megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1d6xe/Per.Aspera.Build.10842819.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 31 Mar 2023 09:31:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3178
Expires: Fri, 31 Mar 2023 10:24:19 GMT
Date: Fri, 31 Mar 2023 09:31:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5237
Expires: Fri, 31 Mar 2023 10:58:38 GMT
Date: Fri, 31 Mar 2023 09:31:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 09:28:23 GMT
content-type: application/json
age: 178
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3586
Expires: Fri, 31 Mar 2023 10:31:07 GMT
Date: Fri, 31 Mar 2023 09:31:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wj1UVVJkDYjSzxYMPfUXMfLtqO4gl2L/eLV0nZax6h0WB8+u36GXu782LcPQ/0WtD0XgoDf3sCZCaXw+rq8iJA==
x-amz-request-id: F081M8EMMTVXPEV8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 09:12:07 GMT
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
age: 1154
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2fdd88c5328a20e99bd682e34b8c0173
a6415caf042550cb51822e482d1f5b9178938ea3
f15a1244d7acc3b892df1a3ea767c24ce5f661e2e623fedc25ade8c7094c8af6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 23:25:48 GMT
Expires: Mon, 03 Apr 2023 23:25:47 GMT
Etag: "a6415caf042550cb51822e482d1f5b9178938ea3"
Cache-Control: max-age=308665,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0794337873b51e-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 66d3c8a2dc7656b819dfe99dd74ef41b
9ac102973657c13264a7a17ad2e3ffc6f4d1f570
23346d5aae2c9440f6a6d9c1d366003dfaefd1cc83212ce033bfdc30e5054cc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 1.1 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1249)
Hash 46d7597d6109c1fb0d69a6ca0450d5c0
1838e63b2ecb5b98c906e8b5da6197c01a92962e
550cfcf085c0daa4649c1b39698901654669eeb79a4e8b3b6d7fe51ecb206f46
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b7ae243203029f3da26f84f629534a90
48d536116f8c46e70240ac49bb76b1956fe6588b
1fc6a66abe9b6bb82330482058910a998acc1340798abe562e8063f30a54039e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FC6A66ABE9B6BB82330482058910A998ACC1340798ABE562E8063F30A54039E"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18998
Expires: Fri, 31 Mar 2023 14:47:59 GMT
Date: Fri, 31 Mar 2023 09:31:21 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash 34c9b999caff043d950a50288323e11a
1a56e9f4a0496d11f83f4b4c67aaec5803e30c83
4d3fbb69190a628081eaec5376c3448010387ade5afe341ab068468493b78908
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 09:31:21 GMT
expires: Fri, 31 Mar 2023 09:31:21 GMT
cache-control: private, max-age=900
last-modified: Fri, 31 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 09:31:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 01-Apr-2023 09:31:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sat, 01-Apr-2023 09:31:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 09:31:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 01-Apr-2023 09:31:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Sat, 01-Apr-2023 09:31:21 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 66d3c8a2dc7656b819dfe99dd74ef41b
9ac102973657c13264a7a17ad2e3ffc6f4d1f570
23346d5aae2c9440f6a6d9c1d366003dfaefd1cc83212ce033bfdc30e5054cc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
143.204.42.171200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 143.204.42.171:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 189 kB (188711 bytes)
Hash 2e03b185443472ba344ba4958ea91a7a
72039909b71bfd6024d9e09a6a19475e6e7e9fce
9415cff630e11f87b971b8690d6381de31f82f2d256d7acbe4863cf358e9edcf
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188711
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7rmsUIfZV9lCizS-fd3B1VPScjfQrjY-7bUmvmMyyZSn7uMxEVcvyw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 34 kB URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash c394a5adff07032b436fb7beba4b8970
5997c2c8b1fa43a8e5aa083cace919517bdb250b
80183d647f2e452e69f6e36ffae59755d2b030f0a637c6b7a0e8b965f658ab11
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 35 kB URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
Hash 7516a406409fa60dbf155ee96ddcce2e
985ba469562183b7d2582238c3184d9267f69e17
58c4d25b5a4474e7f8f13a1a3b939ba912e78c5825763964c00dfe26049fd774
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 74 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (32341)
Hash e42ce0d833e620d65c3984e1e111f3df
287336870901b508ece6585d0019600feffddd2d
24cc7d1b710a745c5793de89ed00b6bd0d26eaf8aee7251e19eacbdb1020a330
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8523
Expires: Fri, 31 Mar 2023 11:53:25 GMT
Date: Fri, 31 Mar 2023 09:31:22 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
91.209.70.182200 OK 40 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP 91.209.70.182:0
File type assembler source, ASCII text, with very long lines (540), with CRLF line terminators
Hash bb69779caadf6b56d42ddee014d5d9ab
9b060c16b25804bbe0dd12d2f4a2952f5a5d6e9b
2d072ed33fb00ddb213593dd26b7fcc006ea48bbb6c240e63427227723ae1dbf
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 09:17:26 GMT
age: 836
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
91.209.70.182200 OK 4.1 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash 0a0a70cf5e2bc84ac7e6fb1fd05a5ed9
c547fd9c01f99e56b099361aabf9bd856b535147
9f72d66edea61bdbc6c1857186c3f5b92085a27b0c665469cdc0a7a1adbbdf94
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 09:31:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 09:31:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
alargeredrubygsw.com/eTY4ZElWCVsXdBpbW1ArLF5zMQhMb15UHxx1VFVsS3RpCHE1bmADbw1fXFl+TwcJXH9fRlEAdEgQSxAoDUNLWXhfX1YCJkQQTll4VwUMSnpLGApCPEQHHhA5GFEFVW8JQkwIdEgAAFR7TAMIXHhAAAE
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/eTY4ZElWCVsXdBpbW1ArLF5zMQhMb15UHxx1VFVsS3RpCHE1bmADbw1fXFl+TwcJXH9fRlEAdEgQSxAoDUNLWXhfX1YCJkQQTll4VwUMSnpLGApCPEQHHhA5GFEFVW8JQkwIdEgAAFR7TAMIXHhAAAE
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eTY4ZElWCVsXdBpbW1ArLF5zMQhMb15UHxx1VFVsS3RpCHE1bmADbw1fXFl+TwcJXH9fRlEAdEgQSxAoDUNLWXhfX1YCJkQQTll4VwUMSnpLGApCPEQHHhA5GFEFVW8JQkwIdEgAAFR7TAMIXHhAAAE HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQJmCr18bhVTINthgjZINq%2FYTLjBiRLzHez8KhJouPO1y6xPP8WW6IdRThQXW9M7sgA%2FJY%2FYZ519sHEqdFaMfAeE9aIeOXkQUJKeruISSp7dmE9ZQ63kf4XroH7hUlDEXGRyjjl86A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0794388be4b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alargeredrubygsw.com/Y0VUWHZMejcrSzJ2OAEgDhMjCTETMAIAIC0cE20jB3UWLCwlDHIsHwd4bWxPW3NgfgYKIWlpTkU2IDkCFjZpaVAKKzI3S0UzaWlYU2tmdkVFMGlpUBc1NT9LUmMkLAIPeGVuTlN3YW1GW3dkbEQ
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/Y0VUWHZMejcrSzJ2OAEgDhMjCTETMAIAIC0cE20jB3UWLCwlDHIsHwd4bWxPW3NgfgYKIWlpTkU2IDkCFjZpaVAKKzI3S0UzaWlYU2tmdkVFMGlpUBc1NT9LUmMkLAIPeGVuTlN3YW1GW3dkbEQ
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Y0VUWHZMejcrSzJ2OAEgDhMjCTETMAIAIC0cE20jB3UWLCwlDHIsHwd4bWxPW3NgfgYKIWlpTkU2IDkCFjZpaVAKKzI3S0UzaWlYU2tmdkVFMGlpUBc1NT9LUmMkLAIPeGVuTlN3YW1GW3dkbEQ HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmqWuH%2BicMPnM6bGR%2BbO6U74sd909WAlI5zs%2Bk1l%2BDmAmHUL02B9ADk2lakoNmlPoAs157chzJ8ILaTjYf%2FOQqeGjFe3QfdNZg4aSrLH%2FJjCJ2rzvvR9MHlyBgmPO4Wc5BrQP99NNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0794389bffb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 1.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash 5cd7ad933a9d3633069f5ab89bf01dc4
aaf2ba07a6e3cabd123e38190f3d7fd54c72bd43
5a3bdf3275414082ddc0625970bc52463c4bcd6582633718001551dd05da1cc7
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
alargeredrubygsw.com/dm5iSW9ZUQE6UhIUIAMMRFclCjceIjR5PjcLNxs3JBkKbF00PVMQSQIHBnRXQVhReFdQHgstUkRXRDobFxoXOlJHSAsnCRlTRD9SR0BSZ1lGQFFvGktfRD0fFwlfeEkGGhYlUkdYWnldQ1tScV1GXFs
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/dm5iSW9ZUQE6UhIUIAMMRFclCjceIjR5PjcLNxs3JBkKbF00PVMQSQIHBnRXQVhReFdQHgstUkRXRDobFxoXOlJHSAsnCRlTRD9SR0BSZ1lGQFFvGktfRD0fFwlfeEkGGhYlUkdYWnldQ1tScV1GXFs
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dm5iSW9ZUQE6UhIUIAMMRFclCjceIjR5PjcLNxs3JBkKbF00PVMQSQIHBnRXQVhReFdQHgstUkRXRDobFxoXOlJHSAsnCRlTRD9SR0BSZ1lGQFFvGktfRD0fFwlfeEkGGhYlUkdYWnldQ1tScV1GXFs HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFH0n6%2BlZDXeZg8ee7NZf86aYPRJCHPnK8Mk7ImyTUWQwJ%2B9i5pbIg9cQyvaSK7vOMsaPL4%2FFw90qlf9UcqB1sni767VFei9IZryN%2FebjR5PvfciTtGJyWfD4wCOFzLcD8Ecf7US%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0794388bfdb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alargeredrubygsw.com/MzZpTUgcCQo+dVJyJH8cXUYKDwl5BDoLeHd0WiUMa1EgCC4DUU85IVcLUX99CgdYazhaUlR+ehVFHSw8RkVUfG5aWA8idRVAVH1mChhYY30VQ1R8bkdGCCp1AhAZOTxfC1h7cAMEXHh4CwRZfHE
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/MzZpTUgcCQo+dVJyJH8cXUYKDwl5BDoLeHd0WiUMa1EgCC4DUU85IVcLUX99CgdYazhaUlR+ehVFHSw8RkVUfG5aWA8idRVAVH1mChhYY30VQ1R8bkdGCCp1AhAZOTxfC1h7cAMEXHh4CwRZfHE
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MzZpTUgcCQo+dVJyJH8cXUYKDwl5BDoLeHd0WiUMa1EgCC4DUU85IVcLUX99CgdYazhaUlR+ehVFHSw8RkVUfG5aWA8idRVAVH1mChhYY30VQ1R8bkdGCCp1AhAZOTxfC1h7cAMEXHh4CwRZfHE HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkAwxLVSkOkwNnf5ugdfPmTBD8LcfkCog0tKP8mv%2FAgaWz3%2Fzt%2FragPVuOwlgZuNHYSNf595syU52%2BLnJBl5irZuRShSUkOUpJ9AzjC8riGyCnsvWybpmxm8lllZhVmCw%2FRHanocqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0794389bfeb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alargeredrubygsw.com/bEdsdjNDeA8FDj91VTxSXx1UIF0UJj0ufQ8hAB58CREcQGs5AkoCWgh6W0AHXXNdUEMFI1FHFR8zDQJGH3pdUFoCIQNLFRp6XVgAWGlfRB1eYRlLAkozHBdUUXZKBkcYK1FHBVR3XkMGXH9eRgZY
188.114.96.1204 No Content 0 B URL HTTP/2 alargeredrubygsw.com/bEdsdjNDeA8FDj91VTxSXx1UIF0UJj0ufQ8hAB58CREcQGs5AkoCWgh6W0AHXXNdUEMFI1FHFR8zDQJGH3pdUFoCIQNLFRp6XVgAWGlfRB1eYRlLAkozHBdUUXZKBkcYK1FHBVR3XkMGXH9eRgZY
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bEdsdjNDeA8FDj91VTxSXx1UIF0UJj0ufQ8hAB58CREcQGs5AkoCWgh6W0AHXXNdUEMFI1FHFR8zDQJGH3pdUFoCIQNLFRp6XVgAWGlfRB1eYRlLAkozHBdUUXZKBkcYK1FHBVR3XkMGXH9eRgZY HTTP/1.1
Host: alargeredrubygsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zea8Vw7DoOTBf6ioYch%2FQVFgxsoLZhbm3WNkvjkArtatVl3rjzAKoM%2BQlv7NhcFrbxixgu6P%2Bj%2FDXX9moAfVFAWbP8HzSlFLqqKOzycGw13BAJiY9NtV7s4MkfBph0jD2yI%2Faw49tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b079438ac2fb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vingartistictaste.com/dGhzOFUVChBVahVVER4gBgROHWcyTUF+MRkFCVMzEFBBTzQNBl1bORsdF14nGwYHFjsRHFYKEy06K2IYIQIqVRInIUN7ATEOOH9tNgtDXGwVDzFSHTBQSm8RIiQwbw8dOCZqZDM9KlIRDS0mWzsxOyNWBzc4C3ItLQAySBMNIUJ7Zzk8OlIQOAw1eSE6BCEMBBkHHmo8GwwQbDksIwRPbTlZPk0XDTpDaSwmJDpsZDkkMVcyORA9Cxg8BEt6ODYtFXAlNiQxXzokPTYKAEddGm8RMjwVVRw8DCVQbRAfJnAAR10aaQYDMRZVDCAMGWolLSkqAQQ8RRsLFyUMJ144Pi0+CRtRWjV9IhBZIgofHSBBehASLCVsHxxYGVwiJSwhcC0eKh1uHRIvPmwxRDECd2UlDzZ7GAUtQFsiEj86fDREMgJyIgBYVVImGwYDBRBAPAsKbD8YFUE4MixHXCc
52.85.49.101200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/dGhzOFUVChBVahVVER4gBgROHWcyTUF+MRkFCVMzEFBBTzQNBl1bORsdF14nGwYHFjsRHFYKEy06K2IYIQIqVRInIUN7ATEOOH9tNgtDXGwVDzFSHTBQSm8RIiQwbw8dOCZqZDM9KlIRDS0mWzsxOyNWBzc4C3ItLQAySBMNIUJ7Zzk8OlIQOAw1eSE6BCEMBBkHHmo8GwwQbDksIwRPbTlZPk0XDTpDaSwmJDpsZDkkMVcyORA9Cxg8BEt6ODYtFXAlNiQxXzokPTYKAEddGm8RMjwVVRw8DCVQbRAfJnAAR10aaQYDMRZVDCAMGWolLSkqAQQ8RRsLFyUMJ144Pi0+CRtRWjV9IhBZIgofHSBBehASLCVsHxxYGVwiJSwhcC0eKh1uHRIvPmwxRDECd2UlDzZ7GAUtQFsiEj86fDREMgJyIgBYVVImGwYDBRBAPAsKbD8YFUE4MixHXCc
IP 52.85.49.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash 36e771f60235d8a6f6a5d58c5ea87306
7de05f2693e1053d9207eb4083991630b0b606a1
3ff4844749f4ef62e90e7b7bfb1db5fc1c9dafac7aeb1028dd48572cfdee2f1c
GET /dGhzOFUVChBVahVVER4gBgROHWcyTUF+MRkFCVMzEFBBTzQNBl1bORsdF14nGwYHFjsRHFYKEy06K2IYIQIqVRInIUN7ATEOOH9tNgtDXGwVDzFSHTBQSm8RIiQwbw8dOCZqZDM9KlIRDS0mWzsxOyNWBzc4C3ItLQAySBMNIUJ7Zzk8OlIQOAw1eSE6BCEMBBkHHmo8GwwQbDksIwRPbTlZPk0XDTpDaSwmJDpsZDkkMVcyORA9Cxg8BEt6ODYtFXAlNiQxXzokPTYKAEddGm8RMjwVVRw8DCVQbRAfJnAAR10aaQYDMRZVDCAMGWolLSkqAQQ8RRsLFyUMJ144Pi0+CRtRWjV9IhBZIgofHSBBehASLCVsHxxYGVwiJSwhcC0eKh1uHRIvPmwxRDECd2UlDzZ7GAUtQFsiEj86fDREMgJyIgBYVVImGwYDBRBAPAsKbD8YFUE4MixHXCc HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1200
date: Fri, 31 Mar 2023 09:31:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: 5WVxH3iBq4zx6qelrNz8cJfJt11752L-XyzHrVYzfevvvTDQ79mWHw==
X-Firefox-Spdy: h2
vingartistictaste.com/RlRyY0MnNhEOfCdpEEU2NDhPRnEAcUAlJys5CAglImxAFCI/OlwALykhFgUxKToGTS0jIFdRBXEBQht2EQERFAo+N1dRBSMXEQ8LEQZXUQEcZyQhIXUaQykkKWY5MA0+ER8iFgM+FVQMdTcWJykycUAlDj8/HTEEKjwiGnMeBBwTcg0GEVUmKx4DJAd2OBANKyAYMTk2DwYrCQ8sbBUkCz5lNDsvHjUlKSsgEjcWDyxkHSUqcmQWDXYMGggtcSA/HgwndWVKOwQpEhYNdgwYG1d6Iz9DWycEEgIwcS1xQCUZHjwRAiQQZhQIKDQZKjlmdBI9JCt1Dh8pCSUTOAslBHlGWwkCMxg7BDUWKzs7DzUqByogERpbJxEZAyYANT08MA4EMjo2FSABHhAiERoDJwQUZlQJMCk6Al4ofwczFwEkZDwhAQ
52.85.49.101200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/RlRyY0MnNhEOfCdpEEU2NDhPRnEAcUAlJys5CAglImxAFCI/OlwALykhFgUxKToGTS0jIFdRBXEBQht2EQERFAo+N1dRBSMXEQ8LEQZXUQEcZyQhIXUaQykkKWY5MA0+ER8iFgM+FVQMdTcWJykycUAlDj8/HTEEKjwiGnMeBBwTcg0GEVUmKx4DJAd2OBANKyAYMTk2DwYrCQ8sbBUkCz5lNDsvHjUlKSsgEjcWDyxkHSUqcmQWDXYMGggtcSA/HgwndWVKOwQpEhYNdgwYG1d6Iz9DWycEEgIwcS1xQCUZHjwRAiQQZhQIKDQZKjlmdBI9JCt1Dh8pCSUTOAslBHlGWwkCMxg7BDUWKzs7DzUqByogERpbJxEZAyYANT08MA4EMjo2FSABHhAiERoDJwQUZlQJMCk6Al4ofwczFwEkZDwhAQ
IP 52.85.49.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Hash cd27214038008a6a79d5a33919b2ab25
2a341c2713cfc7af96bec67ea1834486c1c8cc76
3d0237af1a95a27814150fd248bbacd45eb94ebaae687d5abf488b7355f64e3f
GET /RlRyY0MnNhEOfCdpEEU2NDhPRnEAcUAlJys5CAglImxAFCI/OlwALykhFgUxKToGTS0jIFdRBXEBQht2EQERFAo+N1dRBSMXEQ8LEQZXUQEcZyQhIXUaQykkKWY5MA0+ER8iFgM+FVQMdTcWJykycUAlDj8/HTEEKjwiGnMeBBwTcg0GEVUmKx4DJAd2OBANKyAYMTk2DwYrCQ8sbBUkCz5lNDsvHjUlKSsgEjcWDyxkHSUqcmQWDXYMGggtcSA/HgwndWVKOwQpEhYNdgwYG1d6Iz9DWycEEgIwcS1xQCUZHjwRAiQQZhQIKDQZKjlmdBI9JCt1Dh8pCSUTOAslBHlGWwkCMxg7BDUWKzs7DzUqByogERpbJxEZAyYANT08MA4EMjo2FSABHhAiERoDJwQUZlQJMCk6Al4ofwczFwEkZDwhAQ HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1172
date: Fri, 31 Mar 2023 09:31:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: _I6XZIhVpIsAH0kzeUekKTYazsZcujBcWK3EtFpzvG9hl8H27CTxFQ==
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 110 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (840)
Size 110 kB (109722 bytes)
Hash cb38bfa3e5736d6101a304d86975a611
7b6c5e62e7af3c1a3e13fdbfdb4c0eae59837ac8
809f2e3ba5fd3efaf5f1a24e5a05afcb74a97f62d398761a724b7e70b3934dae
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
vingartistictaste.com/cU55dTQQLBoYCxBzG1NBAyJEUAY3a0szUBwjAx5SFXZLAlUIIFcWWB47HRNGHiANW1oUOlxHchYbAy9wFQkoAmMifioiTRUoM0VYEhcoOwIjGC9EbDUPGzZdPAI/NnEJDShBTDkPMCR1CHo0NEw3fSMkdRQADgFOJCkeDGMyHDMkXisXMDBYJyovFlo3IhUbcTUtPDZOFgI3HVswABU0RTYpPEZxNRcvImBEFDYnBDgeSBFZIyczGHM5ACsjWTwrNzcEOgBIHgQzfj8ddhh+OCRjNAkaHmY6FwE7Qz8lPx12Gx8dNlkkDSMeVxwqHidONQgzG3FCYzhHZSYLPjhlOwwgPVAIHD8zDTMjCSdiHAArP1wSHik3egkDFS9eM303MGImAzEvXysbNyMMCQsoPAwlIyMyfRwHPhFYARsdIHpUfDsnZVckChpaAXMuIGErdgsdUjJ7FA1TMw8
52.85.49.101200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/cU55dTQQLBoYCxBzG1NBAyJEUAY3a0szUBwjAx5SFXZLAlUIIFcWWB47HRNGHiANW1oUOlxHchYbAy9wFQkoAmMifioiTRUoM0VYEhcoOwIjGC9EbDUPGzZdPAI/NnEJDShBTDkPMCR1CHo0NEw3fSMkdRQADgFOJCkeDGMyHDMkXisXMDBYJyovFlo3IhUbcTUtPDZOFgI3HVswABU0RTYpPEZxNRcvImBEFDYnBDgeSBFZIyczGHM5ACsjWTwrNzcEOgBIHgQzfj8ddhh+OCRjNAkaHmY6FwE7Qz8lPx12Gx8dNlkkDSMeVxwqHidONQgzG3FCYzhHZSYLPjhlOwwgPVAIHD8zDTMjCSdiHAArP1wSHik3egkDFS9eM303MGImAzEvXysbNyMMCQsoPAwlIyMyfRwHPhFYARsdIHpUfDsnZVckChpaAXMuIGErdgsdUjJ7FA1TMw8
IP 52.85.49.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Hash 6f81220fe66e91e85c31aaafba15539e
c020fa043a392993959a7651a0888a14a7e44901
018ddb6c7cbafc3cf7d63d50322854d2db189d024dbee51ffe45ab127b272565
GET /cU55dTQQLBoYCxBzG1NBAyJEUAY3a0szUBwjAx5SFXZLAlUIIFcWWB47HRNGHiANW1oUOlxHchYbAy9wFQkoAmMifioiTRUoM0VYEhcoOwIjGC9EbDUPGzZdPAI/NnEJDShBTDkPMCR1CHo0NEw3fSMkdRQADgFOJCkeDGMyHDMkXisXMDBYJyovFlo3IhUbcTUtPDZOFgI3HVswABU0RTYpPEZxNRcvImBEFDYnBDgeSBFZIyczGHM5ACsjWTwrNzcEOgBIHgQzfj8ddhh+OCRjNAkaHmY6FwE7Qz8lPx12Gx8dNlkkDSMeVxwqHidONQgzG3FCYzhHZSYLPjhlOwwgPVAIHD8zDTMjCSdiHAArP1wSHik3egkDFS9eM303MGImAzEvXysbNyMMCQsoPAwlIyMyfRwHPhFYARsdIHpUfDsnZVckChpaAXMuIGErdgsdUjJ7FA1TMw8 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Fri, 31 Mar 2023 09:31:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: _0G8EAk-5xKYV59QYHfPVShKd7jW0cEM8zoQszyQ_h_Q_SL9ccJ_dA==
X-Firefox-Spdy: h2
vingartistictaste.com/RlRmV2wnNgU6UydpBHEZNDhbcl4AcVQRCCs5HDwKImxUIA0/Okg0ACkhAjEeKToSeQIjIENlKiEDIjsvImcJYDovIzQFPz4FLDwcCDYBZhYXZBJyXgQBHBI1ABcBEi92bCg1PX4bMj8ALhwcDiIOOTMdNgQnBBkAc3FUETkUbFQAAn8TPhMAIh0jJyMgP1YuKwQSCgIFCw4nFAQfHh4gIAsWXmQqLTdXAQYhMSA9Ph8OVgJUJAYCLjktPAkSOBMxIBMUERo3BQonMw0kLXdtFxQ0CBwwEAslNzIBCiczDWYkLgYTEzsiESkfXAo3AW4hJBYeLyIQbRcUOGsVJA9eMmAFZwgWMAE7HhM/Djg0LzczEjglNwUTKg81Jz8VFGQSOC8BMCAEBnMFKxUlJRpWEQIUAB4nLx4wPAQCcxkAZzVgPhU4AjZpL28bc2Iqbg9/
52.85.49.101200 OK 1.2 kB URL HTTP/2 vingartistictaste.com/RlRmV2wnNgU6UydpBHEZNDhbcl4AcVQRCCs5HDwKImxUIA0/Okg0ACkhAjEeKToSeQIjIENlKiEDIjsvImcJYDovIzQFPz4FLDwcCDYBZhYXZBJyXgQBHBI1ABcBEi92bCg1PX4bMj8ALhwcDiIOOTMdNgQnBBkAc3FUETkUbFQAAn8TPhMAIh0jJyMgP1YuKwQSCgIFCw4nFAQfHh4gIAsWXmQqLTdXAQYhMSA9Ph8OVgJUJAYCLjktPAkSOBMxIBMUERo3BQonMw0kLXdtFxQ0CBwwEAslNzIBCiczDWYkLgYTEzsiESkfXAo3AW4hJBYeLyIQbRcUOGsVJA9eMmAFZwgWMAE7HhM/Djg0LzczEjglNwUTKg81Jz8VFGQSOC8BMCAEBnMFKxUlJRpWEQIUAB4nLx4wPAQCcxkAZzVgPhU4AjZpL28bc2Iqbg9/
IP 52.85.49.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash ecc8373a6f41008096377f144a9185c1
2ed25858c79f752e1bf6a6c76c9c11fdf28b57d4
71e9e6f94c2de7507e88784ee4eff59b98fa0f1ce44f5bfe11bf4b9a5b9fcdc6
GET /RlRmV2wnNgU6UydpBHEZNDhbcl4AcVQRCCs5HDwKImxUIA0/Okg0ACkhAjEeKToSeQIjIENlKiEDIjsvImcJYDovIzQFPz4FLDwcCDYBZhYXZBJyXgQBHBI1ABcBEi92bCg1PX4bMj8ALhwcDiIOOTMdNgQnBBkAc3FUETkUbFQAAn8TPhMAIh0jJyMgP1YuKwQSCgIFCw4nFAQfHh4gIAsWXmQqLTdXAQYhMSA9Ph8OVgJUJAYCLjktPAkSOBMxIBMUERo3BQonMw0kLXdtFxQ0CBwwEAslNzIBCiczDWYkLgYTEzsiESkfXAo3AW4hJBYeLyIQbRcUOGsVJA9eMmAFZwgWMAE7HhM/Djg0LzczEjglNwUTKg81Jz8VFGQSOC8BMCAEBnMFKxUlJRpWEQIUAB4nLx4wPAQCcxkAZzVgPhU4AjZpL28bc2Iqbg9/ HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Fri, 31 Mar 2023 09:31:22 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: GXNYMt7bffhMbd0KNfhCImiCLnFjnIND8BflOnf_wdc-2BTdQ3R3Vw==
X-Firefox-Spdy: h2
megaup.net/imageads/018.gif
91.209.70.182200 OK 138 kB URL HTTP/2 megaup.net/imageads/018.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 138 kB (137760 bytes)
Hash 150db0c4c2e15ca951b6f23943ae3fd2
fe3591017d81817f6a7324bd16ccfc4ba6de551c
64b9bec034d7290ee63d3518e543ebe575245fb2c9318c6cddf39593f6164f7e
GET /imageads/018.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: image/gif
content-length: 137760
last-modified: Mon, 16 Oct 2017 23:13:48 GMT
vary: Accept-Encoding
etag: "59e53d2c-21a20"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 282 B IP 104.18.32.68:0
Hash cecf6a46b6a83643b5caa1e729212134
5c840e263bf9296f933f00b9e6eaee2bcf863c3e
ea29e3e79612883b02a1634d0f9280adc0818d0db92ff2aa58d4b0ecf2a7cf59
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:22 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 04:43:13 GMT
Expires: Thu, 06 Apr 2023 04:43:12 GMT
Etag: "5c840e263bf9296f933f00b9e6eaee2bcf863c3e"
Cache-Control: max-age=500509,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b07943a48b6b51e-OSL
platform.bidgear.com/media/img/b15.png
172.67.74.36200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 172.67.74.36:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Fri, 21 Apr 2023 07:19:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 776745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrM7YWQZAR9MvAACSLyqZExEnKPmhm1dOkrw3PWBGuSAJdGeSPNJjnPb0Yty%2F1qk1eohFIUMuWjPj2Jh8d1YCjbOaeTFLR0U8%2FXfY6cTBEW3Ft129fg3t6y8r8dG%2FRK7QdCAx77G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07943a8a811bfa-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0feb476b3ad4f21891ddf5fb16903fa2
9b5e967c9979b136ba7c7fc6301ffe177e294498
b34d944ce50c3e555f1ea8d004821db8bad99550699c2c3656b731685182eeb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B34D944CE50C3E555F1EA8D004821DB8BAD99550699C2C3656B731685182EEB1"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2605
Expires: Fri, 31 Mar 2023 10:14:47 GMT
Date: Fri, 31 Mar 2023 09:31:22 GMT
Connection: keep-alive
a.exdynsrv.com/ad-provider.js
205.185.216.10200 OK 27 kB URL HTTP/1.1 a.exdynsrv.com/ad-provider.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (52886)
Hash caff325c3dedde56662118710021ba52
e8ac8e95435ebffc411a75ba572b492079db0903
2599a4794875f4b05a6e1166832a35356a2144b6f6edabdf4016206cac7490bc
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:22 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 26741
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"11f47ce07ddb24215f4f3a5ce34"
X-HW: 1680255082.dop205.sk1.t,1680255082.cds226.sk1.shn,1680255082.dop205.sk1.t,1680255082.cds246.sk1.c
Access-Control-Allow-Origin: *, *
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:0
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/YRXZMUjYmGSI0CTEfKG8Bc0d9agBjHD89WDVLCWZiPUR1GUYjDyEUcnESPnRCPxJxYhApFyI1C2MTIjELdFAtNlR4QmomRiodcTlXKww8M1MuByR0QyRLIT1MLBogMxN3MHl8BmBEfHpBLBgoPUE2U35iWDFTfmIHdVh8dwUHU35iQSwYemYTdjRpYAY9QH-h3BQdTfmJEM1N/Ewd1Q2JiH2BEfDVTJh0jdwQDRHxjBnVHfGMTd0YqO0QgECMqE3cwfWIDa0ZqJwt0
143.204.42.171200 OK 615 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/YRXZMUjYmGSI0CTEfKG8Bc0d9agBjHD89WDVLCWZiPUR1GUYjDyEUcnESPnRCPxJxYhApFyI1C2MTIjELdFAtNlR4QmomRiodcTlXKww8M1MuByR0QyRLIT1MLBogMxN3MHl8BmBEfHpBLBgoPUE2U35iWDFTfmIHdVh8dwUHU35iQSwYemYTdjRpYAY9QH-h3BQdTfmJEM1N/Ewd1Q2JiH2BEfDVTJh0jdwQDRHxjBnVHfGMTd0YqO0QgECMqE3cwfWIDa0ZqJwt0
IP 143.204.42.171:0
File type ASCII text, with very long lines (852), with no line terminators
Hash daad12074043ee319c9ae2bc2fe4d9ca
abee04d71dc8be84694faef944698ddb0a590b1b
cc3c472996773a6e0783f20ec8d5297003bc69fa71190618965accebacce3cd7
GET /YRXZMUjYmGSI0CTEfKG8Bc0d9agBjHD89WDVLCWZiPUR1GUYjDyEUcnESPnRCPxJxYhApFyI1C2MTIjELdFAtNlR4QmomRiodcTlXKww8M1MuByR0QyRLIT1MLBogMxN3MHl8BmBEfHpBLBgoPUE2U35iWDFTfmIHdVh8dwUHU35iQSwYemYTdjRpYAY9QH-h3BQdTfmJEM1N/Ewd1Q2JiH2BEfDVTJh0jdwQDRHxjBnVHfGMTd0YqO0QgECMqE3cwfWIDa0ZqJwt0 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 615
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PV2u-TX3PS51lmLIZelR4kTfoqbmWRJo8CAimYz2htyXfLoZLcuEmg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c90bd7c311e02a4f9063c08ebf5261eb
4e2b8db47531a9c124ab0c6cf5a0900a199348ca
34744e7e236ec71b63064fc97c38099ef3460770078518828afd3078a835ef22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 31 Mar 2023 08:05:11 GMT
expires: Fri, 31 Mar 2023 10:05:11 GMT
cache-control: public, max-age=7200
age: 5171
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/gUzZDdGQwWS0SWydfJ0lcYQN6RVV1XDAbCiMLFCExCQ4xHAIQAy4MAxF3ZQAeNwtzUggyWCRJQjZYIElVdVcnFllnEDcECzgLNhoANlAqGgE3EDYVWT5ZOR0IP1dmRiJmGHNRVmMeNB0KN1k0B0FhBi0AQWEGckRKYxNwNkFhBjQdCmUCZkcmdgRzDFJnE3-A2QWEGMQJBYHdyRFF9BmpRVmNRJhcPPBNxMlZjB3NEVWMHZkZUNV8xEQI8TmZGImIGdlpUdUN+RQ
143.204.42.171200 OK 376 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/gUzZDdGQwWS0SWydfJ0lcYQN6RVV1XDAbCiMLFCExCQ4xHAIQAy4MAxF3ZQAeNwtzUggyWCRJQjZYIElVdVcnFllnEDcECzgLNhoANlAqGgE3EDYVWT5ZOR0IP1dmRiJmGHNRVmMeNB0KN1k0B0FhBi0AQWEGckRKYxNwNkFhBjQdCmUCZkcmdgRzDFJnE3-A2QWEGMQJBYHdyRFF9BmpRVmNRJhcPPBNxMlZjB3NEVWMHZkZUNV8xEQI8TmZGImIGdlpUdUN+RQ
IP 143.204.42.171:0
File type ASCII text, with very long lines (483), with no line terminators
Hash e167a9065b0699d6f86eda905ce98d5b
07b0db3f34f05d7f934ae1deab53c65a91a5f872
d4337ceae44cc51388fd1453b6bd8ffdea92327aad9b147204eb7643185ba3c3
GET /gUzZDdGQwWS0SWydfJ0lcYQN6RVV1XDAbCiMLFCExCQ4xHAIQAy4MAxF3ZQAeNwtzUggyWCRJQjZYIElVdVcnFllnEDcECzgLNhoANlAqGgE3EDYVWT5ZOR0IP1dmRiJmGHNRVmMeNB0KN1k0B0FhBi0AQWEGckRKYxNwNkFhBjQdCmUCZkcmdgRzDFJnE3-A2QWEGMQJBYHdyRFF9BmpRVmNRJhcPPBNxMlZjB3NEVWMHZkZUNV8xEQI8TmZGImIGdlpUdUN+RQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 376
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8k_4SthwctwIKz6ozcrO05hYYTj1WdeHP3ED70N3TilV4wv8RKObPg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c90bd7c311e02a4f9063c08ebf5261eb
4e2b8db47531a9c124ab0c6cf5a0900a199348ca
34744e7e236ec71b63064fc97c38099ef3460770078518828afd3078a835ef22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmmzkfd82wayn.cloudfront.net/7U0x5WUcwIxc/eCclHWR+Z3VBb3N1Jgo2KSNxEmAUEjg7O3cdDjt/MykoRGlhPy0XPnp1KRc6emJqGD0lbnhfLCZuIRYjLj8gGHx1FXlXaWJhfFEuLj0oFi40dn5JNzN2fklod318XGoFdn5JLi49ek18dBFpS2k/ZXhcagV2fkkrMXZ/OGh3ZmJJcGJhfB-48JDgjXGsBYXxIaXdifEh8dWMqECsiNSMBfHUVfUlsaWNqDGR2
143.204.42.171200 OK 193 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/7U0x5WUcwIxc/eCclHWR+Z3VBb3N1Jgo2KSNxEmAUEjg7O3cdDjt/MykoRGlhPy0XPnp1KRc6emJqGD0lbnhfLCZuIRYjLj8gGHx1FXlXaWJhfFEuLj0oFi40dn5JNzN2fklod318XGoFdn5JLi49ek18dBFpS2k/ZXhcagV2fkkrMXZ/OGh3ZmJJcGJhfB-48JDgjXGsBYXxIaXdifEh8dWMqECsiNSMBfHUVfUlsaWNqDGR2
IP 143.204.42.171:0
File type ASCII text, with no line terminators
Hash 0ae1505d9fb5734087d7ded5001a4c8d
f2c8d1f29b920677cc10312a64ae7f172ceee13f
4fae793944f6b4721255891a140f48c2da434db5a1228e0deebe61b588ea3397
GET /7U0x5WUcwIxc/eCclHWR+Z3VBb3N1Jgo2KSNxEmAUEjg7O3cdDjt/MykoRGlhPy0XPnp1KRc6emJqGD0lbnhfLCZuIRYjLj8gGHx1FXlXaWJhfFEuLj0oFi40dn5JNzN2fklod318XGoFdn5JLi49ek18dBFpS2k/ZXhcagV2fkkrMXZ/OGh3ZmJJcGJhfB-48JDgjXGsBYXxIaXdifEh8dWMqECsiNSMBfHUVfUlsaWNqDGR2 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 193
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Kx--ZBTUnkXE_eeN-8FMoMaa2KWVXy-ZZrDQs63S94_FFUMTOuLqUA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/DekhseTEZJwIfDg4hCEQJTX5fSAlcIh8WXwp1Pz99OXseNmgyPiYVAhIpWF9FACxRSRcWKQIeDFwtAhoMS24NHVNHfEoNQRUjURJQFDIcGFQROQRfRBt1ARZLEyQAGBRIDllXAV96XFFGEyYIFkYJbV5JXw5tXkkASmZcXAI4bV5JRhMmWk0USQpJSwECfl-hcAjhtXklDDG1fOABKfUJJGF96XB5UGSMDXAM8elxIAUp5XEgUSHgKEEMfLgMBFEgOXUkEVHhKDAxL
143.204.42.171200 OK 461 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/DekhseTEZJwIfDg4hCEQJTX5fSAlcIh8WXwp1Pz99OXseNmgyPiYVAhIpWF9FACxRSRcWKQIeDFwtAhoMS24NHVNHfEoNQRUjURJQFDIcGFQROQRfRBt1ARZLEyQAGBRIDllXAV96XFFGEyYIFkYJbV5JXw5tXkkASmZcXAI4bV5JRhMmWk0USQpJSwECfl-hcAjhtXklDDG1fOABKfUJJGF96XB5UGSMDXAM8elxIAUp5XEgUSHgKEEMfLgMBFEgOXUkEVHhKDAxL
IP 143.204.42.171:0
File type ASCII text, with very long lines (604), with no line terminators
Hash b7ab7bcde60efef77aab425b9a7d8cbe
af7871854abdaf45ab7ceb337bb6af1ab0c8949f
a9cdad189f383153eaf03efbc6811a0016b37d9b7d0a24b02b550d8c26b20d42
GET /DekhseTEZJwIfDg4hCEQJTX5fSAlcIh8WXwp1Pz99OXseNmgyPiYVAhIpWF9FACxRSRcWKQIeDFwtAhoMS24NHVNHfEoNQRUjURJQFDIcGFQROQRfRBt1ARZLEyQAGBRIDllXAV96XFFGEyYIFkYJbV5JXw5tXkkASmZcXAI4bV5JRhMmWk0USQpJSwECfl-hcAjhtXklDDG1fOABKfUJJGF96XB5UGSMDXAM8elxIAUp5XEgUSHgKEEMfLgMBFEgOXUkEVHhKDAxL HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 461
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TAZNxPDsP6ijVFbLxyYQXN9mK9MfUchxg3s8VcL9_e9W-K5ddZ_S-A==
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ce7308102e0dd738be581569aab3c18f
1cad180ddadf6b3f9da7cddb50f6b8295128553d
1927bf86d6f33ee13042472aadda4133d65bc9535025c5f8a36dc76dfbaa6012
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5992
Cache-Control: max-age=88041
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:22 GMT
Etag: "642545eb-1d7"
Expires: Sat, 01 Apr 2023 09:58:43 GMT
Last-Modified: Thu, 30 Mar 2023 08:18:51 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
dmmzkfd82wayn.cloudfront.net/gWDlCd3o7ViwRRSxQJkpNbg1zQ0t+UzEYFCgEC08NbQ8OThlhHzYNHmUJZBsbNl5/UR82Wn9GXDldIEpOfk0yGBFlUiMZAChYJxwLMB83Fkc1VjgeFjRYZ0U8bRdyUkhoETUeFDxWNQRfagksA19qCXNHVGgccTVfagk1HhRuDWdEOH0Lcg9MbBxxNV9qCT-ABX2t4c0dPdglrUkhoXicUETcccDFIaAhyR0toCGdFSj5QMBIcN0FnRTxpCXdZSn5Mf0Y
143.204.42.171200 OK 615 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/gWDlCd3o7ViwRRSxQJkpNbg1zQ0t+UzEYFCgEC08NbQ8OThlhHzYNHmUJZBsbNl5/UR82Wn9GXDldIEpOfk0yGBFlUiMZAChYJxwLMB83Fkc1VjgeFjRYZ0U8bRdyUkhoETUeFDxWNQRfagksA19qCXNHVGgccTVfagk1HhRuDWdEOH0Lcg9MbBxxNV9qCT-ABX2t4c0dPdglrUkhoXicUETcccDFIaAhyR0toCGdFSj5QMBIcN0FnRTxpCXdZSn5Mf0Y
IP 143.204.42.171:0
File type ASCII text, with very long lines (845), with no line terminators
Hash b6e909874670ce1423d84046f531dae8
d2e74250488addeaac294158803989e955f1edea
c7e0bf2b9656a1126f64acc6514ac1ea31879b1f33fac213c01eb594ca1bea54
GET /gWDlCd3o7ViwRRSxQJkpNbg1zQ0t+UzEYFCgEC08NbQ8OThlhHzYNHmUJZBsbNl5/UR82Wn9GXDldIEpOfk0yGBFlUiMZAChYJxwLMB83Fkc1VjgeFjRYZ0U8bRdyUkhoETUeFDxWNQRfagksA19qCXNHVGgccTVfagk1HhRuDWdEOH0Lcg9MbBxxNV9qCT-ABX2t4c0dPdglrUkhoXicUETcccDFIaAhyR0toCGdFSj5QMBIcN0FnRTxpCXdZSn5Mf0Y HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vingartistictaste.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 615
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BvbP8p1o0tXs0-wX0gAuGvv70LYq7RJSce0aPPjPdJo1udoykOaxHw==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=e6d6891a0a57453785d246b33c8a3150&p=28&g=NO&token=4a44335432&tbg=1680255082
172.67.74.36200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=e6d6891a0a57453785d246b33c8a3150&p=28&g=NO&token=4a44335432&tbg=1680255082
IP 172.67.74.36:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=e6d6891a0a57453785d246b33c8a3150&p=28&g=NO&token=4a44335432&tbg=1680255082 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBjj8DvQqQ4D1dG1t1PHAa4DrqCKcdxUtsV4sGgBigpaEuQ6LXBX00gDyDLEgm89DpbxQW74337IL2MP2HClppeommBJWbbp9PznwN%2BR6%2BED7Wf6CXe6%2Bvt25xzqqMXw2dE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b07943aaaad1bfa-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0df2e2ff4ead187d9223303ef5099043
d2a02977a9a7606d61848f7df79197c950a487eb
e876264f6b57ac3f7e70b97c840fe9519bfde482e7ffd3009a4d21cc1603f372
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 31 Mar 2023 01:11:36 GMT
Expires: Fri, 07 Apr 2023 01:11:35 GMT
Etag: "d2a02977a9a7606d61848f7df79197c950a487eb"
Cache-Control: max-age=574212,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b07943b6a2cb51e-OSL
www.google-analytics.com/j/collect?v=1&_v=j99&a=1787265007&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&ul=en-us&de=UTF-8&dt=Per.Aspera.Build.10842819.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YEBAAUABAAAAACAAI~&jid=46902847&gjid=248903361&cid=1326136981.1680255083&tid=UA-108868042-1&_gid=469853154.1680255083&_r=1>m=457e33t0&jsscut=1&z=992053444
142.250.74.78200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1787265007&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&ul=en-us&de=UTF-8&dt=Per.Aspera.Build.10842819.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YEBAAUABAAAAACAAI~&jid=46902847&gjid=248903361&cid=1326136981.1680255083&tid=UA-108868042-1&_gid=469853154.1680255083&_r=1>m=457e33t0&jsscut=1&z=992053444
IP 142.250.74.78:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j99&a=1787265007&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&ul=en-us&de=UTF-8&dt=Per.Aspera.Build.10842819.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1152x836&je=0&_u=YEBAAUABAAAAACAAI~&jid=46902847&gjid=248903361&cid=1326136981.1680255083&tid=UA-108868042-1&_gid=469853154.1680255083&_r=1>m=457e33t0&jsscut=1&z=992053444 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Fri, 31 Mar 2023 09:31:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T0xIFzy2yqjOdp4GsGeHx34wXgHcldKEE5S1Urlu-zsvnaEmtDwZhhn8EQJ6dRO390bBlN9A
142.250.74.109302 Found 396 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T0xIFzy2yqjOdp4GsGeHx34wXgHcldKEE5S1Urlu-zsvnaEmtDwZhhn8EQJ6dRO390bBlN9A
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash d85c566d8491b35ce81c93204a3cef3c
9c4646ded1b03d5dd27887325de78d2044c9d394
58e2fd5a1f57e3c481a84614503aa2462d3c2a5b48fbc67ce06d9cde912be815
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T0xIFzy2yqjOdp4GsGeHx34wXgHcldKEE5S1Urlu-zsvnaEmtDwZhhn8EQJ6dRO390bBlN9A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 09:31:22 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-619753896%3A1680255082870628&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SQPIRcNAwNbXDciBWXFWzOn6wglVNOXSKE8aI9X8PFmL4zYKlI8chAJhNOlOwUiDLZfcX1Hg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-1H08zkoOVOd2qcqc81ngqg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:7X8EUtqo-qzUn4Pt_8jndaRLN5GUSQ:ljm970u5P0VXAOK-;Path=/;Expires=Sun, 30-Mar-2025 09:31:22 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d9bccde084c491a04e52752f2af1e16d
5a7a761608a0d79d383e104a0455f76bb0d2248e
aed5aade370f65d015700850f0a3a80c5f47066e82d200f5cf1d2d44657388dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.exdynsrv.com/v1/api.php
95.211.229.247200 OK 767 B URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1030), with no line terminators
Hash 09d0242f01ae85cb69cd6860a8be8f03
d6a85d32e487faad4ae9b9a48d32881eba74b758
8643380927367f67a7d055ead8b0dc251b1abc5d517ed0ee5f6ed379387a764c
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 326
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 09:31:22 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226426a86adc29f5.70398700734616672%22%3B%7D; expires=Sun, 30-Mar-2025 09:31:22 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
dmmzkfd82wayn.cloudfront.net/
143.204.42.171200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 143.204.42.171:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Fri, 31 Mar 2023 09:31:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0C39n69_01zl1o86ykcz57bzbwVBiHSINU39qINEf91WbGcqWnpIVQ==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7QaAaXls4nE_QfCAHd1DNDnl_K7NAIk8hzhUlqrQE51yU9KKLlpIEy-RqwW4Zx618ugTiOqDw
142.250.74.109302 Found 397 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7QaAaXls4nE_QfCAHd1DNDnl_K7NAIk8hzhUlqrQE51yU9KKLlpIEy-RqwW4Zx618ugTiOqDw
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 716aa01cf3733df8d6fa76432bfb09f3
c46ba68aa6ca8540cd4cda6c7cbbc457f4e992d4
8804f1d710a89fbf0a1477b601b5f22332df036404ab5f75645be10a0a41d37f
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7QaAaXls4nE_QfCAHd1DNDnl_K7NAIk8hzhUlqrQE51yU9KKLlpIEy-RqwW4Zx618ugTiOqDw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 09:31:22 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S755788395%3A1680255082922795&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7R6VCRtWQgUdiLIkSbgJ8eDz8uPqrDcHHiXc2409RSynYzwU5kP2z-11nEcjUsgAi5eqdxOWw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-X7a8f34J5wFDwOlTej4IRA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:BR0lD_EnkA708hmvhCFTNweJXDT7lQ:SCgQcRoMnnJon9Je;Path=/;Expires=Sun, 30-Mar-2025 09:31:22 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 24 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (768)
Hash 2f99736f7b22dde32389cc115bccb6d6
bd2ec964da16128368066ace1025aadc53328ecb
19848ad751079e857e0fe8ec693aa61a6bdc46a4d44c523e575b4e65efe6c23d
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
vingartistictaste.com/utx?cb=5EnrMVRY7X16&top=megaup.net&tid=876318
52.85.49.101204 No Content 0 B URL HTTP/2 vingartistictaste.com/utx?cb=5EnrMVRY7X16&top=megaup.net&tid=876318
IP 52.85.49.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=5EnrMVRY7X16&top=megaup.net&tid=876318 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 31 Mar 2023 09:32:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: lffGEj_iDsDJSegHhOMPuVHxutukVxuXYVx0xptxJbl4CZm-Kxb5Rg==
X-Firefox-Spdy: h2
vingartistictaste.com/utx?cb=gyld0uDv4NAN&top=megaup.net&tid=825911
52.85.49.101204 No Content 0 B URL HTTP/2 vingartistictaste.com/utx?cb=gyld0uDv4NAN&top=megaup.net&tid=825911
IP 52.85.49.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=gyld0uDv4NAN&top=megaup.net&tid=825911 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 31 Mar 2023 09:32:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: x30zi59pPxJ_4YMl_gYwayq_TMT_7iJAfH664AKZdI9eP7LyH56OIg==
X-Firefox-Spdy: h2
tags.h12-media.com/load2.js
154.51.131.153200 OK 98 kB URL HTTP/2 tags.h12-media.com/load2.js
IP 154.51.131.153:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1311503caf375d06370a384ecef418e5
a23aabf3dbac3f7fb01214ce3207e02bc154ca1b
8c9bb962a26fc8dec871e0a13156ea5e96f5bfa8703ce574f8e6dae49b0d1675
GET /load2.js HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Sat, 10 Dec 2022 17:21:25 GMT
accept-ranges: bytes
etag: "d458c1d4bbcd91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 31 Mar 2023 09:31:22 GMT
content-length: 98135
X-Firefox-Spdy: h2
vingartistictaste.com/utx?cb=3avBcTmRWZvp&top=megaup.net&tid=764141
52.85.49.101204 No Content 0 B URL HTTP/2 vingartistictaste.com/utx?cb=3avBcTmRWZvp&top=megaup.net&tid=764141
IP 52.85.49.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=3avBcTmRWZvp&top=megaup.net&tid=764141 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:22 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 31 Mar 2023 09:32:22 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: mQ9MoNgTV4gyfaR2KHL40DWYM47u9_stutNv_ZRn8rIPd8RGXSAv5A==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYpvLo1377raB4gLV72i8XQYUV6vD27MhgKoEqklSiUFtgi8kd4snkpMoqoSK4BonOh8cnuvB9fTt/f4TL+kWTmhRMtcILq3nRRPfkUhKjCF1ritnppWSBgzONmNBo7hsLgEhiAV+e728lE0oDrhox+XaXAqVPgeu23XJBKl1yXofnJqNpV5i65yEp1W3w/6PYEbB7/8n5v88d5SKHcM4Ab+3z58+lkcf4jngYCOm91vg60HLUUWCjlXOPUnv3VVtqv64AR/JVAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYpvLo1377raB4gLV72i8XQYUV6vD27MhgKoEqklSiUFtgi8kd4snkpMoqoSK4BonOh8cnuvB9fTt/f4TL+kWTmhRMtcILq3nRRPfkUhKjCF1ritnppWSBgzONmNBo7hsLgEhiAV+e728lE0oDrhox+XaXAqVPgeu23XJBKl1yXofnJqNpV5i65yEp1W3w/6PYEbB7/8n5v88d5SKHcM4Ab+3z58+lkcf4jngYCOm91vg60HLUUWCjlXOPUnv3VVtqv64AR/JVAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYpvLo1377raB4gLV72i8XQYUV6vD27MhgKoEqklSiUFtgi8kd4snkpMoqoSK4BonOh8cnuvB9fTt/f4TL+kWTmhRMtcILq3nRRPfkUhKjCF1ritnppWSBgzONmNBo7hsLgEhiAV+e728lE0oDrhox+XaXAqVPgeu23XJBKl1yXofnJqNpV5i65yEp1W3w/6PYEbB7/8n5v88d5SKHcM4Ab+3z58+lkcf4jngYCOm91vg60HLUUWCjlXOPUnv3VVtqv64AR/JVAQAA HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%226426a86adc29f5.70398700734616672%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 09:31:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Sun, 30 Mar 2025 09:31:23 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
pogothere.xyz/asd100.bin
172.64.132.29200 OK 143 kB IP 172.64.132.29:0
Size 143 kB (142733 bytes)
Hash 3a5f2994afed441402ba21e651fcbd56
870e9d233dd40e60336b32a38d2fd8be8d0127c7
00282e99bfbde1cae767c6e2d251a41256a72558fdc7e72b69bbe86a507e6491
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1961
last-modified: Fri, 31 Mar 2023 08:58:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5Uax2tvH15KhITG%2FvByZZS6%2F7gqtOUaKfopV1Nt70WzEEf7fyRb3RWxu16FezHpCXfWdy4fIBTJ2G7cTpk841tfnfdOeWQKsBtZOQ6vlB%2BWPvL185Wvz7xFGAPmmy3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07943be95871e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/446002/300x250?region=eu-central-1
136.243.11.250200 OK 593 kB URL HTTP/2 static.a-ads.com/a-ads-banners/446002/300x250?region=eu-central-1
IP 136.243.11.250:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 593 kB (592944 bytes)
Hash fa3bcb574110c829d32e4b6f07d76148
356977d357a9bd6fd3b4f3ce2823832351f843e2
2e6acb1d3dc9c429ee6a882fbd2223f1b1c7aca7d12a6b6e684bac7a1f4c7e63
GET /a-ads-banners/446002/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: image/gif
content-length: 592944
x-amz-id-2: q53RW5kkzD/NhELe9PmmrjF9ncn5WudlKF9TyB7Hw5tHX5cajSUE9s/H+Vkh7KAgfBmK0BH2p0g=
x-amz-request-id: 7CT65AVC393ZQ792
x-amz-replication-status: COMPLETED
last-modified: Wed, 29 Mar 2023 07:32:45 GMT
etag: "fa3bcb574110c829d32e4b6f07d76148"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: ed.TCysl5FXVI7GSRj8xUGCtlokNUlJW
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash d1c7a1b59cbddf63287ec871ff88d8fd
cfa2dd985f49f6cd6d523b7498280e29950204d7
8d5a119c864e1df8977a1857ed0531f7fdb2e0655efa2b46927770a21398b536
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2623
Cache-Control: max-age=112434
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:23 GMT
Etag: "6425b25e-139"
Expires: Sat, 01 Apr 2023 16:45:17 GMT
Last-Modified: Thu, 30 Mar 2023 16:01:34 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 313
6.adsco.re/
104.17.167.186200 OK 56 B IP 104.17.167.186:0
Hash 2d6d764bc9ee51b79f8ff240ea1b8e4e
dd0344949590ca3e616d70e1d8d65087bc395ce3
c5c3be3da3543f44353e600c1516b7e14fdd7543dc2a088ec9fd31a05c9ae107
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:23 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07943ecf7bb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=DhCkzVzmCnZ4
13.33.243.61204 No Content 0 B URL HTTP/2 parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=DhCkzVzmCnZ4
IP 13.33.243.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=DhCkzVzmCnZ4 HTTP/1.1
Host: parrecleftne.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:31:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 31 Mar 2023 09:32:23 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 8f473fbf4c5fc98461ca6905ec13126c.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: MowYJ1ZYNPEyEoAiJVvjtK-ODsER61M_LdthGZTkUh-i_Ut-D68Nwg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 88c13c4b60ee9b78d532e463858fc5cd
478c0d74b4be2d1154d69c8aedb93e374281f19c
76207d5f63bbe6efeb7457e722e95f5dc26a2af5806d9c49dba680463ac2fabe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76207D5F63BBE6EFEB7457E722E95F5DC26A2AF5806D9C49DBA680463AC2FABE"
Last-Modified: Wed, 29 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4384
Expires: Fri, 31 Mar 2023 10:44:27 GMT
Date: Fri, 31 Mar 2023 09:31:23 GMT
Connection: keep-alive
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
theharityhild.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 390
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 09:31:22 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T0xIFzy2yqjOdp4GsGeHx34wXgHcldKEE5S1Urlu-zsvnaEmtDwZhhn8EQJ6dRO390bBlN9A
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-eITITt4OKV4v__aSERT7Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-resource-policy: cross-origin
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:IlWV6272mkEbNtQ8U22t4A31zMxB-Q:Hmmk4GCOXFcYaRZR; Expires=Sun, 30-Mar-2025 09:31:22 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:23 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10613385
X-HW: 1680255083.dop014.sk1.t,1680255083.cds246.sk1.shn,1680255083.cds246.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:23 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10700585
X-HW: 1680255083.dop015.sk1.t,1680255083.cds001.sk1.shn,1680255083.cds001.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/39/1393/805208/945697/945697_banner.png
205.185.208.20200 OK 57 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/39/1393/805208/945697/945697_banner.png
IP 205.185.208.20:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash e98c3a2d17c601c49776416853b823cf
fee8e4361745eb06aa52bed7b89769aa52b2a0ce
14c2997e86cac3ed98c84d8665caabb945b3ba2c53f17cad500c176318f2a39f
GET /a7/creatives/39/1393/805208/945697/945697_banner.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:23 GMT
Connection: Keep-Alive
ETag: "1590487676"
Content-Length: 57405
Content-Type: image/png
Last-Modified: Tue, 26 May 2020 10:07:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10610789
X-HW: 1680255083.dop230.sk1.t,1680255083.cds002.sk1.shn,1680255083.cds002.sk1.c
Access-Control-Allow-Origin: *
theharityhild.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 357
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71611a1dc084ddf05a0c6cee0e1495ec
6bd47ce6aa00f447d571d298618feb16cb1cc3e5
98f1e511c88dbd75f98ed7abdea7a1132d9e4dc6c550628537d576c789c741af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98F1E511C88DBD75F98ED7ABDEA7A1132D9E4DC6C550628537D576C789C741AF"
Last-Modified: Wed, 29 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14474
Expires: Fri, 31 Mar 2023 13:32:37 GMT
Date: Fri, 31 Mar 2023 09:31:23 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351; _ga=GA1.2.1326136981.1680255083; _gid=GA1.2.469853154.1680255083; _gat_gtag_UA_108868042_1=1; a=cLAnG0cBlCHqay7TQlG4IGWqGOlTL1hk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:23 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
vingartistictaste.com/multi?cs=Z2Q5V3FWXQhvSVRUCWBJV1wOb0g&abt=0&red=1&sm=76&k=download%20file%2010842819%20aspera%20build&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1293628766495432&agec=1680255083&fs=1&mbkb=120.1923076923077&ref=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_GZ26=1680255083402&crc=1
52.85.49.101200 OK 1.5 kB URL HTTP/2 vingartistictaste.com/multi?cs=Z2Q5V3FWXQhvSVRUCWBJV1wOb0g&abt=0&red=1&sm=76&k=download%20file%2010842819%20aspera%20build&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1293628766495432&agec=1680255083&fs=1&mbkb=120.1923076923077&ref=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_GZ26=1680255083402&crc=1
IP 52.85.49.101:0
File type ASCII text, with very long lines (3235), with no line terminators
Hash 6eff1719a84295f90acb34e76a6fe3a6
9ebbbcc18daea7a080ab142833a1c45eab74a0a5
2c90de5efb3ab3fc7c2f1413abbcb1a255b8bd52cb08a52105ea03fc55b20e8d
GET /multi?cs=Z2Q5V3FWXQhvSVRUCWBJV1wOb0g&abt=0&red=1&sm=76&k=download%20file%2010842819%20aspera%20build&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1293628766495432&agec=1680255083&fs=1&mbkb=120.1923076923077&ref=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_GZ26=1680255083402&crc=1 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1542
date: Fri, 31 Mar 2023 09:31:23 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=eda9b4ee-48d8-46ee-8def-1e71ea8d4566
csu=1293628766495432
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: tMtyaZY4wfv1fuFIqdRXG66-FROy56q9_3xhHTVuNMttkIqUQ7BYKA==
X-Firefox-Spdy: h2
tags.h12-media.com/v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2228061%22%2C%22topurl%22%3A%22https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%227vad1zy87w2%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A9%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1152%2C795%5D%2C%22ddims%22%3A%5B1152%2C795%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B579%2C518%5D%2C%22pwidth%22%3A%5B100%2C0%2C970%2C1152%5D%2C%22pheight%22%3A%5Bnull%2C0%2C256%2C286%2C505%2C550%2C790%5D%2C%22maxwidth%22%3A1152%2C%22maxheight%22%3A795%7D&rnd=0.8832393035003837
154.51.131.153200 OK 25 kB URL HTTP/2 tags.h12-media.com/v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2228061%22%2C%22topurl%22%3A%22https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%227vad1zy87w2%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A9%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1152%2C795%5D%2C%22ddims%22%3A%5B1152%2C795%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B579%2C518%5D%2C%22pwidth%22%3A%5B100%2C0%2C970%2C1152%5D%2C%22pheight%22%3A%5Bnull%2C0%2C256%2C286%2C505%2C550%2C790%5D%2C%22maxwidth%22%3A1152%2C%22maxheight%22%3A795%7D&rnd=0.8832393035003837
IP 154.51.131.153:0
File type ISO-8859 text, with very long lines (10181), with CRLF line terminators
Hash bf9a62d97137341f4f1a4b6a19bafa57
692bb190cf8695cd7ec36026acc147b7bd05a298
d5fc34d23c06d1fb116e04fc8fabb8b348b8b6024394b00ef8ef45d9633fab12
GET /v3/go.asp?payload=%7B%22mtoken%22%3A%2291.90.42.154%22%2C%22adtype%22%3A%22sticky%22%2C%22adformat%22%3A%22stickybottom%22%2C%22pubid%22%3A%22f21629f80d751907d93079a5076d4249%22%2C%22adunitid%22%3A%2228061%22%2C%22topurl%22%3A%22https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip%22%2C%22docref%22%3A%22%22%2C%22auction%22%3A%227vad1zy87w2%22%2C%22pubsubid%22%3Anull%2C%22index%22%3A%221%22%2C%22ishidden%22%3Afalse%2C%22istopwindow%22%3Atrue%2C%22isscrollable%22%3Atrue%2C%22dayofweek%22%3A5%2C%22hourofday%22%3A9%2C%22clang%22%3A%22en-US%22%2C%22docdir%22%3A%22LTR%22%2C%22cdims%22%3A%5B1152%2C795%5D%2C%22ddims%22%3A%5B1152%2C795%5D%2C%22sbars%22%3A%5B0%2C0%5D%2C%22endpoint%22%3A%22https%3A%2F%2Ftags.h12-media.com%22%2C%22coords%22%3A%5B579%2C518%5D%2C%22pwidth%22%3A%5B100%2C0%2C970%2C1152%5D%2C%22pheight%22%3A%5Bnull%2C0%2C256%2C286%2C505%2C550%2C790%5D%2C%22maxwidth%22%3A1152%2C%22maxheight%22%3A795%7D&rnd=0.8832393035003837 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: 7thMile=e0296473%2Da9d8%2D48b1%2Dbb84%2Df54da147a61e; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin:
srg-x: x-.188
x-powered-by: ARR/3.0
date: Fri, 31 Mar 2023 09:31:23 GMT
content-length: 24976
X-Firefox-Spdy: h2
jhx1t32lvoth.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 jhx1t32lvoth.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jhx1t32lvoth.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:23 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
theharityhild.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 364
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
vingartistictaste.com/floater?cs=ZXhTNGZRT2cMVFBIYgJfU0lhBVQ&abt=0&red=1&sm=83&k=download%20file%2010842819%20aspera%20build&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1293628766495432&agec=1680255083&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=120.1923076923077&ref=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_AlLr=1680255083399&crc=1
52.85.49.101200 OK 5.3 kB URL HTTP/2 vingartistictaste.com/floater?cs=ZXhTNGZRT2cMVFBIYgJfU0lhBVQ&abt=0&red=1&sm=83&k=download%20file%2010842819%20aspera%20build&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1293628766495432&agec=1680255083&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=120.1923076923077&ref=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_AlLr=1680255083399&crc=1
IP 52.85.49.101:0
File type ASCII text, with very long lines (7699), with no line terminators
Hash c47cdb5a1a44172dafcb8315a3d5b95b
1ac9246fffafd8f9048eebd1f4e0d6742818b772
5a02122a5f92e0131da83c76cbf868e1be579364b21688db0bc85e089945a91a
GET /floater?cs=ZXhTNGZRT2cMVFBIYgJfU0lhBVQ&abt=0&red=1&sm=83&k=download%20file%2010842819%20aspera%20build&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1293628766495432&agec=1680255083&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=120.1923076923077&ref=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_AlLr=1680255083399&crc=1 HTTP/1.1
Host: vingartistictaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 5286
date: Fri, 31 Mar 2023 09:31:24 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=f8052077-af77-46b6-8dfa-15fb696b1ac1
csu=1293628766495432
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 45e951df17063864957163fe2b8687d2.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: 2eF_CJmrWFwhZTiEaSAesorcUuR0iSD0Qlwf2mKx5vka1BUBGcVukA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11383
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:31:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11383
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:31:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11383
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:31:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94b9360d6bed8d7f7d31351dd3928ab9
c770bda52fa3e973c714ce02c1897a0215622f7c
1a156d2762988df93aa0cd4312ac5c2e225863d62e6d01ad123a3d03c76d8cf2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A156D2762988DF93AA0CD4312AC5C2E225863D62E6D01AD123A3D03C76D8CF2"
Last-Modified: Wed, 29 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14784
Expires: Fri, 31 Mar 2023 13:37:48 GMT
Date: Fri, 31 Mar 2023 09:31:24 GMT
Connection: keep-alive
adsco.re/p
162.252.214.5200 OK 133 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash da443135adff75b147ced61bc6cd7c7c
69d44ffb813b063866f5e3a64611de7e1d6ff7a7
d397fe8f308c740f7b7a69eaa45b2d4e6bc0ac312472bbc5760d078e6bd06f86
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Length: 2004
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 42241
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YJQbVC3HpHtLrNiTzsUmCOMIWgRik2lIhvpAz0DfmUNSznCXw6ipYw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:47:32 GMT
age: 9832
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 112 kB IP 172.64.132.29:0
Size 112 kB (112259 bytes)
Hash c18462368a7539cad38523e173377765
b4d602d48c2241b1653e1c779da93086209d7545
c88d804c3697b49d80e246af46f68311e6ed144ea1e2a78345c66deba6542368
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1961
last-modified: Fri, 31 Mar 2023 08:58:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUZ9EZcwiqqSAG2jLSiGMSQ%2BJSepT7k19V7%2FOkKbifv9%2FIiXJhX55TqtVOEhZK8IP5EgO9wOwDp8zoXLnaobSpijXuyX%2F40PWvNGiqKfgd%2FB6LmPYHhUNfgpMWp8aDCi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07943c29ac71e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
engine.4dsply.com/verify?sig=BAYAZCaoawFkJqhsgAGBAcAAII4IBlhEvLh0U1kzh72KFNyfZXvdM_TQrKhLqrzK7IU_wQAgJ0T0WZYQRKympHfpA-UaL9YG-Iekm77JKuPjtwZft-c
104.16.159.17200 OK 17 B URL HTTP/2 engine.4dsply.com/verify?sig=BAYAZCaoawFkJqhsgAGBAcAAII4IBlhEvLh0U1kzh72KFNyfZXvdM_TQrKhLqrzK7IU_wQAgJ0T0WZYQRKympHfpA-UaL9YG-Iekm77JKuPjtwZft-c
IP 104.16.159.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f9bf086d73f8b7cc483324aedb224ed0
be03b282679354a90df7b59b4c92da6e8caeaccc
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
GET /verify?sig=BAYAZCaoawFkJqhsgAGBAcAAII4IBlhEvLh0U1kzh72KFNyfZXvdM_TQrKhLqrzK7IU_wQAgJ0T0WZYQRKympHfpA-UaL9YG-Iekm77JKuPjtwZft-c HTTP/1.1
Host: engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:24 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
x-adscore-status: bot
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0794448a6cb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jhx1t32lvoth.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 jhx1t32lvoth.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jhx1t32lvoth.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:24 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fd41791459946ba644ff2f22494b3b08
7480722a95bf3f5443c77c045d00ddbd6817f582
2d293fba01134d71b876970477e6a3649860cf9ad0e59315394966ffacde9895
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D293FBA01134D71B876970477E6A3649860CF9AD0E59315394966FFACDE9895"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4457
Expires: Fri, 31 Mar 2023 10:45:41 GMT
Date: Fri, 31 Mar 2023 09:31:24 GMT
Connection: keep-alive
bidder.h12-media.com/prebid/default.asp?payload=3Ef3yj7L6eKpNOFvb3_M4reaPqZbBYFtW6re_P4QwZ-aSBQkqzlk6aL4FESUCAodcptWLf808Rmv8XiLSOiczzWkDvO2nyiD-tY8fndR0fqKVoAEMLY_L_EjTMUCezphfyvkdkHhoZeZpp_EX1HFfj3ATiituCEyMrkp1LhkhTFEldVkMwg1y6r6bjWEfVTK8QaK2CbSzHN61VoIWzFfbkxguygBkJuKGd412Ww8GqdD9Vzn1OCQOkBcYlheLDGJEZyvluNqvJ2gPV16j1QkHJc7Hkif6MhqP6ZoPhn76H1vd1uVuGKHW1mu_G9LyIBAta8VbNYSovp58GLA8EVadf7QbIT_yPH5J_AlqUJvyx116OSd7-wOLa5S_SEIbzJF1PUA4TZwUipGuOViuSbSo30UfDR8FSlq2AuXoUOQ1SsuIX71J0SCfXGSEUeDRRk2Q30
154.51.131.153200 OK 3.1 kB URL HTTP/2 bidder.h12-media.com/prebid/default.asp?payload=3Ef3yj7L6eKpNOFvb3_M4reaPqZbBYFtW6re_P4QwZ-aSBQkqzlk6aL4FESUCAodcptWLf808Rmv8XiLSOiczzWkDvO2nyiD-tY8fndR0fqKVoAEMLY_L_EjTMUCezphfyvkdkHhoZeZpp_EX1HFfj3ATiituCEyMrkp1LhkhTFEldVkMwg1y6r6bjWEfVTK8QaK2CbSzHN61VoIWzFfbkxguygBkJuKGd412Ww8GqdD9Vzn1OCQOkBcYlheLDGJEZyvluNqvJ2gPV16j1QkHJc7Hkif6MhqP6ZoPhn76H1vd1uVuGKHW1mu_G9LyIBAta8VbNYSovp58GLA8EVadf7QbIT_yPH5J_AlqUJvyx116OSd7-wOLa5S_SEIbzJF1PUA4TZwUipGuOViuSbSo30UfDR8FSlq2AuXoUOQ1SsuIX71J0SCfXGSEUeDRRk2Q30
IP 154.51.131.153:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (3038), with no line terminators
Hash ed79b7ef01d23550191011d915f10e84
6e9e429583bfd231839a395cde30958ee6a83496
2fc6892609c6956dbef22f8528d149d2db470e1d1165306b6c3da8afd86c11cc
POST /prebid/default.asp?payload=3Ef3yj7L6eKpNOFvb3_M4reaPqZbBYFtW6re_P4QwZ-aSBQkqzlk6aL4FESUCAodcptWLf808Rmv8XiLSOiczzWkDvO2nyiD-tY8fndR0fqKVoAEMLY_L_EjTMUCezphfyvkdkHhoZeZpp_EX1HFfj3ATiituCEyMrkp1LhkhTFEldVkMwg1y6r6bjWEfVTK8QaK2CbSzHN61VoIWzFfbkxguygBkJuKGd412Ww8GqdD9Vzn1OCQOkBcYlheLDGJEZyvluNqvJ2gPV16j1QkHJc7Hkif6MhqP6ZoPhn76H1vd1uVuGKHW1mu_G9LyIBAta8VbNYSovp58GLA8EVadf7QbIT_yPH5J_AlqUJvyx116OSd7-wOLa5S_SEIbzJF1PUA4TZwUipGuOViuSbSo30UfDR8FSlq2AuXoUOQ1SsuIX71J0SCfXGSEUeDRRk2Q30 HTTP/1.1
Host: bidder.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1145
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: 7thMile=e0296473%2Da9d8%2D48b1%2Dbb84%2Df54da147a61e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/json; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: 7thMile=4ad82531%2D2826%2D47f9%2Dba60%2Dcc61b59ee5c9; Max-Age=5000000; Domain=.h12-media.com; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
srg-x: x-.178
procadsent: 0.0312
x-powered-by: ASP.NET, ARR/3.0
date: Fri, 31 Mar 2023 09:31:24 GMT
content-length: 3061
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1546
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Fri, 31 Mar 2023 09:31:24 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 2
set-cookie: X-Contour-Session-Affinity="6dea767bbcf38ad9"; Path=/; HttpOnly
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 314 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash dbdbaf18597d885c3615068e728dd0ec
32263a37bd38997558bfb893b6d67d6992c02e09
e0f16fae643fb5a5b27d064aac48c6e48977261e65ec8725017003c71cf14c9a
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:25 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 17:15:14 GMT
Expires: Tue, 04 Apr 2023 17:15:13 GMT
Etag: "32263a37bd38997558bfb893b6d67d6992c02e09"
Cache-Control: max-age=372828,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0794482e5cb503-OSL
ghb.adtelligent.com/v2/auction/
185.239.173.226200 OK 1.1 kB URL HTTP/1.1 ghb.adtelligent.com/v2/auction/
IP 185.239.173.226:0
Hash 9bc9f5d3fe63c6d7ed6d22c19224edf3
ea11abc87d5b4524342d62b22c4ef9d7e859a820
5d1cad46a33edde1045cf5645a6e0e4210e7b65fc9c9984c6c26b4d78067da36
POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 844
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Fri, 31 Mar 2023 09:31:24 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1096
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
widgets.outbrain.com/outbrain.js
23.38.201.81200 OK 72 kB URL HTTP/2 widgets.outbrain.com/outbrain.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (1610)
Hash ab183a0a7fdfe7c58bb5460e0795f04f
1de49abf1403d60d0db2a44fe87f77c54d936ada
7ee7da86f8ecc93bf1ce58071cb70dd266dc5c19dbdf5f7f08e66c1a73b22605
GET /outbrain.js HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 72296
x-traceid: c8a0ad0104d8948ab590d8db112b65b
etag: "13-RfWCJFN6w10LTTqXCMiMczkMP/k"
last-modified: Tue, 28 Mar 2023 09:20:26 GMT
cache-control: max-age=14500
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 31 Mar 2023 09:31:25 GMT
edge-cache-tag: widget-cheetah
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
23.38.201.81200 OK 43 B URL HTTP/2 widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
IP 23.38.201.81:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /widget/detect/px.gif?ch=1 HTTP/1.1
Host: widget-pixels.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 43
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=3Ef3yj7L6eKpNOFvb3%5FM4reaPqZbBYFtW6re%5FP4QwZ%2DaSBQkqzlk6aL4FESUCAodcptWLf808Rmv8XiLSOiczzWkDvO2nyiD%2DtY8fndR0fqKVoAEMLY%5FL%5FEjTMUCezphfyvkdkHhoZeZpp%5FEX1HFfj3ATiituCEyMrkp1LhkhTFEldVkMwg1y6r6bjWEfVTK8QaK2CbSzHN61VoIWzFfbkxguygBkJuKGd412Ww8GqdD9Vzn1OCQOkBcYlheLDGJEZyvluNqvJ2gPV16j1QkHJc7Hkif6MhqP6ZoPhn76H1vd1uVuGKHW1mu%5FG9LyIBAta8VbNYSovp58GLA8EVadf7QbIT%5FyPH5J%5FAlqUJvyx116OSd7%2DwOLa5S%5FSEIbzJF1PUA4TZwUipGuOViuSbSo30UfDR8FSlq2AuXoUOQ1SsuIX71J0SCfXGSEUeDRRk2Q30&size=970x90&wp=0%2E00001&bd=OBT&d=1
154.51.131.153200 OK 144 B URL HTTP/2 tags.h12-media.com/rtb/?pname=hb_result_v3&impdata=3Ef3yj7L6eKpNOFvb3%5FM4reaPqZbBYFtW6re%5FP4QwZ%2DaSBQkqzlk6aL4FESUCAodcptWLf808Rmv8XiLSOiczzWkDvO2nyiD%2DtY8fndR0fqKVoAEMLY%5FL%5FEjTMUCezphfyvkdkHhoZeZpp%5FEX1HFfj3ATiituCEyMrkp1LhkhTFEldVkMwg1y6r6bjWEfVTK8QaK2CbSzHN61VoIWzFfbkxguygBkJuKGd412Ww8GqdD9Vzn1OCQOkBcYlheLDGJEZyvluNqvJ2gPV16j1QkHJc7Hkif6MhqP6ZoPhn76H1vd1uVuGKHW1mu%5FG9LyIBAta8VbNYSovp58GLA8EVadf7QbIT%5FyPH5J%5FAlqUJvyx116OSd7%2DwOLa5S%5FSEIbzJF1PUA4TZwUipGuOViuSbSo30UfDR8FSlq2AuXoUOQ1SsuIX71J0SCfXGSEUeDRRk2Q30&size=970x90&wp=0%2E00001&bd=OBT&d=1
IP 154.51.131.153:0
File type ASCII text, with no line terminators
Hash d45013d657142c297ef663156e1ef6ff
6f849481151f70f36ed3ce025573945893db0c9d
a754969f42738801be2ef332742b3fea538bba504a263a80faabf7bb75fddb8a
GET /rtb/?pname=hb_result_v3&impdata=3Ef3yj7L6eKpNOFvb3%5FM4reaPqZbBYFtW6re%5FP4QwZ%2DaSBQkqzlk6aL4FESUCAodcptWLf808Rmv8XiLSOiczzWkDvO2nyiD%2DtY8fndR0fqKVoAEMLY%5FL%5FEjTMUCezphfyvkdkHhoZeZpp%5FEX1HFfj3ATiituCEyMrkp1LhkhTFEldVkMwg1y6r6bjWEfVTK8QaK2CbSzHN61VoIWzFfbkxguygBkJuKGd412Ww8GqdD9Vzn1OCQOkBcYlheLDGJEZyvluNqvJ2gPV16j1QkHJc7Hkif6MhqP6ZoPhn76H1vd1uVuGKHW1mu%5FG9LyIBAta8VbNYSovp58GLA8EVadf7QbIT%5FyPH5J%5FAlqUJvyx116OSd7%2DwOLa5S%5FSEIbzJF1PUA4TZwUipGuOViuSbSo30UfDR8FSlq2AuXoUOQ1SsuIX71J0SCfXGSEUeDRRk2Q30&size=970x90&wp=0%2E00001&bd=OBT&d=1 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Cookie: 7thMile=4ad82531%2D2826%2D47f9%2Dba60%2Dcc61b59ee5c9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-store,no-cache,max-age=0,private
content-type: application/x-javascript; Charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
srg-x: x-.186
x-powered-by: ARR/3.0
date: Fri, 31 Mar 2023 09:31:24 GMT
content-length: 144
X-Firefox-Spdy: h2
tcheck.outbrainimg.com/tcheck/check/bWVnYXVwLm5ldA==
23.38.201.176200 OK 16 B URL HTTP/1.1 tcheck.outbrainimg.com/tcheck/check/bWVnYXVwLm5ldA==
IP 23.38.201.176:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ce08a60aa308225db15c98edf4ae2447
bacf25489bad0312aa2f37fc735fa7e57b2d7306
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
GET /tcheck/check/bWVnYXVwLm5ldA== HTTP/1.1
Host: tcheck.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 16
X-TraceId: 39ebd092bfaeb4bfa60cc7dd2a701043
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Cache-Control: max-age=22299
Expires: Fri, 31 Mar 2023 15:43:04 GMT
Date: Fri, 31 Mar 2023 09:31:25 GMT
Connection: keep-alive
Access-Control-Max-Age: 43200
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&idx=0&rand=55440&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1679894&pubImpId=45748832c3fa7e8&px=0&py=0&vpd=0&cnsntv2=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=H12ME1OGI4M4PLMMGPJ01MHAC&version=2010244&sig=6byJO0sT&apv=false&&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ogn=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip
151.101.246.132200 OK 12 kB URL HTTP/2 odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&idx=0&rand=55440&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1679894&pubImpId=45748832c3fa7e8&px=0&py=0&vpd=0&cnsntv2=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=H12ME1OGI4M4PLMMGPJ01MHAC&version=2010244&sig=6byJO0sT&apv=false&&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ogn=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip
IP 151.101.246.132:0
File type Unicode text, UTF-8 text, with very long lines (47721), with no line terminators
Hash 6d577a7c7790a009b549aceb0e5c8650
9d1a2e03ed085f1e234d8dce2b1223dddb76dd31
235dace00a4ba68353b14f95b0410262bec28f3c4d4570ac3a19a54094e75ea1
GET /utils/platforms?contentUrl=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip&idx=0&rand=55440&widgetJSId=AR_2&va=true&et=true&format=html&rtbEnabled=true&adblck=false&abwl=false&extid=1679894&pubImpId=45748832c3fa7e8&px=0&py=0&vpd=0&cnsntv2=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cw=970&activeTab=true&ab=0&wl=0&settings=true&recs=true&key=H12ME1OGI4M4PLMMGPJ01MHAC&version=2010244&sig=6byJO0sT&apv=false&&osLang=en-US&winW=970&winH=90&scrW=1280&scrH=1024&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ogn=https%3A%2F%2Fmegaup.net%2F1d6xe%2FPer.Aspera.Build.10842819.zip HTTP/1.1
Host: odb.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
pragma: no-cache
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
set-cookie: obsessionid-p178258=2d749ec7-fa5a-3918-0000-01873701eb72|0|1; Max-Age=1800; Expires=Fri, 31 Mar 2023 10:01:25 GMT; Path=/; Domain=outbrain.com
obuid=17dbae9e-cf76-4c7e-8553-9151680b8b4a; Max-Age=7776000; Expires=Thu, 29 Jun 2023 09:31:25 GMT; Path=/; Domain=outbrain.com
recs_60a70f6bd66747034aed4d887efb08a2=0B4902139065A4739273492ACD1; Max-Age=60; Expires=Fri, 31 Mar 2023 09:32:25 GMT; Path=/; Domain=outbrain.com
x-traceid: aa2360f6ea7464820a728cb872a8b580
content-encoding: br
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Fri, 31 Mar 2023 09:31:25 GMT
x-served-by: cache-lga21948-LGA, cache-hel1410029-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1680255085.366832,VS0,VE217
vary: Accept-Encoding, User-Agent
traffic-path: NYDC1, LGA, HEL, Europe1
content-length: 12350
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a
23.38.201.81200 OK 686 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a
IP 23.38.201.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5b97ec90c55f5357b412825e5e67525a
7dd2ad14245380a730735d18b06346dcbb7aa254
ee4237548288e67df37898219464bc7bd57bf2eb4238a627dcbbb15815090037
GET /nanoWidget/externals/obUserFrame/test.html?lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "1e015194a0e596827cb8971f884eb43c:1679997890.05285"
last-modified: Tue, 28 Mar 2023 09:17:03 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
content-length: 686
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/put.html
23.38.201.81200 OK 416 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/put.html
IP 23.38.201.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c0311cf15c21ddda054005e92fad3f9e
5276eceeb0576cbee82010f611dfd6fd305991f9
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
GET /nanoWidget/externals/cookie/put.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1679997887.217072"
last-modified: Tue, 28 Mar 2023 09:17:03 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/achoice.svg
23.38.201.81200 OK 990 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/achoice.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (990), with no line terminators
Hash 5ab8e16b5f46213840bcd403e349419c
f03f6dc8e2206a94119af76f9a3b3c835390cae7
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
GET /images/widgetIcons/achoice.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 990
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/Close.svg
23.38.201.81200 OK 765 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/Close.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (635)
Hash f740f788e2e26736856f7a3a12457a63
d0ec57a47f6a40f23011dd93219873a5eaee96e2
c2c92cde33538b1187bedea3d0b6d5141e4222eba8092476339aa080cee759ac
GET /images/widgetIcons/Close.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "f740f788e2e26736856f7a3a12457a63:1673369390.457553"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 765
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/widgetOBUserSync/obUserSync.html
23.38.201.81200 OK 6.1 kB URL HTTP/2 widgets.outbrain.com/widgetOBUserSync/obUserSync.html
IP 23.38.201.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (19460)
Hash a0deb47fce706a3510d91dc6bc095f9b
ae9e49270f51dc7001a645befe31735a294cb064
7ad2fddee52f08e29670d8480bd03e93454797497e3eea2faec69e2900967af5
GET /widgetOBUserSync/obUserSync.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "aaa80e35f63de779238a27102307cdae:1679991752.353208"
last-modified: Tue, 28 Mar 2023 08:16:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
content-length: 6068
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/2010244/module/userZapping.js?e=1
23.38.201.81200 OK 7.1 kB URL HTTP/2 widgets.outbrain.com/nanoWidget/2010244/module/userZapping.js?e=1
IP 23.38.201.81:0
File type ASCII text, with very long lines (14642)
Hash a441f47389afcb4d4a2aa73cfaa06bdd
7225900ae5d790c4cc192402fec9f3134db5dd4d
0adeef22d13c9370db8547393913eddf60b0fbc085f0a62c4d853dae9d989627
GET /nanoWidget/2010244/module/userZapping.js?e=1 HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "b8b418abf7a4799a9ee5e62ef475713b:1679997809.627056"
last-modified: Tue, 28 Mar 2023 09:19:29 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
content-length: 7104
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/nanoWidget/externals/cookie/test.html
23.38.201.81200 OK 610 B URL HTTP/2 widgets.outbrain.com/nanoWidget/externals/cookie/test.html
IP 23.38.201.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48053d50141031b1511dbd30f9a31288
06966364d22a02a4ed89c18c38d6ddfc6de254c6
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
GET /nanoWidget/externals/cookie/test.html HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1679997887.904184"
last-modified: Tue, 28 Mar 2023 09:17:03 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=604800
expires: Fri, 07 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6IjhkMTRhN2JmY2RlY2E0MmQzMGU3NTgxMDFlYzlmZmU4ZTA0NzExYzNkOWI3YmZkZTQ0Y2Q4YjQyMGU5ODNkN2EiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
23.38.201.176200 OK 6.0 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6IjhkMTRhN2JmY2RlY2E0MmQzMGU3NTgxMDFlYzlmZmU4ZTA0NzExYzNkOWI3YmZkZTQ0Y2Q4YjQyMGU5ODNkN2EiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
IP 23.38.201.176:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad13cb940634f5286c47b9d62399f25f
ef0c3b44dd09adac2269aa3b5a1bf6a9a055c14c
b199f53f786069fb17d0d682e0aca7e4d04f505ca670012b2a72596c0c06b3a1
GET /transform/v3/eyJpdSI6IjhkMTRhN2JmY2RlY2E0MmQzMGU3NTgxMDFlYzlmZmU4ZTA0NzExYzNkOWI3YmZkZTQ0Y2Q4YjQyMGU5ODNkN2EiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 6000
last-modified: Tue, 21 Feb 2023 12:45:50 GMT
x-traceid: 0ba36710138f9154589fe6a823301cea
cache-control: max-age=1553383
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
images.outbrainimg.com/transform/v3/eyJpdSI6ImU5MDA2MWM1NjY2YTFhNTY5YTVjNzhmZTUwNTM5YjQ2YTAzYTJkNzYxOWNmNjUzOTBmNTM0NjkwMGZlMDkyNWYiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
23.38.201.176200 OK 4.5 kB URL HTTP/2 images.outbrainimg.com/transform/v3/eyJpdSI6ImU5MDA2MWM1NjY2YTFhNTY5YTVjNzhmZTUwNTM5YjQ2YTAzYTJkNzYxOWNmNjUzOTBmNTM0NjkwMGZlMDkyNWYiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
IP 23.38.201.176:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3020558b836b886e0f01ef57cb093830
2d0244ba5fc0f2f3579318210c39303ee14e8545
ca5bd04d9bb5323f31cf5773d2b0d879848a283fca54acd693d4179454012cdd
GET /transform/v3/eyJpdSI6ImU5MDA2MWM1NjY2YTFhNTY5YTVjNzhmZTUwNTM5YjQ2YTAzYTJkNzYxOWNmNjUzOTBmNTM0NjkwMGZlMDkyNWYiLCJ3IjoyMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp HTTP/1.1
Host: images.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 4548
last-modified: Tue, 14 Feb 2023 04:49:19 GMT
x-traceid: 889cc673359c5d5da85811262143530e
cache-control: max-age=564041
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
timing-allow-origin: *, *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-vi.svg
23.38.201.81200 OK 182 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-vi.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c065312fdb5e02c1399f2622776530df
785d98e9025f7b5cd7e2bd4f80098e44cda01ebf
b9e07d8e5143b4764aeebb012b1b020f60eb1cdca44ed1bc22ba9bc85f3af5eb
GET /images/widgetIcons/icon-vi.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "91990280dce13a095a0da3a6b2fc6816:1673369403.63584"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 182
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
23.38.201.81200 OK 524 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/ChevronRight.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (422)
Hash c1dc41410784b37a37e29a21baf9aa1f
9b1a4b46b77322f217c3395e32bbb177199c327c
f8d6148b07b2251c53a2605a003b1d29babb8154c5abd0bde0f7e8a800f2dfd9
GET /images/widgetIcons/ChevronRight.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "c1dc41410784b37a37e29a21baf9aa1f:1673369389.756676"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 524
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
23.38.201.81200 OK 559 B URL HTTP/2 widgets.outbrain.com/images/widgetIcons/icon-x-white.svg
IP 23.38.201.81:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (363)
Hash 854eb39a3d94a8ec9977261db0c8acc8
ef852997961f946b34e996504912b0606e4c6593
06ffd9e17bd41822b9a7b982a8ff486fafa54f7781baacb6ef3507ae7f9b36b5
GET /images/widgetIcons/icon-x-white.svg HTTP/1.1
Host: widgets.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "854eb39a3d94a8ec9977261db0c8acc8:1673369404.25082"
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
content-length: 559
cache-control: max-age=2592000
expires: Sun, 30 Apr 2023 09:31:25 GMT
date: Fri, 31 Mar 2023 09:31:25 GMT
access-control-request-headers: X-OB-STG,X-OB-PRD
timing-allow-origin: *, *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 3b855e7ee510fc57849b70ad5796c546
00b430b578a2c77decf6fd116def22aa2de7de97
d6151067b6e25139d5f2a1586ff16d6374c2d1c9c0c233c395a1ba125009d247
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3563
Cache-Control: max-age=148605
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:25 GMT
Etag: "64263bff-1d7"
Expires: Sun, 02 Apr 2023 02:48:10 GMT
Last-Modified: Fri, 31 Mar 2023 01:48:47 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
mcdp-nydc1.outbrain.com/l?token=41ba455fdb2d7ef76dbc620db4253d44_178258_1680255085529&tm=407&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2010244&pVis=1&lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a&eIdx=&cnsntV2=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=322&oo=false&lo=1205&odbreq=1349&odbres=1671&mvreq=1349&mvres=1671&to=1680255083699&umv=1&ll=0&chs=2&ab=0&wl=0
64.202.112.127200 OK 2 B URL HTTP/1.1 mcdp-nydc1.outbrain.com/l?token=41ba455fdb2d7ef76dbc620db4253d44_178258_1680255085529&tm=407&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2010244&pVis=1&lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a&eIdx=&cnsntV2=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=322&oo=false&lo=1205&odbreq=1349&odbres=1671&mvreq=1349&mvres=1671&to=1680255083699&umv=1&ll=0&chs=2&ab=0&wl=0
IP 64.202.112.127:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
GET /l?token=41ba455fdb2d7ef76dbc620db4253d44_178258_1680255085529&tm=407&eT=0&widgetWidth=970&widgetHeight=90&widgetX=0&widgetY=0&wRV=2010244&pVis=1&lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a&eIdx=&cnsntV2=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&cheq=0&rtt=322&oo=false&lo=1205&odbreq=1349&odbres=1671&mvreq=1349&mvres=1671&to=1680255083699&umv=1&ll=0&chs=2&ab=0&wl=0 HTTP/1.1
Host: mcdp-nydc1.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:26 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 4ad5df022b9204bfaed95c8fdb483b3e
log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=41ba455fdb2d7ef76dbc620db4253d44&pvId=41ba455fdb2d7ef76dbc620db4253d44&sid=8662499&pid=178258&idx=0&wId=101&pad=2&org=0&tm=432&eT=3&cnsnt=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2010244&pVis=1&lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a&eIdx=0&oo=false&ab=0&wl=0
70.42.32.127200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=41ba455fdb2d7ef76dbc620db4253d44&pvId=41ba455fdb2d7ef76dbc620db4253d44&sid=8662499&pid=178258&idx=0&wId=101&pad=2&org=0&tm=432&eT=3&cnsnt=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2010244&pVis=1&lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a&eIdx=0&oo=false&ab=0&wl=0
IP 70.42.32.127:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /loggerServices/widgetGlobalEvent?rId=41ba455fdb2d7ef76dbc620db4253d44&pvId=41ba455fdb2d7ef76dbc620db4253d44&sid=8662499&pid=178258&idx=0&wId=101&pad=2&org=0&tm=432&eT=3&cnsnt=CPpgpQ7PpgpQ7BBACBENCFCsAP_AAH_AACiQImtf_X__bX9j-_5_f_t0eY1P9_r3v-QzjhfNt-8F3L_W_L0X42E7NF36pq4KuR4Eu3LBIQNlHMHUTUmwaokVrzHsak2cpyNKJ7LEmnMZO2dYGHtPn9lDuYKY7_5___fz3j-v_t_-39T378X_3_d5_2---vCfV599jLv9____39nP___9v-_9_____-CIYBJhqXkAXYljgybRpVCiBGFYSFQCgAooBhaIrABwcFOysAn1BCwAQCoCMCIEGIKMGAQACAQBIREBIAWCARAEQCAAEAKMBCAAiYBBYAWBgEAAoBoWIAUAAgSEGRwVHKYEBEi0UEtlYglBXsaYQBllgBQKIyKgARKEACwMhIWDmOAJAS4WSBZihfIAAAAA.YAAAAAAAAAAA&wRV=2010244&pVis=1&lsd=17dbae9e-cf76-4c7e-8553-9151680b8b4a&eIdx=0&oo=false&ab=0&wl=0 HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:26 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 8fef58a36775731e55fcc47395789ddb
bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQPCl6EHIYbwoy2z0%2FewwhGJNoMO4uSWRvQnVV9%2B5zeqqaqu7p2QVxUZCcZNSDOdZ%2B%2Bwt1FfMHSKTXiwwImYus6P4LikLwKDMZM%2Fqg%2B%2F34HsVX73310U5%2Byjzk%2FGT1Lb1FScKXWjWv%2BuIaKakLW12%2BXfW9mnehukaq3bxQHU5%2FZvCK77Vq3kvV1yPR00t1z%2Fc83%2FOr18hEsR4uzVBQetT1a12v1qzX%2FFYTQ%2BNg8wosr0AOTtkzIDl5cuPHeyBRQvW%2FvRLZXqbTl6%2F284Rn2mAgD99WPaULhf4ijE0FsTqcd0PbCWN3z0Crwzlr6MHelDVCmrDKzz5CdTinhnCw%2F4hdmCBSCOVTKAYloqQE8RJCfwiSDxggJJZXoPoHy9oUfPMRyqfohJ19%2BBeomLCzvz0L1f%2FmckLD6i2d5BlpZTGMHWhYgtZLpPkxsi0GKo4hsg9A8ie29PAGVH9vxSYaJN3s9kQlKC6RRCNwy5BPP2LI4wrytIK%2BPKnyVjf2vE4cxo1G0BRCNBpCtIK2bMlGM4g95GJKb4QsHUEkIwizjdRso0cjmPxjkC2RcwdKHVJ7ENRbXd9HJMaX%2FmYzA6eTauh3Wx2%2F0wwCT7Rl2PEaotGIgk6r2Q1FHHKENL508b37b7w%2F%2FhQJMUR8fP%2BP%2BQFWOajc7SpDDiYas7ntGpmNLz3u2nCwksFmDAPpUEQMhWUoOENBDEXGUAzcvkxs3boDmdg89Oe%2BPvcNt6uzdbevs%2FVIsZ30lD09282f4h30opNq7Il6EHebjXrQ7HbDQDY7jXbQlsKXQdQMJCz9OwGyZ8BtBVs0Yc%2F9%2BjvSqWzkZwj5MWxyDEEvgOfnwQsHvuGwpRykPgq17nFJSU3oPtLsHLLNyk5yyp6f8WjfvfO%2F0QrjkBqHd%2BkHhvXkzu5NXbC9m7qw7N5KmlGftvhUP7cynkVPfPlmtFloI69fsaMvXhVTYBoe3Y5sdoMrSWrdsq8uk5SRuaaNiNh31%2B1aFK7mduNyblSe3lh97dr1fmoia0mrEpweXP0cgibs3Ce%2FzF7G%2Ba8vgkwJkzv088erAukSIt2GTRc1qxlMssjDlKHI3a6ph4viVAzJYufgoYP9Tx4u4h37PSw5ZJb9AwAA%2F%2F8BAAD%2F%2F72o99ODBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1680255083&pid=91283&sub2=icon&auid=b1957174880c6db703c33e87549bcfba&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
104.21.9.93307 Temporary Redirect 0 B URL HTTP/2 bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQPCl6EHIYbwoy2z0%2FewwhGJNoMO4uSWRvQnVV9%2B5zeqqaqu7p2QVxUZCcZNSDOdZ%2B%2Bwt1FfMHSKTXiwwImYus6P4LikLwKDMZM%2Fqg%2B%2F34HsVX73310U5%2Byjzk%2FGT1Lb1FScKXWjWv%2BuIaKakLW12%2BXfW9mnehukaq3bxQHU5%2FZvCK77Vq3kvV1yPR00t1z%2Fc83%2FOr18hEsR4uzVBQetT1a12v1qzX%2FFYTQ%2BNg8wosr0AOTtkzIDl5cuPHeyBRQvW%2FvRLZXqbTl6%2F284Rn2mAgD99WPaULhf4ijE0FsTqcd0PbCWN3z0Crwzlr6MHelDVCmrDKzz5CdTinhnCw%2F4hdmCBSCOVTKAYloqQE8RJCfwiSDxggJJZXoPoHy9oUfPMRyqfohJ19%2BBeomLCzvz0L1f%2FmckLD6i2d5BlpZTGMHWhYgtZLpPkxsi0GKo4hsg9A8ie29PAGVH9vxSYaJN3s9kQlKC6RRCNwy5BPP2LI4wrytIK%2BPKnyVjf2vE4cxo1G0BRCNBpCtIK2bMlGM4g95GJKb4QsHUEkIwizjdRso0cjmPxjkC2RcwdKHVJ7ENRbXd9HJMaX%2FmYzA6eTauh3Wx2%2F0wwCT7Rl2PEaotGIgk6r2Q1FHHKENL508b37b7w%2F%2FhQJMUR8fP%2BP%2BQFWOajc7SpDDiYas7ntGpmNLz3u2nCwksFmDAPpUEQMhWUoOENBDEXGUAzcvkxs3boDmdg89Oe%2BPvcNt6uzdbevs%2FVIsZ30lD09282f4h30opNq7Il6EHebjXrQ7HbDQDY7jXbQlsKXQdQMJCz9OwGyZ8BtBVs0Yc%2F9%2BjvSqWzkZwj5MWxyDEEvgOfnwQsHvuGwpRykPgq17nFJSU3oPtLsHLLNyk5yyp6f8WjfvfO%2F0QrjkBqHd%2BkHhvXkzu5NXbC9m7qw7N5KmlGftvhUP7cynkVPfPlmtFloI69fsaMvXhVTYBoe3Y5sdoMrSWrdsq8uk5SRuaaNiNh31%2B1aFK7mduNyblSe3lh97dr1fmoia0mrEpweXP0cgibs3Ce%2FzF7G%2Ba8vgkwJkzv088erAukSIt2GTRc1qxlMssjDlKHI3a6ph4viVAzJYufgoYP9Tx4u4h37PSw5ZJb9AwAA%2F%2F8BAAD%2F%2F72o99ODBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1680255083&pid=91283&sub2=icon&auid=b1957174880c6db703c33e87549bcfba&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 104.21.9.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz4scRRSuifEQPCl6EHIYbwoy2z0%2FewwhGJNoMO4uSWRvQnVV9%2B5zeqqaqu7p2QVxUZCcZNSDOdZ%2B%2Bwt1FfMHSKTXiwwImYus6P4LikLwKDMZM%2Fqg%2B%2F34HsVX73310U5%2Byjzk%2FGT1Lb1FScKXWjWv%2BuIaKakLW12%2BXfW9mnehukaq3bxQHU5%2FZvCK77Vq3kvV1yPR00t1z%2Fc83%2FOr18hEsR4uzVBQetT1a12v1qzX%2FFYTQ%2BNg8wosr0AOTtkzIDl5cuPHeyBRQvW%2FvRLZXqbTl6%2F284Rn2mAgD99WPaULhf4ijE0FsTqcd0PbCWN3z0Crwzlr6MHelDVCmrDKzz5CdTinhnCw%2F4hdmCBSCOVTKAYloqQE8RJCfwiSDxggJJZXoPoHy9oUfPMRyqfohJ19%2BBeomLCzvz0L1f%2FmckLD6i2d5BlpZTGMHWhYgtZLpPkxsi0GKo4hsg9A8ie29PAGVH9vxSYaJN3s9kQlKC6RRCNwy5BPP2LI4wrytIK%2BPKnyVjf2vE4cxo1G0BRCNBpCtIK2bMlGM4g95GJKb4QsHUEkIwizjdRso0cjmPxjkC2RcwdKHVJ7ENRbXd9HJMaX%2FmYzA6eTauh3Wx2%2F0wwCT7Rl2PEaotGIgk6r2Q1FHHKENL508b37b7w%2F%2FhQJMUR8fP%2BP%2BQFWOajc7SpDDiYas7ntGpmNLz3u2nCwksFmDAPpUEQMhWUoOENBDEXGUAzcvkxs3boDmdg89Oe%2BPvcNt6uzdbevs%2FVIsZ30lD09282f4h30opNq7Il6EHebjXrQ7HbDQDY7jXbQlsKXQdQMJCz9OwGyZ8BtBVs0Yc%2F9%2BjvSqWzkZwj5MWxyDEEvgOfnwQsHvuGwpRykPgq17nFJSU3oPtLsHLLNyk5yyp6f8WjfvfO%2F0QrjkBqHd%2BkHhvXkzu5NXbC9m7qw7N5KmlGftvhUP7cynkVPfPlmtFloI69fsaMvXhVTYBoe3Y5sdoMrSWrdsq8uk5SRuaaNiNh31%2B1aFK7mduNyblSe3lh97dr1fmoia0mrEpweXP0cgibs3Ce%2FzF7G%2Ba8vgkwJkzv088erAukSIt2GTRc1qxlMssjDlKHI3a6ph4viVAzJYufgoYP9Tx4u4h37PSw5ZJb9AwAA%2F%2F8BAAD%2F%2F72o99ODBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1680255083&pid=91283&sub2=icon&auid=b1957174880c6db703c33e87549bcfba&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: bookadil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
date: Fri, 31 Mar 2023 09:31:26 GMT
content-length: 0
location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-request-id: c1fcc776b3e7c3f0dcf98229de0620b6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUMrspQlOsa%2BsGSj5gbA3ls1UMAKtmdJwywkaj3KiCDE654g91Y8hzftfuQkuJ%2FE8L0B24g3dGRN2AUy7RBjzWd%2FxgbakLPHEl1ExML%2FDDgK1o0jeTXC5FZ71%2FhwcrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0794512a2eb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4cf7868e5b65e9acd9c2b988da5eea93
c8979219d5cde75ee3c3c809afcdbe4b63011941
82f42e96cdc35b31a02579665bf6d669ccc95f66921574f4b3ecd7b963a44954
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82F42E96CDC35B31A02579665BF6D669CCC95F66921574F4B3ECD7B963A44954"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4710
Expires: Fri, 31 Mar 2023 10:49:56 GMT
Date: Fri, 31 Mar 2023 09:31:26 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:26 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Sun, 02 Apr 2023 09:31:26 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1688ae550e5e9181de2448a9cade8a26
a46eb0cd75f46778dc802b648f7c391ce801c700
e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: aad4ce89-7ff3-484a-b644-ecda89a2ff16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVW5EPJoAMFfFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260292-41fb44737ee678bc7c93b7ff;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:43:46 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: aCuRurszjWr-BePwsnPfCqMpfO2GaREtRvvFGiiywmfsuAGFRRK9sQ==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:20:16 GMT
age: 4271
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
log.outbrainimg.com/api/loggerBatch/log-viewability
70.42.32.127200 OK 4 B URL HTTP/1.1 log.outbrainimg.com/api/loggerBatch/log-viewability
IP 70.42.32.127:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
POST /api/loggerBatch/log-viewability HTTP/1.1
Host: log.outbrainimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 689
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:31:28 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 4
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
X-TraceId: 6ea38bb24a96d57d77a278ec17db5a0f
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351; _ga=GA1.2.1326136981.1680255083; _gid=GA1.2.469853154.1680255083; _gat_gtag_UA_108868042_1=1; a=cLAnG0cBlCHqay7TQlG4IGWqGOlTL1hk; token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAZCaoawFkJqhsgAGBAcAAII4IBlhEvLh0U1kzh72KFNyfZXvdM_TQrKhLqrzK7IU_wQAgJ0T0WZYQRKympHfpA-UaL9YG-Iekm77JKuPjtwZft-c; _pbjs_userid_consent_data=3717394143152855; _pubcid=25dee79e-3d01-4f10-a2b2-474a7e7ac0ac
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:28 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 211d737362f7cbcd8c77cee7d29fa2f5
668d1d80c88082928c6ca01fbf1ccbfcd079f64f
05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:59:56 GMT
age: 18596
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3b5eaa5d578299f8a506df71865d4d5
99fc13dea248dd6316e4abe545c80ad9df9bc1cd
30baa165074984ba7de6fc42cd1959d63c3f17c8f5b7cfabd68511136ff9e4ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10323
x-amzn-requestid: 5851fc9d-f75e-4237-87de-45b881d1d553
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnJEb4IAMFh8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260160-2003d3df2d802faa74ca5096;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 28pB4vd4QIm-Q7aEpaoOVhSU5Tw7HiZfViMfqJ_Jk4Z2KtoDOcaOrg==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:59:58 GMT
age: 41491
etag: "99fc13dea248dd6316e4abe545c80ad9df9bc1cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash fb5e7a4aed48ca53e93d790633af72e9
5b4bd5743ffc26f43a9d4b2b67e8dd45357fed39
1dd1220c1998d59163cfdbf5da09b4cec7162df474415b4725dfa69a1b30d7f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4505
Cache-Control: max-age=110675
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:30 GMT
Etag: "6425a42c-1d7"
Expires: Sat, 01 Apr 2023 16:16:05 GMT
Last-Modified: Thu, 30 Mar 2023 15:01:00 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash fb5e7a4aed48ca53e93d790633af72e9
5b4bd5743ffc26f43a9d4b2b67e8dd45357fed39
1dd1220c1998d59163cfdbf5da09b4cec7162df474415b4725dfa69a1b30d7f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1878
Cache-Control: max-age=108048
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:31:30 GMT
Etag: "6425a42c-1d7"
Expires: Sat, 01 Apr 2023 15:32:18 GMT
Last-Modified: Thu, 30 Mar 2023 15:01:00 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9943a098a5b8b5de6226ce0cf8bd09a1
7f7656cb69887a653ca908dd3af5e5881ffa06c0
f8ce117cbbf770b8a6c51e6dc91ca8a69a0ffd559de63645d5f1a8572f04969f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8CE117CBBF770B8A6C51E6DC91CA8A69A0FFD559DE63645D5F1A8572F04969F"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4139
Expires: Fri, 31 Mar 2023 10:40:29 GMT
Date: Fri, 31 Mar 2023 09:31:30 GMT
Connection: keep-alive
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
IP 91.209.70.182:0
GET /1d6xe/Per.Aspera.Build.10842819.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=f7sk6g8fdm19j7f261r37ir351; expires=Sat, 01-Apr-2023 09:31:21 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 0 B IP 91.209.70.182:0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 0 B IP 172.64.132.29:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1961
last-modified: Fri, 31 Mar 2023 08:58:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEFHBETfeOM9tU9hDkN2VYBqrhEUqkMExQqZ7i%2F9d%2FL28lwMa5JInZP6CRhAGDpJHrsYRhezztpfIKhA6YxohtcYynKiYkrJBT0LFlmIFAkH5B5mquvvQipta5EjKp9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07943c29a971e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
104.16.159.17200 OK 0 B URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP 104.16.159.17:0
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:23 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Fri, 31 Mar 2023 09:22:22 GMT
cf-cache-status: HIT
age: 396
expires: Fri, 31 Mar 2023 09:46:23 GMT
server: cloudflare
cf-ray: 7b07943cea92b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680255082206
172.67.74.36200 OK 0 B URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680255082206
IP 172.67.74.36:0
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680255082206 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQ%2BWlSOvTvWGHI315wc8MLEndBIWdVkWsV8PY6iS0Y6RuovqTAL4Wk7bjjnDf5m7mWG1SdI8OaoVVtAFbgHZlpm1oXnTjO48qK5ntOycpbBoBfx%2FSMU4W0so6K4lQfqtqcw2jL9X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b079439b9b01bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
theharityhild.buzz/NTE5TVlOE0o6BkBDVW9jF1lNOSlGCxZiNFBWWDgpG19cOXZGRhcnKhcdGz40UxMDfHUXQlQ7ew8TDWNqFx0bOThSblApew8TAX5rAwIKb3UXQkwvBlxVC29jF1cBfmpWAQ0vdANUCS90AVVbfXQMBQF6dFMHXCg8VlRaLjpWVBsw
52.20.131.174502 Bad Gateway 0 B URL HTTP/2 theharityhild.buzz/NTE5TVlOE0o6BkBDVW9jF1lNOSlGCxZiNFBWWDgpG19cOXZGRhcnKhcdGz40UxMDfHUXQlQ7ew8TDWNqFx0bOThSblApew8TAX5rAwIKb3UXQkwvBlxVC29jF1cBfmpWAQ0vdANUCS90AVVbfXQMBQF6dFMHXCg8VlRaLjpWVBsw
IP 52.20.131.174:0
GET /NTE5TVlOE0o6BkBDVW9jF1lNOSlGCxZiNFBWWDgpG19cOXZGRhcnKhcdGz40UxMDfHUXQlQ7ew8TDWNqFx0bOThSblApew8TAX5rAwIKb3UXQkwvBlxVC29jF1cBfmpWAQ0vdANUCS90AVVbfXQMBQF6dFMHXCg8VlRaLjpWVBsw HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: b0b80cff16d08a54c7137bad656b5a4a=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6mV0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7Wy2Wu3aayzfimzWbjWfaeWiemmziauu50rv9.czijBuZznSuldK6V0rpXSuldK4Ps
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6mV0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7Wy2Wu3aayzfimzWbjWfaeWiemmziauu50rv9.czijBuZznSuldK6V0rpXSuldK4Ps
IP 66.254.114.171:0
GET /get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6mV0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7Wy2Wu3aayzfimzWbjWfaeWiemmziauu50rv9.czijBuZznSuldK6V0rpXSuldK4Ps HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 31 Mar 2023 09:31:23 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KGmQmqGuBa0E8kHhAAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7077; path=/; HttpOnly; Secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 6426A86B-42FE72AB01BBA0BD-23EFC9C
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 09:31:22 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7QaAaXls4nE_QfCAHd1DNDnl_K7NAIk8hzhUlqrQE51yU9KKLlpIEy-RqwW4Zx618ugTiOqDw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-Y1BVaFASj4ZCPo2oMcgc7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:5vty_A-Zwy1hach3oQPJGc8rJ9n_5Q:T1UA1d4f39z-E6Hj; Expires=Sun, 30-Mar-2025 09:31:22 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 0 B IP 172.64.132.29:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: text/plain
set-cookie: csu=1390586182949682@1@1680255082; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vog26BpOOrHxIyrUvyk0s2UjDhYgSwr%2BNE%2BXglc6l2VV8LsjEAZQVKnDYlp5RFlQ1uD5VA1p6cuTxjNC0ZOqLFJ%2FIpV2fQO4Lr8DHLLUMqVjMk3TYgUtGBr7%2BVHYdBOt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b07943c098c71e6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
136.243.3.135200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 136.243.3.135:0
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:23 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 01 May 2023 09:31:23 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 557720
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07943d9f5eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
f.h12-media.com/?init=1&rnd=0.650612040784916
188.114.96.1200 OK 0 B URL HTTP/2 f.h12-media.com/?init=1&rnd=0.650612040784916
IP 188.114.96.1:0
GET /?init=1&rnd=0.650612040784916 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:23 GMT
content-type: application/json; Charset=UTF-8
cache-control: max-age=3600,private
vary: Accept-Encoding
access-control-allow-origin: *
x-powered-by: ASP.NET, ARR/3.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmVjKbbe5a33hTumhrCYRRFBsj01louNHQKpNk17kKL0h0mhUx51KbORvjCN17nUkhyxR9eOisBS7ocWzXcB0l64IP9GAUglD8JHqyvK70edSOqv5Kj93jdklo99PsfnJH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b07943dcfd9b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-619753896%3A1680255082870628&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SQPIRcNAwNbXDciBWXFWzOn6wglVNOXSKE8aI9X8PFmL4zYKlI8chAJhNOlOwUiDLZfcX1Hg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-619753896%3A1680255082870628&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SQPIRcNAwNbXDciBWXFWzOn6wglVNOXSKE8aI9X8PFmL4zYKlI8chAJhNOlOwUiDLZfcX1Hg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S-619753896%3A1680255082870628&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7SQPIRcNAwNbXDciBWXFWzOn6wglVNOXSKE8aI9X8PFmL4zYKlI8chAJhNOlOwUiDLZfcX1Hg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 31 Mar 2023 09:31:22 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-88TG1qLjFpfiLhtVIgv1pQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 0 B IP 172.64.132.29:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:22 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1961
last-modified: Fri, 31 Mar 2023 08:58:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7hB45aqFYTe%2FiNXP9P2FN67%2BkobHKRIa4%2Bf2s30MLCvbcheVsTakQBAtCykyvf9DpCgZZ4rsU1MvOSzoNKwqV%2BcrIa4sQd0tSdYyTg42u8JkfjywwiCfmOsDMJn9uyU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07943c199a71e6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
f.h12-media.com/?init=1&rnd=0.2632661643975749
188.114.96.1200 OK 0 B URL HTTP/2 f.h12-media.com/?init=1&rnd=0.2632661643975749
IP 188.114.96.1:0
GET /?init=1&rnd=0.2632661643975749 HTTP/1.1
Host: f.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:31:23 GMT
content-type: application/json; Charset=UTF-8
cache-control: max-age=3600,private
vary: Accept-Encoding
access-control-allow-origin: *
x-powered-by: ASP.NET, ARR/3.0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0OxDTmHeqcrlb4JFc7C6gBa7J5KhzW3h72On1NWAytBXGfCDKaF4bVL03MLwQ0H4se%2FIxOjxxSoLyFaVDOU9ne398KOTIsAs9aEtGv6piu6SRw6VHjX6klJ2TTemUxc%2Fpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b079440eba8b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1d6xe/Per.Aspera.Build.10842819.zip
Connection: keep-alive
Cookie: filehosting=f7sk6g8fdm19j7f261r37ir351
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:31:21 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2