
File type ASCII text, with very long lines (8471), with no line terminators
Hash a5e6225e513fcc2b6a3bce7f6f08ee53
60424480a95a0b2dbcb2bdaf55b218f457cbf066
7b81fa589a06119bb75e9f8bd472e0047338a21ccf48acb92b046b71c3434f5e
GET /floater?cs=RWNjYmtwVltVWXZWUFRefFZQVlk&abt=0&red=1&sm=83&k=download%20file%20poklegarc%20nswtch%20update110%20ziperto&v=0.9.1.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=110.37527593818984&ref=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_TuHL=1675558564084&crc=1 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 5471
date: Sun, 05 Feb 2023 00:55:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=7a2d0aa6-b1d1-4cf1-aa37-060508f3d21d
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M4YefU_t32WxW_ELdWZ3-yQixa19MIt_4JcJp1eed2wRDQ-5uMe3Rw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 1.4 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
Hash d39b423f7fd7410bf04643a4fdf39d86
fe7f52a78aacbc4defe0e4a8bbe6b585901c4877
299ff88e62d7f9aa6799d2d524bb8c51ee6310d8c920656fd36b58bdaabbd491
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2029
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7947ae396b471c0e-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash be9e8cb2aab1308dbbfe84176ba71381
3afbd8ac51e9a06b39de53eae8445c8e940560c7
cf46b12da26af447243709f718e2f84e6ca8f3ca5e4e25495b6da61114bb88dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4373
Cache-Control: max-age=95434
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:26 GMT
Etag: "63ddbf33-1d7"
Expires: Mon, 06 Feb 2023 03:26:00 GMT
Last-Modified: Sat, 04 Feb 2023 02:13:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1160
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Sun, 05 Feb 2023 00:55:27 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2131
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7947ae39bb731c0e-OSL
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 737
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.46200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.46:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f7bfe2b254ad8cb9e68cfd41c174d669
d8126b5d3f48abb533c9ebdc0ebc5848d915612a
3bdb4f1f14540357fef8b164e4589fee87ca15453c8238b2dcff2fcb804006f7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1021
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 4d6d84d5-4359-4841-b8d8-01c30adcad51
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMP_8-54GOAFAAUgBEP_8-54GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7028630098743991307; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
api.purpleads.io/x/init?ts=1675558564721
54.209.197.115200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1675558564721
IP 54.209.197.115:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1675558564721 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzEyQW43L1BPS0xFR0FSQy1OU3dUY0gtTlNQLVVwZGF0ZTExMC1aaXBlcnRvLnJhcg==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: a11ffb19-b49c-44f3-bc1f-b9a4f638ee0d
x-api-version: 0.44.8
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.46200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.46:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8f25bffcd531b0846119baa0f369bd2c
a1462663be6268822132f21018fe042e75951e48
eaecd84c38053bf55f3970c8bedaa836226cff2826b6e28c9f6a53a21931f82d
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 896
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5fbfac00-bae8-494e-8829-c54db75ee29e
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMP_8-54GOAFAAUgBEP_8-54GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=946795846691968093; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 559e28226cae3d9dcc05a4b3b2397e9d
9554456b30a6948aceb7102906e93342907b065f
13c46ddee7d04c6128ab27034d24127c18bb40c5a053da4f641209eb9f693445
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:55:27 GMT
Last-Modified: Sun, 05 Feb 2023 00:44:28 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a8GvNEUkBdkoXeXsFb5HmM8X0PqCLywzbLMWTlA6OLOjyB6ROqAZ3g==
Age: 659
tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&tmax=3000
52.59.131.18200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&tmax=3000
IP 52.59.131.18:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 524
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cd20b8e5802898377dba837f6f5b775d
34162008d3de3025378ac930d8cffd0cb4cf0c57
a6e7db76f7ad7706797e494c1f9d85bb01983a28bd112dabd63caa7220b85bb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6E7DB76F7AD7706797E494C1F9D85BB01983A28BD112DABD63CAA7220B85BB1"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1670
Expires: Sun, 05 Feb 2023 01:23:17 GMT
Date: Sun, 05 Feb 2023 00:55:27 GMT
Connection: keep-alive
adsco.re/p
162.252.214.5200 OK 133 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 2218c17cd13fd1a251f3ad224b45b02f
5f1f51ca53d219dd6fb5eaf0b3ccb8a091923eb7
632c6e171da17c92767954572558333e33b86deb423cb1ffc809b7fb758568de
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Length: 2023
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:55:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
engine.4dsply.com/verify?sig=BAYAY97-fwFj3v5_gAGBAcAAIEytB-JpDEDH9-yQN4JtKLHdA0Fe5FOHPM-uxFeI7QOOwQAgbwvxm4ouzZUvguiuQHir5h_trVregwzOq09667yTJWc
104.16.158.17200 OK 17 B URL HTTP/2 engine.4dsply.com/verify?sig=BAYAY97-fwFj3v5_gAGBAcAAIEytB-JpDEDH9-yQN4JtKLHdA0Fe5FOHPM-uxFeI7QOOwQAgbwvxm4ouzZUvguiuQHir5h_trVregwzOq09667yTJWc
IP 104.16.158.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f9bf086d73f8b7cc483324aedb224ed0
be03b282679354a90df7b59b4c92da6e8caeaccc
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
GET /verify?sig=BAYAY97-fwFj3v5_gAGBAcAAIEytB-JpDEDH9-yQN4JtKLHdA0Fe5FOHPM-uxFeI7QOOwQAgbwvxm4ouzZUvguiuQHir5h_trVregwzOq09667yTJWc HTTP/1.1
Host: engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
x-adscore-status: bot
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947ae3b8acab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Sun, 05 Feb 2023 00:55:27 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 129839
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDnlEG%2BgJHBsgZUatuhsB1Mqy21vHANrregEKHOzED4AoP82NrFt8NaYTFmTOvO7rA1oVLvxo%2B%2B%2B%2BwXeLWXKosGZExqxUJc6jctAsDBljnfokOT4la%2FBUTcERhxMIKqU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7947ae3c4f9d1c16-OSL
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1179
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Sun, 05 Feb 2023 00:55:27 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.8.169304 Not Modified 0 B IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Sun, 05 Feb 2023 00:55:27 GMT
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1062423
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5GwjLM%2BgIAutmY2H12bOjqJsobUBLkODfpzduxMnjwCoE5roAIPxeS12YIuBpA%2BKocrlHaeKVYRNkA9RtMWBDhPUOZmK2Kgz%2B2dVkLqEcIZv6WS0NHTHJYxRdnRoxVG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7947ae3c7b01b4f9-OSL
tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&tmax=3000
52.59.131.18200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&tmax=3000
IP 52.59.131.18:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F12An7%2FPOKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 557
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 771
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2130
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7947ae3c7ca71c0e-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.46200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.46:0
File type JSON data\012- , ASCII text, with no line terminators
Hash df9257e0c4dd5956774b4f2b319098b6
b2a520cf9bfb77add4dfa3113565da8fb06ff181
74015aefc73fb59c4c1a56407b1116eb4120e767b7ff8c4153580ae2c80f4333
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 995
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 0f1d4d29-90bd-4891-a8a9-f19036a2c6f4
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMP_8-54GOAFAAUgBEP_8-54GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6772813541293636461; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.221.35200 OK 7.1 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.221.35:0
Hash 3cc5a66b40a204971d1d3c533d0bea90
5125b92822b8e273265c75bbbcaec77ca71df277
75d07f304bfdee8cfbef7650b752db700c6cdc68a7908c2abd2840915112ea9d
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: GijGNitKDHFmqacbLGrd99Gc4vM2rApEiDFyPwfwv5mBqOMlmJZBxLRh3LkHnqoZHEG+Q9rfzFxm7XdrbaM0RA==
date: Sun, 05 Feb 2023 00:55:25 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&demand=unifiedPb&ts=1675558565386
54.209.197.115200 OK 121 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&demand=unifiedPb&ts=1675558565386
IP 54.209.197.115:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4927716314c4d13889316492a9cbf9f2
18f5299ae68ad80f48311b4bb07570ac88127e87
931f1f849bde6b6fb24d9dc32d806aac6bedc56ec9aad7e2b2a6c5bac32604d6
GET /x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&demand=unifiedPb&ts=1675558565386 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzEyQW43L1BPS0xFR0FSQy1OU3dUY0gtTlNQLVVwZGF0ZTExMC1aaXBlcnRvLnJhcg==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json; charset=utf-8
content-length: 121
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 12d1578a-e078-4d5d-9143-2a7322180acf
x-api-version: 0.44.8
set-cookie: pa-user-id=a8e19900-8995-4383-bf2b-23310e87274d; Domain=.purpleads.io; Path=/
pa-user-id: a8e19900-8995-4383-bf2b-23310e87274d
etag: W/"79-GPUpmuaK2A9IMRtLsHVwrIgSfoc"
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&demand=unifiedPb&ts=1675558565590
54.209.197.115200 OK 121 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&demand=unifiedPb&ts=1675558565590
IP 54.209.197.115:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 15ad9a62490eefcfea1d7c6175647615
682319082a1c2223c3fa17f59ed184d5a02c9390
d14bd4440b1f3184549b2dac94dd300fe759164546ad64613060dbd80c567eb9
GET /x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&demand=unifiedPb&ts=1675558565590 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzEyQW43L1BPS0xFR0FSQy1OU3dUY0gtTlNQLVVwZGF0ZTExMC1aaXBlcnRvLnJhcg==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json; charset=utf-8
content-length: 121
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 28f5f4f4-61fc-4218-ae99-761345c31d72
x-api-version: 0.44.8
set-cookie: pa-user-id=cc099cef-d1ee-40a3-8781-fc9e7620545f; Domain=.purpleads.io; Path=/
pa-user-id: cc099cef-d1ee-40a3-8781-fc9e7620545f
etag: W/"79-aCMZCCocIiPD+hf1ntGE1aAsk5A"
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&demand=unifiedPb&ts=1675558565590
54.209.197.115200 OK 472 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&demand=unifiedPb&ts=1675558565590
IP 54.209.197.115:0
Hash ac9a77e47d7ef2dc0b688dcaf3bffa64
6656c087f40855b8bfad49273271cf8e852a84b0
0c5958fc0a3123c48a1c2d31a048611da73ca46cf8e0f12571b6682a110e089b
OPTIONS /x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&demand=unifiedPb&ts=1675558565590 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: c3f643dd-50c6-40fa-93e3-0858ea903e4d
x-api-version: 0.44.8
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/ISScEAKWoTw
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/ISScEAKWoTw
IP 142.250.74.131:0
Hash ac9a77e47d7ef2dc0b688dcaf3bffa64
6656c087f40855b8bfad49273271cf8e852a84b0
0c5958fc0a3123c48a1c2d31a048611da73ca46cf8e0f12571b6682a110e089b
POST /s/gts1p5/ISScEAKWoTw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:55:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sheetvibe.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQBEHRg5DDeFOQSff82hmDBNdkZTFuliSyN6G6qnr3ud1VTVX39OyeFgXJSUY8JMfab7O7qImYP0CUXi%2ByXjIHZUX3X1AMeFVmMmb0QdX78b3DV%2B999fFuccoCFPxk9V2zTUnCL3QaQf2VNdLSlK6%2BcrMeBo3gYn2NdLd9sT6cXHbwehh0GsGr9beV2DQXmkEYBGEQ1pfIqtgML0xRUHavHzb6QaPdbISdNobWwxU1OF6DHJyy50Fy%2FPTGDw9AooJOv76s3GZusteupEXCc2MxkIfv6U1tSo10Hsa2hlgfzrph3JixO2dg9OGMNczg7oQ1Ihqz2s8hIn04o4ZosP%2BYXZRAaUTyGZSDCiqpQLyCMB%2BB5EMGCImVa9DpwYqxJd96jPIJOmZn%2F3oEKsfs7G8vQKdfLSY0rN8wSZGT0Q7D2IOGFWi9QlYcId9moPIIIv8QJBl06kHST19NVIHiCokagTuGYnKIoYhrKLIaUnlS551%2BHAQLcRS3Wr22EKLVEqLT68qObLV7cYBCTGiNkGcjiGQEYXeQ2R1s0gi2%2BATkKhTcgzKPzB30mp1%2BGEKJ40uPWlMDp5N6i%2Fc7zUj0g063G4RhJFQviuOwLYMwkPFCCxEdX1q4%2FWP%2F75%2BeRUIMih9%2F%2BwebGpz20IXf05Y8rDpmM9uzMj%2B%2B9KRrw8NJBpczDKRHqRhKx1ByhpIYypyhHPh9mbim8wcycUUUznxz5lt%2Bz%2BTrft%2Fk60qz3eyUPTfdyZ%2FifWyqk3ociGYv7rdbzV673496sr3Q6va6UoSyp9o9CUf%2FToDcGXBXwzaN2Yu%2F%2Fo5sIhf5GSJ%2BBJccQdDL4MV58NKDb3hsaw9p7rsNpfIBRaohTIosP4d8q7abnLKXpkS6d279b7bCemTW4wP6nmE9ubV33ZTs7nVTOvbgWpZTStt8IpwbOc%2FVU1%2B8o7ZKY%2BXyZTf6%2FE0xASbhvZvK5Ve5lqTXHftykaRUdslYodg3y25NRauF21gsrC6yq6tvLS2nmVXOkdEVOD28chuCxuzcp79Mv8T5%2B2%2BAbAVbeKTFk12BTAWR7cBl85ozDDaZ51HGUBZ%2BzzajeXGihmS%2BdPDIw%2F0nj%2BbxrvsOjjxyx%2F4BAAD%2F%2FwEAAP%2F%2F4D9zynwEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1675558526&pid=91283&sub2=icon&auid=3a952bc90566011bce8bff14d010df73&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
172.64.103.7307 Temporary Redirect 0 B URL HTTP/2 sheetvibe.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQBEHRg5DDeFOQSff82hmDBNdkZTFuliSyN6G6qnr3ud1VTVX39OyeFgXJSUY8JMfab7O7qImYP0CUXi%2ByXjIHZUX3X1AMeFVmMmb0QdX78b3DV%2B999fFuccoCFPxk9V2zTUnCL3QaQf2VNdLSlK6%2BcrMeBo3gYn2NdLd9sT6cXHbwehh0GsGr9beV2DQXmkEYBGEQ1pfIqtgML0xRUHavHzb6QaPdbISdNobWwxU1OF6DHJyy50Fy%2FPTGDw9AooJOv76s3GZusteupEXCc2MxkIfv6U1tSo10Hsa2hlgfzrph3JixO2dg9OGMNczg7oQ1Ihqz2s8hIn04o4ZosP%2BYXZRAaUTyGZSDCiqpQLyCMB%2BB5EMGCImVa9DpwYqxJd96jPIJOmZn%2F3oEKsfs7G8vQKdfLSY0rN8wSZGT0Q7D2IOGFWi9QlYcId9moPIIIv8QJBl06kHST19NVIHiCokagTuGYnKIoYhrKLIaUnlS551%2BHAQLcRS3Wr22EKLVEqLT68qObLV7cYBCTGiNkGcjiGQEYXeQ2R1s0gi2%2BATkKhTcgzKPzB30mp1%2BGEKJ40uPWlMDp5N6i%2Fc7zUj0g063G4RhJFQviuOwLYMwkPFCCxEdX1q4%2FWP%2F75%2BeRUIMih9%2F%2BwebGpz20IXf05Y8rDpmM9uzMj%2B%2B9KRrw8NJBpczDKRHqRhKx1ByhpIYypyhHPh9mbim8wcycUUUznxz5lt%2Bz%2BTrft%2Fk60qz3eyUPTfdyZ%2FifWyqk3ociGYv7rdbzV673496sr3Q6va6UoSyp9o9CUf%2FToDcGXBXwzaN2Yu%2F%2Fo5sIhf5GSJ%2BBJccQdDL4MV58NKDb3hsaw9p7rsNpfIBRaohTIosP4d8q7abnLKXpkS6d279b7bCemTW4wP6nmE9ubV33ZTs7nVTOvbgWpZTStt8IpwbOc%2FVU1%2B8o7ZKY%2BXyZTf6%2FE0xASbhvZvK5Ve5lqTXHftykaRUdslYodg3y25NRauF21gsrC6yq6tvLS2nmVXOkdEVOD28chuCxuzcp79Mv8T5%2B2%2BAbAVbeKTFk12BTAWR7cBl85ozDDaZ51HGUBZ%2BzzajeXGihmS%2BdPDIw%2F0nj%2BbxrvsOjjxyx%2F4BAAD%2F%2FwEAAP%2F%2F4D9zynwEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1675558526&pid=91283&sub2=icon&auid=3a952bc90566011bce8bff14d010df73&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 172.64.103.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQBEHRg5DDeFOQSff82hmDBNdkZTFuliSyN6G6qnr3ud1VTVX39OyeFgXJSUY8JMfab7O7qImYP0CUXi%2ByXjIHZUX3X1AMeFVmMmb0QdX78b3DV%2B999fFuccoCFPxk9V2zTUnCL3QaQf2VNdLSlK6%2BcrMeBo3gYn2NdLd9sT6cXHbwehh0GsGr9beV2DQXmkEYBGEQ1pfIqtgML0xRUHavHzb6QaPdbISdNobWwxU1OF6DHJyy50Fy%2FPTGDw9AooJOv76s3GZusteupEXCc2MxkIfv6U1tSo10Hsa2hlgfzrph3JixO2dg9OGMNczg7oQ1Ihqz2s8hIn04o4ZosP%2BYXZRAaUTyGZSDCiqpQLyCMB%2BB5EMGCImVa9DpwYqxJd96jPIJOmZn%2F3oEKsfs7G8vQKdfLSY0rN8wSZGT0Q7D2IOGFWi9QlYcId9moPIIIv8QJBl06kHST19NVIHiCokagTuGYnKIoYhrKLIaUnlS551%2BHAQLcRS3Wr22EKLVEqLT68qObLV7cYBCTGiNkGcjiGQEYXeQ2R1s0gi2%2BATkKhTcgzKPzB30mp1%2BGEKJ40uPWlMDp5N6i%2Fc7zUj0g063G4RhJFQviuOwLYMwkPFCCxEdX1q4%2FWP%2F75%2BeRUIMih9%2F%2BwebGpz20IXf05Y8rDpmM9uzMj%2B%2B9KRrw8NJBpczDKRHqRhKx1ByhpIYypyhHPh9mbim8wcycUUUznxz5lt%2Bz%2BTrft%2Fk60qz3eyUPTfdyZ%2FifWyqk3ociGYv7rdbzV673496sr3Q6va6UoSyp9o9CUf%2FToDcGXBXwzaN2Yu%2F%2Fo5sIhf5GSJ%2BBJccQdDL4MV58NKDb3hsaw9p7rsNpfIBRaohTIosP4d8q7abnLKXpkS6d279b7bCemTW4wP6nmE9ubV33ZTs7nVTOvbgWpZTStt8IpwbOc%2FVU1%2B8o7ZKY%2BXyZTf6%2FE0xASbhvZvK5Ve5lqTXHftykaRUdslYodg3y25NRauF21gsrC6yq6tvLS2nmVXOkdEVOD28chuCxuzcp79Mv8T5%2B2%2BAbAVbeKTFk12BTAWR7cBl85ozDDaZ51HGUBZ%2BzzajeXGihmS%2BdPDIw%2F0nj%2BbxrvsOjjxyx%2F4BAAD%2F%2FwEAAP%2F%2F4D9zynwEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1675558526&pid=91283&sub2=icon&auid=3a952bc90566011bce8bff14d010df73&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: sheetvibe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Sun, 05 Feb 2023 00:55:29 GMT
content-length: 0
location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-request-id: cb140550144993eed0c05084e9348ff4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuCv7culBEn8HCozpl33wQuCjVn3HDWREz6%2BU6nxKt8V9l6S6QQfpdwxfGZzeicGsF5JOsjNFkyZ0IwbnUD9HLQvK7B89bwD8RH40YSHDH8shUsEnYuIdKocFy8H88Hk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947ae47281e7762-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 98f0950ed03ec36f411e972a9c167b2a
f5da8f3faa05536769ce459ed3028a1f0bec4fb0
9db298b3908012b0310ffc50ae948424d0ec38a8f1f9b6ae09c36a64f596e91b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5070
Expires: Sun, 05 Feb 2023 02:19:59 GMT
Date: Sun, 05 Feb 2023 00:55:29 GMT
Connection: keep-alive
api.purpleads.io/x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&demand=unifiedPb&ts=1675558565386
54.209.197.115200 OK 472 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&demand=unifiedPb&ts=1675558565386
IP 54.209.197.115:0
Hash ac9a77e47d7ef2dc0b688dcaf3bffa64
6656c087f40855b8bfad49273271cf8e852a84b0
0c5958fc0a3123c48a1c2d31a048611da73ca46cf8e0f12571b6682a110e089b
OPTIONS /x/b/?idx=1&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&demand=unifiedPb&ts=1675558565386 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 79b235b2-a483-4da4-acc2-e715bae3ebe8
x-api-version: 0.44.8
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:29 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Tue, 07 Feb 2023 00:55:29 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
23.38.200.22200 OK 8.2 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash 5999011d8e8c9976abeba106f3e72a89
a7231fd275f70012ebb68c9fdaa4fbf6d9040350
ede70782899a67749671129d5166d1418ce411ed45ca4a3e4f4ad42df6a768b6
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Tue, 07 Feb 2023 00:55:30 GMT
date: Sun, 05 Feb 2023 00:55:30 GMT
content-length: 8209
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.129.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.129.108:0
Hash 6df5422d46e210fe6c250e1166616a33
4e2a76404f30cc27f5158332d759a339db3479ad
803d61389fd9567c8c28dce4b89604438f64fd7e144160339a1b1dac14c6cb44
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 00:55:30 GMT
Age: 76376
X-Served-By: cache-lga13626-LGA, cache-bma1645-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 178002
X-Timer: S1675558530.067283,VS0,VE0
Vary: Accept-Encoding
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
23.38.200.22200 OK 8.2 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash 5999011d8e8c9976abeba106f3e72a89
a7231fd275f70012ebb68c9fdaa4fbf6d9040350
ede70782899a67749671129d5166d1418ce411ed45ca4a3e4f4ad42df6a768b6
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Tue, 07 Feb 2023 00:55:30 GMT
date: Sun, 05 Feb 2023 00:55:30 GMT
content-length: 8209
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.129.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.129.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 05 Feb 2023 00:55:30 GMT
Age: 76376
X-Served-By: cache-lga13626-LGA, cache-bma1646-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 176075
X-Timer: S1675558530.078039,VS0,VE0
Vary: Accept-Encoding
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: b737cc6d-6f0b-44c6-98d0-4a530f39549c
Set-Cookie: uuid2=5711176883896571748; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: f8f8bcac-0689-43f3-9b15-9979115c283f
Set-Cookie: uuid2=4562078330497541453; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 087f49b2-2e2d-4a8c-bc8e-cfe64b8ae198
Set-Cookie: uuid2=6781621353371970077; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eb2.3lift.com/sync?
13.248.245.213200 OK 37 B IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:30 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: f3430a06-277d-45e6-bc12-eeaece430f8c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 9ff42646-d3d3-46a6-9f33-3825ca120217
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: fadc2b2a-3cdc-4196-bae0-dac39ee204b8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eb2.3lift.com/sync?
13.248.245.213200 OK 37 B IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:30 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 285a6e84-b809-46fa-9de0-8bd3ddac9993
Set-Cookie: uuid2=8138670470142445148; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: ec743747-eb91-4f85-9c6c-f60da5da7136
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: d7a4d798-7b65-4597-b0b6-516b39f518be
Set-Cookie: uuid2=5526099058571514393; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 3d6ef7f9-472c-4ae3-a8b2-55a8f8e697e7
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: b774b1f9-9955-4e51-b301-c0e67141d334
Set-Cookie: uuid2=2593692000352365415; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: fb5949db-01d4-4a86-ab07-280df9d223e4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 4a949286-e861-4ca1-ab8c-fcb511d39fe2
Set-Cookie: uuid2=6177631258670275479; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5e635db1-4d03-4c1d-ada5-f31544886243
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 45e6bdba-031a-4e22-90dc-5114cc2bde34
Set-Cookie: uuid2=2359611197455498722; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:55:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.46200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:55:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: bc2817e0-14bf-44b8-ba17-2ad7f4a15590
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6; _ga=GA1.2.795692205.1675558564; _gid=GA1.2.911673261.1675558564; _gat_gtag_UA_108868042_1=1; a=rx1ETT7mqZ2HaMTF6qaQCFLCLdvhq306; token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAY97-fwFj3v5_gAGBAcAAIEytB-JpDEDH9-yQN4JtKLHdA0Fe5FOHPM-uxFeI7QOOwQAgbwvxm4ouzZUvguiuQHir5h_trVregwzOq09667yTJWc
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:31 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 38ca5c3f30fa322ff02817ad3fb125ab
7f86741a1deaaa5474ec9961ae92c648061cbca1
f9fe76a0f847b3e4e552b91fa8848a7906e64981bdd002c6d55509843b435a51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9FE76A0F847B3E4E552B91FA8848A7906E64981BDD002C6D55509843B435A51"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2129
Expires: Sun, 05 Feb 2023 01:31:02 GMT
Date: Sun, 05 Feb 2023 00:55:33 GMT
Connection: keep-alive
imgdelnw.com/ie?v=4&c=JGe8bIixMmJEywhCtQwFubOFlZR0GwTmISWgk5tOJr4D4Pm40R7vKfTa26a__XoB4i6SZd67s-r3HbxNRZkTK3craMyQS4UxklSTW1SoUONVed7XKfS6n7GMMAqqrCJLTXefbOrc4YFAi-Z7zegj5QSByt-7OFEvh0p6juarxNYNXBXyZIbRB1ysbgfbW5rZJmtHiM4Ir2D6k-R4JNg3H92xDBpnnAYdotXOxAjs-bPPlRbJFMZXSl5x-BJ6MWdrWAA3rEq44IRVUPz1seThFkZkuzaCpiY472C7Y9VAXS2tRZhyUfKD8qf3Lla_767ltpOiKSPNwdU63GZGF8d7Hw81RDaB2sux1b1JSzxN7u8T10kpUnB-qxh78ukGmculHyqQZruc8MuyGZesirfXbqnx5ZC7QJT6UPXirkNh7Pg=&v1=79&v2=68678
162.55.246.161301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=JGe8bIixMmJEywhCtQwFubOFlZR0GwTmISWgk5tOJr4D4Pm40R7vKfTa26a__XoB4i6SZd67s-r3HbxNRZkTK3craMyQS4UxklSTW1SoUONVed7XKfS6n7GMMAqqrCJLTXefbOrc4YFAi-Z7zegj5QSByt-7OFEvh0p6juarxNYNXBXyZIbRB1ysbgfbW5rZJmtHiM4Ir2D6k-R4JNg3H92xDBpnnAYdotXOxAjs-bPPlRbJFMZXSl5x-BJ6MWdrWAA3rEq44IRVUPz1seThFkZkuzaCpiY472C7Y9VAXS2tRZhyUfKD8qf3Lla_767ltpOiKSPNwdU63GZGF8d7Hw81RDaB2sux1b1JSzxN7u8T10kpUnB-qxh78ukGmculHyqQZruc8MuyGZesirfXbqnx5ZC7QJT6UPXirkNh7Pg=&v1=79&v2=68678
IP 162.55.246.161:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=JGe8bIixMmJEywhCtQwFubOFlZR0GwTmISWgk5tOJr4D4Pm40R7vKfTa26a__XoB4i6SZd67s-r3HbxNRZkTK3craMyQS4UxklSTW1SoUONVed7XKfS6n7GMMAqqrCJLTXefbOrc4YFAi-Z7zegj5QSByt-7OFEvh0p6juarxNYNXBXyZIbRB1ysbgfbW5rZJmtHiM4Ir2D6k-R4JNg3H92xDBpnnAYdotXOxAjs-bPPlRbJFMZXSl5x-BJ6MWdrWAA3rEq44IRVUPz1seThFkZkuzaCpiY472C7Y9VAXS2tRZhyUfKD8qf3Lla_767ltpOiKSPNwdU63GZGF8d7Hw81RDaB2sux1b1JSzxN7u8T10kpUnB-qxh78ukGmculHyqQZruc8MuyGZesirfXbqnx5ZC7QJT6UPXirkNh7Pg=&v1=79&v2=68678 HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Sun, 05 Feb 2023 00:55:32 GMT
content-length: 0
location: https://img.vmmcdn.com/get/7609021/200747_icon.png
x-app-id: 11
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1851a9d58b04afdb813cbc55ea715f67
1283e021bffac34106501b229ef2a207016ea874
7ffc2f0ebc8a49fe5d41abacacda511781ebe3e9495da2eb44eef539bad7207c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7FFC2F0EBC8A49FE5D41ABACACDA511781EBE3E9495DA2EB44EEF539BAD7207C"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5616
Expires: Sun, 05 Feb 2023 02:29:09 GMT
Date: Sun, 05 Feb 2023 00:55:33 GMT
Connection: keep-alive
img.vmmcdn.com/get/7609021/200747_icon.png
138.201.51.142200 OK 78 kB URL HTTP/1.1 img.vmmcdn.com/get/7609021/200747_icon.png
IP 138.201.51.142:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 53282b73b589873fa79c738c03b4e47d
ca5ab91a4e36ebddd6b326fa67071e915415085d
530d10989a16c4cbdec879d1f82bb200fe63f5fb111179d873354058460dacc8
GET /get/7609021/200747_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sun, 05 Feb 2023 00:55:33 GMT
Content-Type: image/png
Content-Length: 78410
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 15:29:52 GMT
Cache-Control: public, max-age=604800
ETag: "63692470-1324a"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
api.purpleads.io/x/init?ts=1675558564721
54.209.197.115200 OK 0 B URL HTTP/2 api.purpleads.io/x/init?ts=1675558564721
IP 54.209.197.115:0
OPTIONS /x/init?ts=1675558564721 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: e11e15f6-26f0-466c-b77d-1e97a456e22d
x-api-version: 0.44.8
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/v?ts=1675558564065
54.209.197.115200 OK 0 B URL HTTP/2 api.purpleads.io/x/v2/v?ts=1675558564065
IP 54.209.197.115:0
OPTIONS /x/v2/v?ts=1675558564065 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 937fdbfd-acdc-4c79-8039-eb0aa134a137
x-api-version: 0.44.8
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1354
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js?c25teE8oTFVLfUVdXlpjUUxBWilLXV4bf0cMQE4qQwxATCsRXkBBe0tZQB55FgsIGyoQDQ4bKlFCTxx5EVxbHH9EQwtOfkJDWUAsR0MPSHdHQ1VOfhVfXxp%2EQggOSm1fTB4PbV9MGRAqGw8fETsKBgQUK10MGAI1UUJPSX9dW09UKRICHh1jFQ8BCypfCAwUPBYz
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/sw.js?c25teE8oTFVLfUVdXlpjUUxBWilLXV4bf0cMQE4qQwxATCsRXkBBe0tZQB55FgsIGyoQDQ4bKlFCTxx5EVxbHH9EQwtOfkJDWUAsR0MPSHdHQ1VOfhVfXxp%2EQggOSm1fTB4PbV9MGRAqGw8fETsKBgQUK10MGAI1UUJPSX9dW09UKRICHh1jFQ8BCypfCAwUPBYz
IP 91.209.70.182:0
GET /sw.js?c25teE8oTFVLfUVdXlpjUUxBWilLXV4bf0cMQE4qQwxATCsRXkBBe0tZQB55FgsIGyoQDQ4bKlFCTxx5EVxbHH9EQwtOfkJDWUAsR0MPSHdHQ1VOfhVfXxp%2EQggOSm1fTB4PbV9MGRAqGw8fETsKBgQUK10MGAI1UUJPSX9dW09UKRICHh1jFQ8BCypfCAwUPBYz HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6; _ga=GA1.2.795692205.1675558564; _gid=GA1.2.911673261.1675558564; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&ts=1675558564929
54.209.197.115200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&ts=1675558564929
IP 54.209.197.115:0
GET /x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&ts=1675558564929 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzEyQW43L1BPS0xFR0FSQy1OU3dUY0gtTlNQLVVwZGF0ZTExMC1aaXBlcnRvLnJhcg==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: c0c760ae-03f1-4b38-9bcb-c8e06c591339
x-api-version: 0.44.8
set-cookie: pa-user-id=1778091e-1163-4fdd-853f-cdd1d5359e26; Domain=.purpleads.io; Path=/
pa-user-id: 1778091e-1163-4fdd-853f-cdd1d5359e26
etag: W/"cf0-ibMp6geMYfb/6dKpsLhWGn+UJ6o"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
IP 91.209.70.182:0
GET /12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=uakkhomlore28rr5tcl6pq41l6; expires=Mon, 06-Feb-2023 00:55:24 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1242
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:27 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 08 Mar 2023 00:55:26 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 2948487
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947ae351f95b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
theharityhild.buzz/NzNIUTBMETsmb0JBJHMKFVs8JUBECWd%2BXVJUKSRAGV0tJR9ERGY7QxUfaiJdURFyYBwVQCUnEg0RfH8DFR9qJVFQbCE1Eg0RcGICAQB7cxwVQD0zb15XenMKFVVwYgNUA3wzHQFWeDMdA1cqYR0OB3BmHVEFLTRVVFYrMlNUVmos
52.20.131.174502 Bad Gateway 0 B URL HTTP/2 theharityhild.buzz/NzNIUTBMETsmb0JBJHMKFVs8JUBECWd%2BXVJUKSRAGV0tJR9ERGY7QxUfaiJdURFyYBwVQCUnEg0RfH8DFR9qJVFQbCE1Eg0RcGICAQB7cxwVQD0zb15XenMKFVVwYgNUA3wzHQFWeDMdA1cqYR0OB3BmHVEFLTRVVFYrMlNUVmos
IP 52.20.131.174:0
GET /NzNIUTBMETsmb0JBJHMKFVs8JUBECWd%2BXVJUKSRAGV0tJR9ERGY7QxUfaiJdURFyYBwVQCUnEg0RfH8DFR9qJVFQbCE1Eg0RcGICAQB7cxwVQD0zb15XenMKFVVwYgNUA3wzHQFWeDMdA1cqYR0OB3BmHVEFLTRVVFYrMlNUVmos HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: 77f4f0a6097933a70d80ef2b67e93341=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&ts=1675558564929
54.209.197.115200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&ts=1675558564929
IP 54.209.197.115:0
OPTIONS /x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=bbb72284-c5e0-4be4-9787-074adb89d313&ts=1675558564929 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 00e16dfd-97ff-4e53-a6b1-7b2916f88925
x-api-version: 0.44.8
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:25 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1675558563602
54.209.197.115200 OK 0 B URL HTTP/2 api.purpleads.io/x/init?ts=1675558563602
IP 54.209.197.115:0
OPTIONS /x/init?ts=1675558563602 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 6763b673-3f7f-4a97-a6d1-8ec6a9b9aa6e
x-api-version: 0.44.8
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
104.16.159.17200 OK 0 B URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP 104.16.159.17:0
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Sun, 05 Feb 2023 00:50:56 GMT
cf-cache-status: HIT
expires: Sun, 05 Feb 2023 01:10:26 GMT
server: cloudflare
cf-ray: 7947ae3339bfb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1321
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:26 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sun, 05 Feb 2023 00:55:26 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 0 B IP 172.64.173.27:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
content-type: text/plain
set-cookie: csu=710537603783732@1@1675558525; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaM8hQogkKU4oV19jcI6Gzm0dgBkbVaIwuTs4YMzMm2DIjH5i55CRrKS6nNuFkU0rlkhRyBA%2Bx%2BuKZg3OYpZQqV4kQW%2FzvVjmsR5JCGvmkyWCHJLazXTy%2Fxed4rE0%2B8Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7947ae333ddb24ea-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1240
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:26 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sun, 05 Feb 2023 00:55:26 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&ts=1675558563887
54.209.197.115200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&ts=1675558563887
IP 54.209.197.115:0
OPTIONS /x/b/?idx=0&pid=2748375d00754e9788e11ab2a08ae976&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=53a7a219-9498-47d6-b9a5-72dedba6b680&ts=1675558563887 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:55:26 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 3cc0bf32-55ef-445a-a938-13153a8e039e
x-api-version: 0.44.8
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/12An7/POKLEGARC-NSwTcH-NSP-Update110-Ziperto.rar
Connection: keep-alive
Cookie: filehosting=uakkhomlore28rr5tcl6pq41l6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:55:24 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2