download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
104.21.57.204403 Forbidden 3.9 kB URL HTTP/1.1 download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
IP 104.21.57.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1839)
Hash 71b1b3bdc83ec4c62c2171f8b8cbb663
66bff42eb3019b95ef9265d8fbcafe6a15cf574a
06b5a31b4b1d2c2ace39bb4a3cfdef4a6f1ecdcc69795a07ae9268871be6ce5e
GET /?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Mon, 27 Mar 2023 20:33:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh5MeBPqZE2ReCCisptvBVfDlvYUtjattF2gWXLezh8pXYx7LGH0I8rJ%2FS2ntSmdR9GrCiKy56Q3doDHl0%2BAoej6jTVZYK1gOLmQTzcB9LX1L8WqtXWj5%2BbUYV9xOZHghDeDT5KC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aea6821b8ccb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6706
Expires: Mon, 27 Mar 2023 22:24:55 GMT
Date: Mon, 27 Mar 2023 20:33:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19127
Expires: Tue, 28 Mar 2023 01:51:56 GMT
Date: Mon, 27 Mar 2023 20:33:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13721
Expires: Tue, 28 Mar 2023 00:21:50 GMT
Date: Mon, 27 Mar 2023 20:33:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 20:15:45 GMT
content-type: application/json
age: 1044
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jJVIhJAhYamgxLKyGySUA5AiKpk52qtpviCpuJwoUlBeeuG9oC/x0t9rNd/dVeV/mAAvX9VP4rQ=
x-amz-request-id: 8Z6MPMSHXX20QQC2
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 20:01:46 GMT
age: 1883
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
download.megaup.net/cdn-cgi/styles/challenges.css
104.21.57.204200 OK 2.6 kB URL HTTP/1.1 download.megaup.net/cdn-cgi/styles/challenges.css
IP 104.21.57.204:0
File type ASCII text, with very long lines (6600), with no line terminators
Hash 9fa2f809c184b1f61b213cd4e503a226
5d7a209eb9da1e823ea6bdc9610005d7a224b35f
f47ef292aa20330e7c78dc476c33845afbc76cb0ba0901bc1f29492cfeb28437
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 12:30:57 GMT
ETag: W/"6419a381-19c8"
Server: cloudflare
CF-RAY: 7aea68238b301c12-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Mon, 27 Mar 2023 22:33:09 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
download.megaup.net/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7aea6821b8ccb515
104.21.57.204200 OK 42 B URL HTTP/1.1 download.megaup.net/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7aea6821b8ccb515
IP 104.21.57.204:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7aea6821b8ccb515 HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:09 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 12:30:57 GMT
ETag: "6419a381-2a"
Server: cloudflare
CF-RAY: 7aea68240b911c12-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Mon, 27 Mar 2023 22:33:09 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:09 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
download.megaup.net/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7aea6821b8ccb515
104.21.57.204200 OK 55 kB URL HTTP/1.1 download.megaup.net/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7aea6821b8ccb515
IP 104.21.57.204:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5cf6815901237c27e21d171bcf4e3ec0
2e012810c9015f9056a0e6346e01205f41d31d05
26e6f9ecadb4275d1de842596373fd8d2d53696bbe290c46d00cb13848e84d10
GET /cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7aea6821b8ccb515 HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB&__cf_chl_rt_tk=tQ75w_mJAwqpqvMxdsnCrRbnV9pyB_cqwuelZKZGVDI-1679949189-0-gaNycGzNBvs
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:09 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN7e6l%2B%2BOluHoTsdvtlW6g5Pi8RAP8Tsq3eb4c%2BmzAFom3f0dX94TYC07N2U62xDI1EKx0KxjZ3uxKH09Qs%2Fnb%2FNb%2BFVXYoxD22ZSHBD0lGiQQ3WiZtfsda9xXq3wufDqsEN%2Bdxu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aea68240931b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
download.megaup.net/favicon.ico
104.21.57.204403 Forbidden 3.4 kB URL HTTP/1.1 download.megaup.net/favicon.ico
IP 104.21.57.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1583)
Hash 144cefbad450d4fb0d474d68abb26216
7e4ebc30b5a445fb9fbf71e3d8ccb71734ec7073
fdd3c0ddb468b70f5f3d88a5c730d4fd414287aee9cdec944bb7d91f2c60953a
GET /favicon.ico HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Mon, 27 Mar 2023 20:33:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnmEOdtVGZOPO%2F5fGkMOhMltHOU7W00UYkUAWCGbQsccNm4TPNHfRj6ryY5jg%2FRinvUzdQF0bNyoKbkeP2UlxWj31648W%2F7lVruTANalxP9xVKoQJPEssi5bBgWRbILaapPV08tg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aea682469b6b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
download.megaup.net/favicon.ico
104.21.57.204403 Forbidden 3.4 kB URL HTTP/1.1 download.megaup.net/favicon.ico
IP 104.21.57.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1583)
Hash e1203d65a15ef937211a8ff23dc353fa
355d48ba78eba03406924d9df84748f74008352a
d467777f07798b6b05f0cadae14e773e3e834866c97ab3eb8d549ca691697e0e
GET /favicon.ico HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Mon, 27 Mar 2023 20:33:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVzFuID%2BqPXekggB0AUtUOrHBZAt7mnI2sqW9KhUyu%2FjByNdxEbom1SiVr0eEEQ96l61lsKPDKw4XsjVRszl4DWdn3JHwB3gBkDTpoLeiozKKpHdj3dMZDfNj%2BLje5UL%2FBlE9dxx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aea6824cc3e1c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
download.megaup.net/cdn-cgi/challenge-platform/h/b/flow/ov1/2050203163:1679947697:XLEO42t5zYPocA8ANniY0GC4X3cK6krJb0Uqkk6wBys/7aea6821b8ccb515/0a67a3c6a70a86f
104.21.57.204200 OK 48 kB URL HTTP/1.1 download.megaup.net/cdn-cgi/challenge-platform/h/b/flow/ov1/2050203163:1679947697:XLEO42t5zYPocA8ANniY0GC4X3cK6krJb0Uqkk6wBys/7aea6821b8ccb515/0a67a3c6a70a86f
IP 104.21.57.204:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9f5d274ac2ca59dd5354fe4fe2b08e3f
f968508d1ee38aedd6e2bb79c84e3a3a0b69441e
d4e120c84efb7bafeb2894ecb00c2661d0dca46208613a721ebb8976af4ea404
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2050203163:1679947697:XLEO42t5zYPocA8ANniY0GC4X3cK6krJb0Uqkk6wBys/7aea6821b8ccb515/0a67a3c6a70a86f HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0a67a3c6a70a86f
Content-Length: 2010
Origin: http://download.megaup.net
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:10 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf_chl_gen: T1pGVaELh9vW1lkKybmAmBif6DnzwPpWjtJlr43W+dmwEWYPxUhBZV947jqyGkmTVpcTSnfYAGKwaUqREUEZk4/sITTPu3EeYrqd9drzZWhjmg9GQfBUvM5kL+N7JoOhI3qsq6cH8HInT4cjKUJdzGfAgOTHcwHuH7vkC8vTxneY70Im1g3j0Ac+XFchSCED6lla9KKdLAMDSxwEPHN02e7vG9K62rINN0+iC51Sb1HDuIYOZYl0e+MtzOS0RXGifT6rgaRjlvmPcpkxCxa9p7gWxC36UHRvI7nvu7UcIsmo7eL63l/z9YMBpYz8XM1fauFgjJAXRTt1Fxf37xlEk7gKQIw9rQV3VR27tTzBx0SDOiC0IILGI4y4QHTvOn80$mlK2Eyj5jqAtHMbCYMvV4Q==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3g5VnuIop8YZaYZzdCX3csb5VsVDGratOstqGiDSWK7fGUpO%2BHMZaYEH21UiKPK771BqeADSMtBtxhEGFJsxmXJrQLKZpFScmCrxKNbQ0L8cpmfrrdfxaZYEKZ5cRDV6lA7oqcO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aea68259ebeb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
download.megaup.net/cdn-cgi/challenge-platform/h/b/img/7aea6821b8ccb515/1679949190035/8pyh-V5mH2GF2T3
104.21.57.204200 OK 61 B URL HTTP/1.1 download.megaup.net/cdn-cgi/challenge-platform/h/b/img/7aea6821b8ccb515/1679949190035/8pyh-V5mH2GF2T3
IP 104.21.57.204:0
File type PNG image data, 41 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash c5baa41a61b0f8d31c427302ed365d48
948b5ce07536194989a101e8a4577c2d6bf0c09a
3afa2ee96ab67128ed97e982a19192c408cc0f6f6777fb7dff6a97c048cd28de
GET /cdn-cgi/challenge-platform/h/b/img/7aea6821b8ccb515/1679949190035/8pyh-V5mH2GF2T3 HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:10 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7dfYgDynmcMAxH8znCqcIHuPH4iT5rIy2L%2BJBp1woXypWNezXzEzlDpg3TtW9rdNrf9gIlW5ml2jyi6CsBqz%2BEhrBPgSai29UcKKjpTuPAN4WHa9lp7KYbw7ZBhlEwYI9eSIkHB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aea68265801b50c-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a3242c27d5e1454c4ed0224a21b99fde
d14f94d30b766f1e11284fb333529903e116718c
e9f38284fdd9e5d9c19f16fe29db0d58bc68bd71c35aebfbcb80580417feefae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9F38284FDD9E5D9C19F16FE29DB0D58BC68BD71C35AEBFBCB80580417FEEFAE"
Last-Modified: Sun, 26 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2398
Expires: Mon, 27 Mar 2023 21:13:08 GMT
Date: Mon, 27 Mar 2023 20:33:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 20:17:24 GMT
age: 946
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6/NFwDOpNWeIXjTRSkdqNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5qzS7qnlYj++wzQ5LCyd0aKdsY0=
Date: Mon, 27 Mar 2023 20:33:10 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
download.megaup.net/cdn-cgi/challenge-platform/h/b/flow/ov1/2050203163:1679947697:XLEO42t5zYPocA8ANniY0GC4X3cK6krJb0Uqkk6wBys/7aea6821b8ccb515/0a67a3c6a70a86f
104.21.57.204200 OK 1.8 kB URL HTTP/1.1 download.megaup.net/cdn-cgi/challenge-platform/h/b/flow/ov1/2050203163:1679947697:XLEO42t5zYPocA8ANniY0GC4X3cK6krJb0Uqkk6wBys/7aea6821b8ccb515/0a67a3c6a70a86f
IP 104.21.57.204:0
File type ASCII text, with very long lines (2276), with no line terminators
Hash a30a1bbb98a7f09a3877bc97f465b1d5
2343ba52fda58a8f6b2fb2500322638978234615
16bfeef23457dbcd3a3c450ea4f9212c7ce0fd0e8e57182ea8c9e5cc50843180
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/2050203163:1679947697:XLEO42t5zYPocA8ANniY0GC4X3cK6krJb0Uqkk6wBys/7aea6821b8ccb515/0a67a3c6a70a86f HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0a67a3c6a70a86f
Content-Length: 16069
Origin: http://download.megaup.net
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: cf_chl_rc_ni=;Expires=Sun, 26 Mar 2023 20:33:10 GMT;SameSite=Strict
cf_chl_out: SGWvq9wo6TQFd9fOAGYQ7qCGrwsUtgkIzgWUNhisyz1+DJfVpJEiIKOD5gFevrAal2lssM9/9ATqVzivSR5XmtD+YvNhuM4+VgLOa2lwG3k=$gdFT7bUWGHdRyCtbGOwKhg==
cf_chl_out_s: T6fJS6+kWh6P+SRM0k9tSZMGDvvDhb9CAW1VS5Y4o+gXFCYgcBin+xdYboW13PN/yq2Ns4i+hlEjmNS90SX1cA==$MCruMuahAk0PuBJEAabtVA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjZ%2B%2BhV4uVX%2BMIiSsxzfNZZwhRAmWSgcdAgZbqrRyDjCSk6ELyN9166WQZtcEJzYlB7%2FFAWEXAa1VkuvRbfdMC%2FHaohxOS4wXg4fRle6AD478Ezjd0%2F63y4KdWYR2A2wgaEqSWwJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aea6828bb89b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
104.21.57.204301 Moved Permanently 162 B URL HTTP/1.1 download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
IP 104.21.57.204:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
POST /?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB&__cf_chl_tk=tQ75w_mJAwqpqvMxdsnCrRbnV9pyB_cqwuelZKZGVDI-1679949189-0-gaNycGzNBvs
Content-Type: application/x-www-form-urlencoded
Content-Length: 1862
Origin: http://download.megaup.net
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Mar 2023 20:33:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=ub7BmX2YOg6dpRrn5Gxp6UDKIjnEKZyZieYxF8_hPmo-1679949189-0-150; path=/; expires=Tue, 26-Mar-24 20:33:10 GMT; domain=.megaup.net; HttpOnly
Location: https://download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkqJLtdlGE64JV%2FavVN6s6WBtyoCvm7HwSXB9rVK4sM8uWaqb%2FmevnNyAbFRb%2FlkeNvJJYY2xLC5JJabQ6ef7KBMF1AMi0lgbvkj01lS7yrHwUDA2ERh%2B49oav7bj6wpqGxHOnM7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aea682b2f62b50c-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5878
Expires: Mon, 27 Mar 2023 22:11:09 GMT
Date: Mon, 27 Mar 2023 20:33:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5878
Expires: Mon, 27 Mar 2023 22:11:09 GMT
Date: Mon, 27 Mar 2023 20:33:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5878
Expires: Mon, 27 Mar 2023 22:11:09 GMT
Date: Mon, 27 Mar 2023 20:33:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5878
Expires: Mon, 27 Mar 2023 22:11:09 GMT
Date: Mon, 27 Mar 2023 20:33:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZQcPeutl5BzzzysPzWEzrEY8WU-0F-0twvGPT7RAX-UjNOCk3NtmMQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 06:29:05 GMT
age: 50646
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e999a9d79efe60a30b2942c5f2940294
c3891c43b16521f66eb3a52d83694de2ddd39871
290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12017
x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca6yQGNtoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 03:34:08 GMT
age: 61144
etag: "c3891c43b16521f66eb3a52d83694de2ddd39871"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:53:16 GMT
age: 81596
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22905e8a7c8b1741dd51842c114a6517
c5900fe2396e0ca371c4847af4e96149850c3577
1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10405
x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi69E9xoAMFiJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 07:49:08 GMT
age: 45844
etag: "c5900fe2396e0ca371c4847af4e96149850c3577"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cc79a830964d923d24a45f5ccc9939b
557cc4827414912c41319ad961c14cce71ed4a18
b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4775
x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK96KF9coAMFvMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: F03oSAwgUrcVqWUUt9uaapaCtWSDLrmDlz142D4DtYYctMpy5nA3qA==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 16:05:44 GMT
age: 16048
etag: "557cc4827414912c41319ad961c14cce71ed4a18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 668a8a17a1bb77ea7db7fa23c9df9690
242108539ff8694a3c557d07b2b000e764a77f24
100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10591
x-amzn-requestid: a55b3a74-b9f1-424b-8d53-3f49db443698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CaIOwFW-oAMFgUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6420ba5e-6c3e550d1a899e80394262e6;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: SwHfiMdDkV5eSPbXEVlcIs_k1icXGn7aaScjTgDLyG0Uo_o-K0jIqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:57:30 GMT
age: 81342
etag: "242108539ff8694a3c557d07b2b000e764a77f24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 749 B IP 104.18.32.68:0
Hash 5d5122e8037fe25ed19c635d23d28c40
327f3d1d4a0225e135dcd44910c38ab4f66bfaab
bf0f04f64b4de872486c7b7b6772455f2be357be4b8999c29f09f300efd57f76
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 11:25:45 GMT
Expires: Fri, 31 Mar 2023 11:25:44 GMT
Etag: "5a747efc52d205c83876cbd94fbbc0c0d60edda7"
Cache-Control: max-age=312149,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aea68411de0b4f4-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 5.3 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
Hash 9323e82df0ad5e95ad6216118e6d956d
1f1dcbb4c222e20363d9cc7b88f90999f20b504c
39cc9ec0e1808ca3c727840e00b2289be3a450aeac9429d96717634a021e9a9d
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash e097c95da74b6545ffc228798deac703
2119c7ed34c94f232383ebf0ffcfd55bdc1de6e5
c03e6bce6c5277eaefde38aae0a93e3480b85d1dd13ce6af8cca959957e868ee
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Mar 2023 20:33:14 GMT
expires: Mon, 27 Mar 2023 20:33:14 GMT
cache-control: private, max-age=900
last-modified: Mon, 27 Mar 2023 19:54:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/stylesheet.css
91.209.70.182200 OK 5.1 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/stylesheet.css
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash b63a86ea16f0c92dc0259da7b154f5de
2b0082be984a180e8747f469e6a64f8b394daa19
68e9344f957863374d744427a1f4b31ad5c6d872d63e446756a7a0fece214c01
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 40 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (464), with CRLF line terminators
Hash 09f23de0fbf6d1b30a90af4abdecaf1f
6e5d3391b67e97de32adfb718251d1f295b60d31
a24190c3d202221639253f23007cecd4be60177ad9265057b761880d20d0a784
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68a7eec61ed2278b3d6c37c89d175205
b62e370dc30bd9bc17d0255c2ce6d548d834b02a
a33b01ecb9a05d845c6c72f0dea67678e15756364f039e9fd4af017cd61bb2bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A33B01ECB9A05D845C6C72F0DEA67678E15756364F039E9FD4AF017CD61BB2BC"
Last-Modified: Sun, 26 Mar 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20563
Expires: Tue, 28 Mar 2023 02:15:57 GMT
Date: Mon, 27 Mar 2023 20:33:14 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 33 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
Hash 8dc569d04381fa399abd57f9b0f63686
6c0587d900353b81c6ce323e36459110d77fd47c
6134a16f27dbc459b2c93121e1069529d3a7dcec72823453c5922c98dea0e6b8
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
91.209.70.182200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP 91.209.70.182:0
Hash bfcea51f0f0861d0ad17a9afbdb64e47
e73fe2ed0071e036db1246430c0889edb9bff656
8c2d8b5ff322597a08af3a69f28390b4a232b75a6389b11d722780047e36b3c3
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 26 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash d1592a5a0e52b6fb41464ccd53f3b71e
1ec06435c7b779fc4be655c9fc9ea384a801bb9b
f95a9a6b16fe7d2d26e610612c17f7a5843ef0995d9231d0bfbf16d4bdf36d88
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 20:33:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 28-Mar-2023 20:33:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Tue, 28-Mar-2023 20:33:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 2.1 kB URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash 779452a6ff752f805e8547a750b65789
03aa2b30214d5d07b1dd0f67d06c3c6095f36104
31a8c8a07928a0694ee4b072051c8df319ccc529df96af68d9dd97d9359d266a
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
13.33.124.219200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 13.33.124.219:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 189 kB (188652 bytes)
Hash 6ab27187d86a9c205c157f29d3fc8d74
da8a045aa0c92dae398bad494b8fefdf7b6d7f00
ed102bd17e8003a32b0bbfb0aa14ff32e363b88971713b422db13c7a72626cec
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188652
date: Mon, 27 Mar 2023 20:33:14 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 de5c91e6083c20494d32dc8ebe4b652c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: KbjPLKsGhlH0K0l6SoqmHoVYsip19Ajv7TT77SDOCtOBmY6JfbqKGw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 4.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
File type assembler source, ASCII text, with CRLF line terminators
Hash ae317772fee9594549e919a1e6e9f8c6
087254c32d933478fb94161ea67867f93ba072bc
64b82a435d1bbc589ae746d7802148d0763e3785728209941a96085f1121157f
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 1.1 kB URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (2546), with no line terminators
Hash d8a0454f5a6c857ca5c8278a8c6680ef
51b236604a9ee46ff3da9079a0d0653cd11d3bef
d3816835a3e607e575067849fdf0b566f81614e50afd185008bfd1ded229171a
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ticalwhichhereal.info/NUkzREgadlA3dWAefQsrXwNcERBNBXIpAmAtWA0EVA95chpCCBUwIVF0C3Z9DHgCYjhcLQ53ehM6RyU8QDoOdngFfhUtJlMmDnZuQ3QDanEbeB1xbkB0AmI8RShUeXkTOUcwJAh4BXNxDH0KdnkGcAJ0
172.67.156.109204 No Content 0 B URL HTTP/2 ticalwhichhereal.info/NUkzREgadlA3dWAefQsrXwNcERBNBXIpAmAtWA0EVA95chpCCBUwIVF0C3Z9DHgCYjhcLQ53ehM6RyU8QDoOdngFfhUtJlMmDnZuQ3QDanEbeB1xbkB0AmI8RShUeXkTOUcwJAh4BXNxDH0KdnkGcAJ0
IP 172.67.156.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NUkzREgadlA3dWAefQsrXwNcERBNBXIpAmAtWA0EVA95chpCCBUwIVF0C3Z9DHgCYjhcLQ53ehM6RyU8QDoOdngFfhUtJlMmDnZuQ3QDanEbeB1xbkB0AmI8RShUeXkTOUcwJAh4BXNxDH0KdnkGcAJ0 HTTP/1.1
Host: ticalwhichhereal.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDsqbkCnomY8BytqQ2GiJSMWdVkNoGEaIPgNaYICSfW%2BloxpovdPbF1nOapf59yIkD8cRycnKcz6wus5XS9uevNSPulpcqaSsbl9%2B1UYmMlQdv79Jn25RRn6mhUMsvF3aBhm96AhbxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aea68451d64b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 20:33:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 35 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (32341)
Hash fb4826a9f94cbb19572e34752faa6eac
3f3fd5ae20a3a0773e9923acf1c366b60a4abada
6b9de64e2c85c1bf31eb4c345d882cdd4fa184e6986521ee9dd4b7966ef1504c
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ticalwhichhereal.info/RTZBeTZqCSIKCyRuJTxgLnwbKG49WCRITgZVFiMAHQZ0A1R2RWcNXyELeU4Adgd5X0YsUnxLD2NFNRhCMEV8SBAsWCcWC2NAfEgYdRh3SRh2EDREB2NCMRhReAdnCUIxWnxIAHIPeE0PdwdyQARw
172.67.156.109204 No Content 0 B URL HTTP/2 ticalwhichhereal.info/RTZBeTZqCSIKCyRuJTxgLnwbKG49WCRITgZVFiMAHQZ0A1R2RWcNXyELeU4Adgd5X0YsUnxLD2NFNRhCMEV8SBAsWCcWC2NAfEgYdRh3SRh2EDREB2NCMRhReAdnCUIxWnxIAHIPeE0PdwdyQARw
IP 172.67.156.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RTZBeTZqCSIKCyRuJTxgLnwbKG49WCRITgZVFiMAHQZ0A1R2RWcNXyELeU4Adgd5X0YsUnxLD2NFNRhCMEV8SBAsWCcWC2NAfEgYdRh3SRh2EDREB2NCMRhReAdnCUIxWnxIAHIPeE0PdwdyQARw HTTP/1.1
Host: ticalwhichhereal.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B2cmz6nzwaKDsnWDvcJ4f%2FSDVXMhkha4oQltdtlfW9%2Bu77so99QCUpSCpEiKv0BnwjBdTI3FSVDgtFvg59ZIUgz%2BWBEtZ2%2BTLEE4xAMPrAqofMe4QgU%2B%2BbyLAJHh6QEkpQU9zeuY1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aea68453d8cb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 20:33:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 8.2 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash c6b7378570d0e0bbafe9207950b35b8d
b07e92927aa6e52d8846c0d4ba074cd26f31bed0
ea186e949bdfcdab11853c1a6a9c82b6e23fdaed93b6d9ad994f218da4226a1a
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ingforthemoonheap.com/S0lxVEQqKxI5eyp0E3IxOSVMcXYNbEMSICYkCz8iL3FDIyUyJ183KCQ8FTI2JCcFeiouPVRmAgMtJzApKg44AwsKLj4MFQ5sQxYFJx8QBnYBLyYCCh8ZIwEMDwgnJQcnMSYYBns8PgYRbnszNxYCGjM/LCUYMAUADDMzNhAsKhMaAj8TIxYVMQs3AhMeMDwDBjwlOB0jLAQzLAluezMXBXsOJC0NAx8gbCUHGEkRACMbCAIHfhEmZiAPHh0eIAIISRMGIyYWEhF6GCMALxgdJxYCESUrExEnCxoeAXoYIwcFGwsdBgYoJSQlFnstHxwofh4kExUgHScWAgEbXBYKHh0jORIneDwGHH4NJjgNGAQWAQAPHzM4DQ05IgYDLx4mAg4OKh0GHQkLBjgFPH0/EBwBHD04Cg0QGjwdGQgzJRI8bxsnKyU5TDhwfxA7HBU8Ag
108.157.229.116200 OK 1.2 kB URL HTTP/2 ingforthemoonheap.com/S0lxVEQqKxI5eyp0E3IxOSVMcXYNbEMSICYkCz8iL3FDIyUyJ183KCQ8FTI2JCcFeiouPVRmAgMtJzApKg44AwsKLj4MFQ5sQxYFJx8QBnYBLyYCCh8ZIwEMDwgnJQcnMSYYBns8PgYRbnszNxYCGjM/LCUYMAUADDMzNhAsKhMaAj8TIxYVMQs3AhMeMDwDBjwlOB0jLAQzLAluezMXBXsOJC0NAx8gbCUHGEkRACMbCAIHfhEmZiAPHh0eIAIISRMGIyYWEhF6GCMALxgdJxYCESUrExEnCxoeAXoYIwcFGwsdBgYoJSQlFnstHxwofh4kExUgHScWAgEbXBYKHh0jORIneDwGHH4NJjgNGAQWAQAPHzM4DQ05IgYDLx4mAg4OKh0GHQkLBjgFPH0/EBwBHD04Cg0QGjwdGQgzJRI8bxsnKyU5TDhwfxA7HBU8Ag
IP 108.157.229.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3033), with no line terminators
Hash fdd102aebd2236e1f55b076a0cc0c775
b72e03a22bfe92509552b1ee48a648867036eb68
d802b9dde0ff85499f034b28fdd9f3c8bfbc83e444b0226245383672ee49c039
GET /S0lxVEQqKxI5eyp0E3IxOSVMcXYNbEMSICYkCz8iL3FDIyUyJ183KCQ8FTI2JCcFeiouPVRmAgMtJzApKg44AwsKLj4MFQ5sQxYFJx8QBnYBLyYCCh8ZIwEMDwgnJQcnMSYYBns8PgYRbnszNxYCGjM/LCUYMAUADDMzNhAsKhMaAj8TIxYVMQs3AhMeMDwDBjwlOB0jLAQzLAluezMXBXsOJC0NAx8gbCUHGEkRACMbCAIHfhEmZiAPHh0eIAIISRMGIyYWEhF6GCMALxgdJxYCESUrExEnCxoeAXoYIwcFGwsdBgYoJSQlFnstHxwofh4kExUgHScWAgEbXBYKHh0jORIneDwGHH4NJjgNGAQWAQAPHzM4DQ05IgYDLx4mAg4OKh0GHQkLBjgFPH0/EBwBHD04Cg0QGjwdGQgzJRI8bxsnKyU5TDhwfxA7HBU8Ag HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1182
date: Mon, 27 Mar 2023 20:33:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: JT2_EtxMR8cQk6aggCrH6cNPOgANCHfJBCMSjiHICpVJggwNVdz4Zw==
X-Firefox-Spdy: h2
ingforthemoonheap.com/ZU92RnoELRUrRQRyFGAPFyNLY0gjakQAHggiDC0cAXdEMRscIVglFgo6EiAICiECaBQAO1N0PDEcRn9PBH9CKTMnLDglLl0iPhAgVyk+KjEyISwyMDQgMw8+ETY/FEIOHw9yOyI4MwAcI3cQCDlcNiUTSgwEHwMfMyIRMzM3PyEgSFU6PhcWHylELTQiNjMhGQ0WEwk+DngyLj9AfTALAy8pPi9DVwYeHygvNhUsPSB6TgIiFRchdA5QKUcDGS82IzQ8DThPJBRUBTQSChApIyobAyIgY0gjFzAhNwchRwwyJiwaIy9UABAXFhQcRzVIAxcCJS0kNwMgL0gkLAk9UHc5AApAfTQgFyMFJysOUCkOcjUpHDchIiMkPyMiXAYhdU9TKUYuNQMHBTY/JyQECikkDSIoDSspHSofPAcCNj4jFVN0PEMlBSkUFXIuMhARLg82NSt8
108.157.229.116200 OK 1.2 kB URL HTTP/2 ingforthemoonheap.com/ZU92RnoELRUrRQRyFGAPFyNLY0gjakQAHggiDC0cAXdEMRscIVglFgo6EiAICiECaBQAO1N0PDEcRn9PBH9CKTMnLDglLl0iPhAgVyk+KjEyISwyMDQgMw8+ETY/FEIOHw9yOyI4MwAcI3cQCDlcNiUTSgwEHwMfMyIRMzM3PyEgSFU6PhcWHylELTQiNjMhGQ0WEwk+DngyLj9AfTALAy8pPi9DVwYeHygvNhUsPSB6TgIiFRchdA5QKUcDGS82IzQ8DThPJBRUBTQSChApIyobAyIgY0gjFzAhNwchRwwyJiwaIy9UABAXFhQcRzVIAxcCJS0kNwMgL0gkLAk9UHc5AApAfTQgFyMFJysOUCkOcjUpHDchIiMkPyMiXAYhdU9TKUYuNQMHBTY/JyQECikkDSIoDSspHSofPAcCNj4jFVN0PEMlBSkUFXIuMhARLg82NSt8
IP 108.157.229.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3036), with no line terminators
Hash 7d547f3db8ac4b17da2281d53faddeb9
1cb199d00f5cbe98419364cbe49194520dc901e0
90d511fad713296c22e82506ccf8ff07279612b13af32e73c5e8bad5d173a119
GET /ZU92RnoELRUrRQRyFGAPFyNLY0gjakQAHggiDC0cAXdEMRscIVglFgo6EiAICiECaBQAO1N0PDEcRn9PBH9CKTMnLDglLl0iPhAgVyk+KjEyISwyMDQgMw8+ETY/FEIOHw9yOyI4MwAcI3cQCDlcNiUTSgwEHwMfMyIRMzM3PyEgSFU6PhcWHylELTQiNjMhGQ0WEwk+DngyLj9AfTALAy8pPi9DVwYeHygvNhUsPSB6TgIiFRchdA5QKUcDGS82IzQ8DThPJBRUBTQSChApIyobAyIgY0gjFzAhNwchRwwyJiwaIy9UABAXFhQcRzVIAxcCJS0kNwMgL0gkLAk9UHc5AApAfTQgFyMFJysOUCkOcjUpHDchIiMkPyMiXAYhdU9TKUYuNQMHBTY/JyQECikkDSIoDSspHSofPAcCNj4jFVN0PEMlBSkUFXIuMhARLg82NSt8 HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1186
date: Mon, 27 Mar 2023 20:33:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: p8qxbQtLOXAbi0hNjI1pSZtkiSkyzJ8TgN5DAibPp-9C6GBwCx0SBA==
X-Firefox-Spdy: h2
ingforthemoonheap.com/ZE5ZMTMFLDpcDAVzOxdGFiJkFAEia2t3VwkjI1pVAHZrRlIdIHdSXws7PVdBCyAtH10BOnwDdRcYDGdYNggQA3gDITBTYCE9GHlfFhcBSVAHIwNLfxwtK2FwMnoSaWY9CB0BCwcmYWJqHA98A3EqIzEAYg0pI35KLhQAW1BTBDVdAgAKCFlxCiI0UkklCDxlC1IeLgFcNCQLVmUDBDdUADIMPVx5XQM+AUIqJDZIdVYIPmtgFx8AZnEIKh9jQj0gGwN5CQg+a2ctABJcYQwXH1J0AHw9AHssBDRSez0jAGZxCAAhe1s9HAsBZSwIYWtkHAw9XHodBxgcUBIeAXMALSADWGksGAxVZC4lAHdpVAAdRgAlHRAIfzMMDnBeKiI6dENUKhpzBzIff1tACyApDH5VBBhJa1IDHg
108.157.229.116200 OK 1.2 kB URL HTTP/2 ingforthemoonheap.com/ZE5ZMTMFLDpcDAVzOxdGFiJkFAEia2t3VwkjI1pVAHZrRlIdIHdSXws7PVdBCyAtH10BOnwDdRcYDGdYNggQA3gDITBTYCE9GHlfFhcBSVAHIwNLfxwtK2FwMnoSaWY9CB0BCwcmYWJqHA98A3EqIzEAYg0pI35KLhQAW1BTBDVdAgAKCFlxCiI0UkklCDxlC1IeLgFcNCQLVmUDBDdUADIMPVx5XQM+AUIqJDZIdVYIPmtgFx8AZnEIKh9jQj0gGwN5CQg+a2ctABJcYQwXH1J0AHw9AHssBDRSez0jAGZxCAAhe1s9HAsBZSwIYWtkHAw9XHodBxgcUBIeAXMALSADWGksGAxVZC4lAHdpVAAdRgAlHRAIfzMMDnBeKiI6dENUKhpzBzIff1tACyApDH5VBBhJa1IDHg
IP 108.157.229.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash d9e7d960c1e06cf670f51e19e6e95eee
b1a442daa9a2ef852b885a2828fdb57259f17e72
ab198e085a34c6d1bbc7e86f61cbaae1d0fcb386ae34d1ce3cb6a464d79a3cb6
GET /ZE5ZMTMFLDpcDAVzOxdGFiJkFAEia2t3VwkjI1pVAHZrRlIdIHdSXws7PVdBCyAtH10BOnwDdRcYDGdYNggQA3gDITBTYCE9GHlfFhcBSVAHIwNLfxwtK2FwMnoSaWY9CB0BCwcmYWJqHA98A3EqIzEAYg0pI35KLhQAW1BTBDVdAgAKCFlxCiI0UkklCDxlC1IeLgFcNCQLVmUDBDdUADIMPVx5XQM+AUIqJDZIdVYIPmtgFx8AZnEIKh9jQj0gGwN5CQg+a2ctABJcYQwXH1J0AHw9AHssBDRSez0jAGZxCAAhe1s9HAsBZSwIYWtkHAw9XHodBxgcUBIeAXMALSADWGksGAxVZC4lAHdpVAAdRgAlHRAIfzMMDnBeKiI6dENUKhpzBzIff1tACyApDH5VBBhJa1IDHg HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1169
date: Mon, 27 Mar 2023 20:33:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: QnJhyMKxZQtXvAiRw9zx1YHiSwpTlZWhvY7a7Gf4VOGWiyIZg1SpUg==
X-Firefox-Spdy: h2
ingforthemoonheap.com/QW9NNU8gDS5YcCBSLxM6MwNwEH0HSn9zKywCN14pJVd/Qi44AWNWIy4aKVM9LgE5GyEkG2gHCTU4GAQaIzsUAwYrAAF2HHEEAHMOAw1+WSMWPikQfQclNFYMFiwhQgATFztxNxQ9BF57KygVfBUVK3xCFQQbLHoMDBUYdw55JjdRHgNcdUYCAFcBVxgyCAVjJDgMCUYWECw+AAY5CwV8HAMWCnMrKiYJRhcZFRhdARQICH18KVkVZwEzCRVCLhkVLkUAOR8LUwd4BAwFBXkJf2csAwEpDCwXWn1TB3gECll3cgp/dwYDPTlaFS1eAld8LRcVWx15CX8YHic+BU1qcy0LYzgGDQp7JBMtA0cpFSIEYxsIBi5jdjYOfgQjGT4XWikWOQR3CCodHWd2FT80fDwSLhxTKQY9FHIILR0EYw4JSSdGIC8fcFg+GDkVcAA5FRk
108.157.229.116200 OK 1.2 kB URL HTTP/2 ingforthemoonheap.com/QW9NNU8gDS5YcCBSLxM6MwNwEH0HSn9zKywCN14pJVd/Qi44AWNWIy4aKVM9LgE5GyEkG2gHCTU4GAQaIzsUAwYrAAF2HHEEAHMOAw1+WSMWPikQfQclNFYMFiwhQgATFztxNxQ9BF57KygVfBUVK3xCFQQbLHoMDBUYdw55JjdRHgNcdUYCAFcBVxgyCAVjJDgMCUYWECw+AAY5CwV8HAMWCnMrKiYJRhcZFRhdARQICH18KVkVZwEzCRVCLhkVLkUAOR8LUwd4BAwFBXkJf2csAwEpDCwXWn1TB3gECll3cgp/dwYDPTlaFS1eAld8LRcVWx15CX8YHic+BU1qcy0LYzgGDQp7JBMtA0cpFSIEYxsIBi5jdjYOfgQjGT4XWikWOQR3CCodHWd2FT80fDwSLhxTKQY9FHIILR0EYw4JSSdGIC8fcFg+GDkVcAA5FRk
IP 108.157.229.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3036), with no line terminators
Hash 65ef8b8870e4861fd4ff97b6c172b8a4
e12320ec1462aa8b15a247d026d4ebf44dd00dc1
9d8308fd5efc466010b3ce29c7770f6b2c9c330c189c6118cb6f28117d60622b
GET /QW9NNU8gDS5YcCBSLxM6MwNwEH0HSn9zKywCN14pJVd/Qi44AWNWIy4aKVM9LgE5GyEkG2gHCTU4GAQaIzsUAwYrAAF2HHEEAHMOAw1+WSMWPikQfQclNFYMFiwhQgATFztxNxQ9BF57KygVfBUVK3xCFQQbLHoMDBUYdw55JjdRHgNcdUYCAFcBVxgyCAVjJDgMCUYWECw+AAY5CwV8HAMWCnMrKiYJRhcZFRhdARQICH18KVkVZwEzCRVCLhkVLkUAOR8LUwd4BAwFBXkJf2csAwEpDCwXWn1TB3gECll3cgp/dwYDPTlaFS1eAld8LRcVWx15CX8YHic+BU1qcy0LYzgGDQp7JBMtA0cpFSIEYxsIBi5jdjYOfgQjGT4XWikWOQR3CCodHWd2FT80fDwSLhxTKQY9FHIILR0EYw4JSSdGIC8fcFg+GDkVcAA5FRk HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1187
date: Mon, 27 Mar 2023 20:33:15 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: INpMOSupw9IMKTEZoew-_DF6E0LO8VYHGgpnCAPOjJ7Pmy-N2KOWfg==
X-Firefox-Spdy: h2
ticalwhichhereal.info/c1BPVUNcbywmfiA7Iy0iQgpqZwEQFScMGisgamcBIjx+OSYrEgkNcTJ2OzwnTmd5YXJHYWklKhdtfnMwBzE7IDBOYWk8LRU/cnM1TmFhZnddY317cVUlcmRlByAuMn5Cdj8hNx9tfmN0Sml7bHFCY3ZhdA
172.67.156.109204 No Content 0 B URL HTTP/2 ticalwhichhereal.info/c1BPVUNcbywmfiA7Iy0iQgpqZwEQFScMGisgamcBIjx+OSYrEgkNcTJ2OzwnTmd5YXJHYWklKhdtfnMwBzE7IDBOYWk8LRU/cnM1TmFhZnddY317cVUlcmRlByAuMn5Cdj8hNx9tfmN0Sml7bHFCY3ZhdA
IP 172.67.156.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c1BPVUNcbywmfiA7Iy0iQgpqZwEQFScMGisgamcBIjx+OSYrEgkNcTJ2OzwnTmd5YXJHYWklKhdtfnMwBzE7IDBOYWk8LRU/cnM1TmFhZnddY317cVUlcmRlByAuMn5Cdj8hNx9tfmN0Sml7bHFCY3ZhdA HTTP/1.1
Host: ticalwhichhereal.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aln0QCxLfXd%2F4X4QrSWIUdTOTdEeLXpFokDbPYINBYRave%2B8pTL9ERXM8W6BW5sp%2FFkgcJZCnrtoOV2ScxkguGVcSpz3zsBJ68ZwSoa6i3S%2B0oM%2Fw2whnIatDLis6eKlni78AOTUGys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aea6845ae6fb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/imageads/003.gif
91.209.70.182200 OK 414 kB URL HTTP/2 megaup.net/imageads/003.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 414 kB (413764 bytes)
Hash b519247f61e29375d326bd19d89513b4
7eba5fe7ba18dd0fc359f96cf8b799519a920ed0
e528ff79f09b5299616f7820ba5daaf59233d430f612a5fb8f24f338c9d295da
GET /imageads/003.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: image/gif
content-length: 413764
last-modified: Thu, 02 Aug 2018 17:12:56 GMT
vary: Accept-Encoding
etag: "5b633b98-65044"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 1.2 kB URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1032), with no line terminators
Hash 881a9ec547e70f6fbd8106b4f5fc50b3
70dc3fa2b02ade953c920a4ff8c181b5267d4611
3b8445ade059713279e6e95111e7706ef91e49afac2389a8a658b9f68e5a3089
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 14 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash 2d59389430c2fe39b1f02b5d87332812
652fe3f4a18db4e8de40a77f20e5eaf3b139d2d3
d59a94f61db8e121432b1b894fcc592f06e1cd689dd890bc27ca7f378296f5d7
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 130 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (840)
Size 130 kB (129586 bytes)
Hash 62d20c4e70cf26d93a6b37caf88ca028
227ab9629b5b96a4cdb855e708aad52c121c05be
9170d14d91071cb0bbc7de8c114b8fe608a5f1be0e4254af75dfab3bdccf5dc7
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:0
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
a.exdynsrv.com/ad-provider.js
205.185.216.42200 OK 27 kB URL HTTP/1.1 a.exdynsrv.com/ad-provider.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (52886)
Hash caff325c3dedde56662118710021ba52
e8ac8e95435ebffc411a75ba572b492079db0903
2599a4794875f4b05a6e1166832a35356a2144b6f6edabdf4016206cac7490bc
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:15 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 26741
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"11f47ce07ddb24215f4f3a5ce34"
X-HW: 1679949195.dop067.sk1.t,1679949195.cds020.sk1.shn,1679949195.dop067.sk1.t,1679949195.cds246.sk1.c
Access-Control-Allow-Origin: *, *
dmmzkfd82wayn.cloudfront.net/tWU1UbTY6IjoLCS0kMFABb3llWQd/JycCWClwORxvDxURIk4jGXIZTD1wZEtaOCMzUBA8IzdQB38sMA8LbWsgHVkycDsYQCs5IxdHISByGFdkIDsXXzUhNUgEH3h6XRNrfXwaXzcpOxpFfH9kA0J8f2RcBnd9cV50fH9kGl83e2BIBRtoZl1Ob3lxXnR8f2-QfQHx+FVwGbGNkRBNrfTMIVTIicV9wa31lXQZofWVIBGkrPR9TPyIsSAQffGRYGGlrIVAH
13.33.124.219200 OK 601 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/tWU1UbTY6IjoLCS0kMFABb3llWQd/JycCWClwORxvDxURIk4jGXIZTD1wZEtaOCMzUBA8IzdQB38sMA8LbWsgHVkycDsYQCs5IxdHISByGFdkIDsXXzUhNUgEH3h6XRNrfXwaXzcpOxpFfH9kA0J8f2RcBnd9cV50fH9kGl83e2BIBRtoZl1Ob3lxXnR8f2-QfQHx+FVwGbGNkRBNrfTMIVTIicV9wa31lXQZofWVIBGkrPR9TPyIsSAQffGRYGGlrIVAH
IP 13.33.124.219:0
File type ASCII text, with very long lines (846), with no line terminators
Hash a80b71579528ce6d8b066d0342da2465
8f197bc36d59df443d2eae52c93ce84559ae4d2b
fd9084c2fcd7a52b5f83a6a5933f52febcbd48d44c4202ef40389102d5ce0a98
GET /tWU1UbTY6IjoLCS0kMFABb3llWQd/JycCWClwORxvDxURIk4jGXIZTD1wZEtaOCMzUBA8IzdQB38sMA8LbWsgHVkycDsYQCs5IxdHISByGFdkIDsXXzUhNUgEH3h6XRNrfXwaXzcpOxpFfH9kA0J8f2RcBnd9cV50fH9kGl83e2BIBRtoZl1Ob3lxXnR8f2-QfQHx+FVwGbGNkRBNrfTMIVTIicV9wa31lXQZofWVIBGkrPR9TPyIsSAQffGRYGGlrIVAH HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ingforthemoonheap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 601
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 de5c91e6083c20494d32dc8ebe4b652c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 2RoJlsNbZqBrb74VEmNWLysqv_Y-wPeS7yslhz-_rN28NA9AC0XaFw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 3.2 kB URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
File type Unicode text, UTF-8 text, with very long lines (8746)
Hash 6317fdc53d4fbd8c185b5b13cb3fec4a
0d0d840de4e00ff53ba9c59da5b5b977a46aa8ea
1312cfc7e1e2dac974fa2342ed7bf7a13f69327b6ef4287e9295da46182e0763
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/HdVdmaGIWOAgOXQE+AlVaR2JfWVNTPRUHDAVqClxWLB0uORU+cRISBkhnQAQDGzBbTgcbNFtZRBQzBFVWUyMWBwlIIggMBxM+CA0GUyIHVQ8aLQ8EDhRyVC5XW2dDWlJdIA8GBhogFU1QRTkSTVBFZlZGUlBkJE1QRSAPBlRBclUqR0dnHl5WUGQkTVBFJR-BNUTRmVl1MRX5DWlISMgUDDVBlIFpSRGdWWVJEclRYBBwlAw4NDXJULlNFYkhYRABqVw
13.33.124.219200 OK 369 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/HdVdmaGIWOAgOXQE+AlVaR2JfWVNTPRUHDAVqClxWLB0uORU+cRISBkhnQAQDGzBbTgcbNFtZRBQzBFVWUyMWBwlIIggMBxM+CA0GUyIHVQ8aLQ8EDhRyVC5XW2dDWlJdIA8GBhogFU1QRTkSTVBFZlZGUlBkJE1QRSAPBlRBclUqR0dnHl5WUGQkTVBFJR-BNUTRmVl1MRX5DWlISMgUDDVBlIFpSRGdWWVJEclRYBBwlAw4NDXJULlNFYkhYRABqVw
IP 13.33.124.219:0
File type ASCII text, with very long lines (473), with no line terminators
Hash 69e3a92451c9c3b1bf9717b6c4c6ce26
0f47d54be771a63a4b7396f20772fd6bb9e7159a
30a546f31a7daed1cdbdb8694a51cf9add0cdff787487b9905f3880f140ce88d
GET /HdVdmaGIWOAgOXQE+AlVaR2JfWVNTPRUHDAVqClxWLB0uORU+cRISBkhnQAQDGzBbTgcbNFtZRBQzBFVWUyMWBwlIIggMBxM+CA0GUyIHVQ8aLQ8EDhRyVC5XW2dDWlJdIA8GBhogFU1QRTkSTVBFZlZGUlBkJE1QRSAPBlRBclUqR0dnHl5WUGQkTVBFJR-BNUTRmVl1MRX5DWlISMgUDDVBlIFpSRGdWWVJEclRYBBwlAw4NDXJULlNFYkhYRABqVw HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ingforthemoonheap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 369
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 de5c91e6083c20494d32dc8ebe4b652c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: -7Z4qoob26sLk10PN2HFFZy69C0b9LjdRWTseuCeMHOisG1U2yKGbA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/EaDJHRmELXSkgXhxbI3tWXgN2fldOWDQpDxgPFxYzBl8iPzsFVQEIBylzKGAVElZ6dkcEUykhXE5XKSVcWRQmIgNVBmEyEQdZeikUHkAzMRsZSipgFAkPKikbAV4rJ0RadHJoUU0Ad24WAVwjKRYbF3V2DxwXdXZQWBx3Y1IqF3V2FgFccXJEW3BidFEQBH-NjUioXdXYTHhd0B1BYB2l2SE0AdyEEC1koY1MuAHd3UVgDd3dEWgIhLxMNVCg+RFp0dnZURgJhM1xZ
13.33.124.219200 OK 592 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/EaDJHRmELXSkgXhxbI3tWXgN2fldOWDQpDxgPFxYzBl8iPzsFVQEIBylzKGAVElZ6dkcEUykhXE5XKSVcWRQmIgNVBmEyEQdZeikUHkAzMRsZSipgFAkPKikbAV4rJ0RadHJoUU0Ad24WAVwjKRYbF3V2DxwXdXZQWBx3Y1IqF3V2FgFccXJEW3BidFEQBH-NjUioXdXYTHhd0B1BYB2l2SE0AdyEEC1koY1MuAHd3UVgDd3dEWgIhLxMNVCg+RFp0dnZURgJhM1xZ
IP 13.33.124.219:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 990050fa88e7cff77fe4c1d70e915bb3
a213f25da7032a020e4d943099d3a73fad122e89
a66e858a1bd131214d335ddfbd9c20673f687e1610d5ada954fe36ff7f1f08d9
GET /EaDJHRmELXSkgXhxbI3tWXgN2fldOWDQpDxgPFxYzBl8iPzsFVQEIBylzKGAVElZ6dkcEUykhXE5XKSVcWRQmIgNVBmEyEQdZeikUHkAzMRsZSipgFAkPKikbAV4rJ0RadHJoUU0Ad24WAVwjKRYbF3V2DxwXdXZQWBx3Y1IqF3V2FgFccXJEW3BidFEQBH-NjUioXdXYTHhd0B1BYB2l2SE0AdyEEC1koY1MuAHd3UVgDd3dEWgIhLxMNVCg+RFp0dnZURgJhM1xZ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ingforthemoonheap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 592
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 de5c91e6083c20494d32dc8ebe4b652c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: tNIYnjzyGH2grCenbd3TjeM-gB8jNrJYVAHwNIlSW28dUEpZZ7Z6PA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/TS095a04oIBcNcT8mHVZ2fHlKWnZtJQoEIDtyIR8kPy4AGwEFfF8fNC9ySU0iKiEeVmguIRpWf20uHQlzf2kNGyEgchYeODk7DhE/MyJfHi92IhYRJycjGE58DXpXW2t5f1EcJyUrFhw9bn1JBTpufUlafmV/XFgMbn1JHCcleU1OfQlqS1s2fXtcWAxufU-kZOG58OFp+fmFJQmt5fx4OLSAgXFkIeX9IW356f0hOfHspEBkrLSABTnwNfkleYHtpDFZ/
13.33.124.219200 OK 458 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/TS095a04oIBcNcT8mHVZ2fHlKWnZtJQoEIDtyIR8kPy4AGwEFfF8fNC9ySU0iKiEeVmguIRpWf20uHQlzf2kNGyEgchYeODk7DhE/MyJfHi92IhYRJycjGE58DXpXW2t5f1EcJyUrFhw9bn1JBTpufUlafmV/XFgMbn1JHCcleU1OfQlqS1s2fXtcWAxufU-kZOG58OFp+fmFJQmt5fx4OLSAgXFkIeX9IW356f0hOfHspEBkrLSABTnwNfkleYHtpDFZ/
IP 13.33.124.219:0
File type ASCII text, with very long lines (598), with no line terminators
Hash 79b6bd003601498d84ffa519aaf4fdd8
7d73d7a97150ce38c63625ec040f6973e906c734
84d6e356d1e8502108df1b2a619c63f7d1372996e5d15c7c43d384ea48e9d49f
GET /TS095a04oIBcNcT8mHVZ2fHlKWnZtJQoEIDtyIR8kPy4AGwEFfF8fNC9ySU0iKiEeVmguIRpWf20uHQlzf2kNGyEgchYeODk7DhE/MyJfHi92IhYRJycjGE58DXpXW2t5f1EcJyUrFhw9bn1JBTpufUlafmV/XFgMbn1JHCcleU1OfQlqS1s2fXtcWAxufU-kZOG58OFp+fmFJQmt5fx4OLSAgXFkIeX9IW356f0hOfHspEBkrLSABTnwNfkleYHtpDFZ/ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ingforthemoonheap.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 458
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 de5c91e6083c20494d32dc8ebe4b652c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 7bwaQzr_Koc7RNM6JzzvoI1ji0qsm3HB6Vl6jtHLyYVr0RX9aBR44Q==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=365592ddcb48423eb7c1956af30185a4&p=28&g=NO&token=4a44335432&tbg=1679949195
172.67.74.36200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=365592ddcb48423eb7c1956af30185a4&p=28&g=NO&token=4a44335432&tbg=1679949195
IP 172.67.74.36:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=365592ddcb48423eb7c1956af30185a4&p=28&g=NO&token=4a44335432&tbg=1679949195 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9udLUNWvEGdDDaodPPdIDO2ZsN7UiU%2BnjDTtQylGvxtwGMEcdiMJO71phW6rcUJ9ki5LACdErvqO9zwNRcYK48v8QTo%2B0YO9Y3OTZc8sHCOPv%2BQWDfdgeD3SIEKmt1zXqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aea68478841b50f-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash db1f11cedde47cf778700089de6fe437
f275c6617546a36e66bba98d8909af268adac418
cba914b21c23042c7b2d1abdf15f91dc21371a3eb8221e71395ccf71f93b9e8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 20:33:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 27 Mar 2023 20:05:11 GMT
expires: Mon, 27 Mar 2023 22:05:11 GMT
cache-control: public, max-age=7200
age: 1684
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash c32fec3ba9e76db92cb3e2c1bd44ce11
2983066b25faabb7beb4354606083553aea81c02
49c1d08c360fe9074814811e5e685dd23b0cd2cc95413b5383c833e2be20708c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 20:33:15 GMT
Last-Modified: Mon, 27 Mar 2023 19:23:48 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 282 B IP 104.18.32.68:0
Hash d986f9507590f78cb7e62b4c0072268f
35d899ad0ed0d2d280d3fbe6d6def6774cc3ae7f
a05b3b8fba96a231b432c6f2918fd32283aca4d7f312e59949b1704e707f344d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:15 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 16:43:16 GMT
Expires: Sun, 02 Apr 2023 16:43:15 GMT
Etag: "35d899ad0ed0d2d280d3fbe6d6def6774cc3ae7f"
Cache-Control: max-age=503999,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aea68472905b4f4-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash db1f11cedde47cf778700089de6fe437
f275c6617546a36e66bba98d8909af268adac418
cba914b21c23042c7b2d1abdf15f91dc21371a3eb8221e71395ccf71f93b9e8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 20:33:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ingforthemoonheap.com/utx?cb=pxkLGohxZtlf&top=megaup.net&tid=761186
108.157.229.116204 No Content 0 B URL HTTP/2 ingforthemoonheap.com/utx?cb=pxkLGohxZtlf&top=megaup.net&tid=761186
IP 108.157.229.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=pxkLGohxZtlf&top=megaup.net&tid=761186 HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 27 Mar 2023 20:34:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: xD8MU4F4pDckRmpZYmD2Bsc4vv5Ddtg50XYjENtYqk8FyvLlMBWUnA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.205302 Found 471 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.205:0
Hash eb2978f78249fa2030ff84708ab627b5
0003a93bc57234fba10c90bd0bd80c00d5a90884
b76d3066ba863b1aaf4f5f4fced0a48768bc34de818dc3494e89c045f41f5acf
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Mar 2023 20:33:15 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SSy9jkN9TMdUtyp5QCiK7GF8lr11VjSfNNnmEIBngaD_sT0KNlUaqe2KzhnoXidqxQpLq42A
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-iUctj34gbdZYyvAPQ3in9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:R51Y7kTLNxevFW747SpGko1mXwqkaw:FmU4diuPQZmSluIj; Expires=Wed, 26-Mar-2025 20:33:15 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T2jNfVUbUyyCK-HuHkq5TE2btfnBpjqqfMwM3r3gC-UQPaWxWhSELGLxVyw0EGbofFtlFfKQ
216.58.207.205302 Found 398 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T2jNfVUbUyyCK-HuHkq5TE2btfnBpjqqfMwM3r3gC-UQPaWxWhSELGLxVyw0EGbofFtlFfKQ
IP 216.58.207.205:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 12de34f00922abec73767062bc8040bf
46bddd4c0b35b6f261d5992e2d64028eddd2138e
8c1d572b880a68b83b6cdba64b6ab5f8dfbd72ced14da2e0aaa22098812739f9
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T2jNfVUbUyyCK-HuHkq5TE2btfnBpjqqfMwM3r3gC-UQPaWxWhSELGLxVyw0EGbofFtlFfKQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Mar 2023 20:33:15 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1644021081%3A1679949195685660&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Ti8lkenq1qs5mlNKiEoogGUpLKq2oZhUMfGWt57PPUtzOdw0Qi2rrtrQOto9s-ZFJqgV7Dyg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-jGFoL2rvNvMeI_U-CSCnng' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:4lIGA6M9_2BlfA3aQtexbwukQoJnhw:0tcsE4QOxtnPVCHL;Path=/;Expires=Wed, 26-Mar-2025 20:33:15 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
95.211.229.247200 OK 899 B URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1233), with no line terminators
Hash 844a7e2b1c4b99428f3a4425cc0f6f59
c228fa67f165597a9e98f4ffaa8e647e818484d5
ec0e426af52e550a441ef4bd369f978f1611da59e286b731b94f01698c443e4b
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 348
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 20:33:15 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226421fd8ba97851.737421921414969242%22%3B%7D; expires=Wed, 26-Mar-2025 20:33:15 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SSy9jkN9TMdUtyp5QCiK7GF8lr11VjSfNNnmEIBngaD_sT0KNlUaqe2KzhnoXidqxQpLq42A
216.58.207.205302 Found 400 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SSy9jkN9TMdUtyp5QCiK7GF8lr11VjSfNNnmEIBngaD_sT0KNlUaqe2KzhnoXidqxQpLq42A
IP 216.58.207.205:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 9afb494b8399971b1523114d4c90d250
a46c5c77d8813a4249d0fff4c1759c674a2499de
d837359d3292963faaadb144780fff99085f0ef8fc17d5ad8b93eb291e314f45
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SSy9jkN9TMdUtyp5QCiK7GF8lr11VjSfNNnmEIBngaD_sT0KNlUaqe2KzhnoXidqxQpLq42A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Mar 2023 20:33:15 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1375322581%3A1679949195716457&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7R5taObXvY7BGyugnTTgrnyNIED_UVkvudeb8s4q5d58Q25CpuJ6qqa4PoYgTpGYfwhEQQa3w&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-D9bTbWyM8WVfuxZpuGpsNw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
set-cookie: __Host-GAPS=1:AfdFJC6C2uPXmii6LcL_c6bGX7psaw:P32UkbQJgpovVnnB;Path=/;Expires=Wed, 26-Mar-2025 20:33:15 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash c32fec3ba9e76db92cb3e2c1bd44ce11
2983066b25faabb7beb4354606083553aea81c02
49c1d08c360fe9074814811e5e685dd23b0cd2cc95413b5383c833e2be20708c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2892
Cache-Control: max-age=119383
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 20:33:15 GMT
Etag: "64212196-1d7"
Expires: Wed, 29 Mar 2023 05:42:58 GMT
Last-Modified: Mon, 27 Mar 2023 04:54:46 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ingforthemoonheap.com/utx?cb=IlHPMx24Jk4k&top=megaup.net&tid=825911
108.157.229.116204 No Content 0 B URL HTTP/2 ingforthemoonheap.com/utx?cb=IlHPMx24Jk4k&top=megaup.net&tid=825911
IP 108.157.229.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=IlHPMx24Jk4k&top=megaup.net&tid=825911 HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 27 Mar 2023 20:34:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: zlAs7Kr9EAI_e-D093vlYnJDuRDwYZ8XWsg0SGWiBEXcUcyxciZdog==
X-Firefox-Spdy: h2
ingforthemoonheap.com/utx?cb=I9zmefgGrNEw&top=megaup.net&tid=764141
108.157.229.116204 No Content 0 B URL HTTP/2 ingforthemoonheap.com/utx?cb=I9zmefgGrNEw&top=megaup.net&tid=764141
IP 108.157.229.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=I9zmefgGrNEw&top=megaup.net&tid=764141 HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 27 Mar 2023 20:34:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: mxckcmDkxz9DeqTkI_qSnYiLaTO5aDxPZEojUuF8aQivMQsqsudMsA==
X-Firefox-Spdy: h2
ingforthemoonheap.com/utx?cb=nygKnhtRT1pA&top=megaup.net&tid=876318
108.157.229.116204 No Content 0 B URL HTTP/2 ingforthemoonheap.com/utx?cb=nygKnhtRT1pA&top=megaup.net&tid=876318
IP 108.157.229.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=nygKnhtRT1pA&top=megaup.net&tid=876318 HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 27 Mar 2023 20:34:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: LwKtVTqWKI3HWhrCcYGGTiF7yMZhkGfZCEXab-q8MR3XRAu083kQng==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
13.33.124.219200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 13.33.124.219:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 de5c91e6083c20494d32dc8ebe4b652c.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: pstqq5K4OXUkx0AeWYQUFC6MWmRnbX0x18uZDO3QUPI68OPDczyEkg==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0rEQBC8ihfIUP2Yzsx++62geICZZOOXi+AKK9ThTbIS7KKhH9VVrVAbYIOODxIns5NkVkkVyTVJdj49v9CFH+f39v2ZLucrI2CWGbXCC6t50aB7uJRgFmEOFPXgWF0iR6GDRqzQbO5blQAIC/j2+rinrFAacNOMtd5sKQB9bXDbjkss03n1mt2mCbPnijrVQM9hrfSd+P9P3JEgWnf1vwFN3NSVgxyNcw1wX7evn8tEHvQ78iEgpNbqrTj61ADz1iWWRbWPSy829/gFeNssY1YBAAA=
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OW0rEQBC8ihfIUP2Yzsx++62geICZZOOXi+AKK9ThTbIS7KKhH9VVrVAbYIOODxIns5NkVkkVyTVJdj49v9CFH+f39v2ZLucrI2CWGbXCC6t50aB7uJRgFmEOFPXgWF0iR6GDRqzQbO5blQAIC/j2+rinrFAacNOMtd5sKQB9bXDbjkss03n1mt2mCbPnijrVQM9hrfSd+P9P3JEgWnf1vwFN3NSVgxyNcw1wX7evn8tEHvQ78iEgpNbqrTj61ADz1iWWRbWPSy829/gFeNssY1YBAAA=
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW0rEQBC8ihfIUP2Yzsx++62geICZZOOXi+AKK9ThTbIS7KKhH9VVrVAbYIOODxIns5NkVkkVyTVJdj49v9CFH+f39v2ZLucrI2CWGbXCC6t50aB7uJRgFmEOFPXgWF0iR6GDRqzQbO5blQAIC/j2+rinrFAacNOMtd5sKQB9bXDbjkss03n1mt2mCbPnijrVQM9hrfSd+P9P3JEgWnf1vwFN3NSVgxyNcw1wX7evn8tEHvQ78iEgpNbqrTj61ADz1iWWRbWPSy829/gFeNssY1YBAAA= HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226421fd8ba97851.737421921414969242%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 20:33:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Wed, 26 Mar 2025 20:33:15 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
136.243.22.74200 OK 500 kB URL HTTP/2 static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
IP 136.243.22.74:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 500 kB (499628 bytes)
Hash e4eb2c4ec1794d4e05b77ec20607b881
4abdedcc14882e200a685cfd4240e69c60732aea
4f2c5f4d5efd47fd8d0fc9e0ceca3d637d907a682b748102378c2aa677395efe
GET /a-ads-banners/426618/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: image/gif
content-length: 499628
x-amz-id-2: 1RFZjfhVzhjXjfpb+N9U99N7Q5K1I1E1aJEdudB8+w82W/IoT/0fUvLweOJEwuLMbqOvJm7M/qA=
x-amz-request-id: KZEQXFYG02F1PQ3M
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 16:37:46 GMT
etag: "e4eb2c4ec1794d4e05b77ec20607b881"
cache-control: max-age=315360000
x-amz-version-id: aMmfct8jferkXctt.IjET.eVL2M61OoN
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 921ab97a82481926b175c3519fe7f02a
7dd316aaf8966703c3880c19dbc75d5fe333487b
cefd0f781ab12bb85cbda9de47073bac84cf66c33f4fceba0fd0dfeed836dfda
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 27 Mar 2023 20:33:15 GMT
Last-Modified: Mon, 27 Mar 2023 18:48:28 GMT
Server: ECAcc (nya/1C3C)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QvRv-ktDNzlnCGdO7hg47GsyDEXChBplw4qNMvkiVVDAvnWvHkbDjg==
Age: 6288
s3t3d2y8.afcdn.net/library/660335/8a5422890e8bf9dfcf5b6c0523b8dab484ee529b.mp4
185.76.9.18206 Partial Content 84 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/660335/8a5422890e8bf9dfcf5b6c0523b8dab484ee529b.mp4
IP 185.76.9.18:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 075ca51a5093699071ecb4fa029de457
8a5422890e8bf9dfcf5b6c0523b8dab484ee529b
465a30f0dd01761478a92a13321d803dab4f39c9e66836627165d0fdbc320521
GET /library/660335/8a5422890e8bf9dfcf5b6c0523b8dab484ee529b.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Mon, 27 Mar 2023 20:33:16 GMT
content-type: video/mp4
content-length: 84147
last-modified: Sun, 12 Feb 2023 01:36:23 GMT
etag: "63e84297-148b3"
expires: Mon, 12 Feb 2024 01:49:04 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCQ17TsT/krY5AA
x-77-nzt-ray: c0a4cc28b12085c38cfd2164cb42aa00
x-accel-expires: @1707702906
x-cache: HIT
x-age: 3782290
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-84146/84147
X-Firefox-Spdy: h2
theharityhild.buzz/TVNqZE02cRkTEjghBkZ3bzseED0%2BaUVLICg0CxE9Yz0PEGI%2BJEQOPm9%2FSBcgK3FQVWFvIAcSb3dxXkp%2Bb39IECwqDAMAb3dxUld%2Fe2BZRmFvIB8GEiQ3WEZ3bzVSV34uY14GYHs2WgZgeTcIVGB0Z1JTYCtlDwEoLjYJBy4uNkgZ
54.162.51.18502 Bad Gateway 0 B URL HTTP/2 theharityhild.buzz/TVNqZE02cRkTEjghBkZ3bzseED0%2BaUVLICg0CxE9Yz0PEGI%2BJEQOPm9%2FSBcgK3FQVWFvIAcSb3dxXkp%2Bb39IECwqDAMAb3dxUld%2Fe2BZRmFvIB8GEiQ3WEZ3bzVSV34uY14GYHs2WgZgeTcIVGB0Z1JTYCtlDwEoLjYJBy4uNkgZ
IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TVNqZE02cRkTEjghBkZ3bzseED0%2BaUVLICg0CxE9Yz0PEGI%2BJEQOPm9%2FSBcgK3FQVWFvIAcSb3dxXkp%2Bb39IECwqDAMAb3dxUld%2Fe2BZRmFvIB8GEiQ3WEZ3bzVSV34uY14GYHs2WgZgeTcIVGB0Z1JTYCtlDwEoLjYJBy4uNkgZ HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: 7db1de8ce5f53f203dd89f5c779689c0=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 390
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1679949214392
34.196.72.114200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1679949214392
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1679949214392 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.11
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzRkSGl5P3B0PSUyQk5NeG9KZmRmWUVBY09wdkpOd1Vwd1Z5ZnRveFJXZjRTRWtnWTFZUU5VMCUzRA==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:16 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 4c1085a0-152d-468b-9da5-61defc22ade8
x-api-version: 0.46.9
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 357
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
ingforthemoonheap.com/multi?cs=OFYyMWYIYAoAXw1jBwFeDm8FCF8&abt=0&red=1&sm=76&k=download%20file%20rush%20vrex&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=121.35922330097088&ref=https%3A%2F%2Fmegaup.net%2F4dHiy%3Fpt%3D%252BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%253D&osr=download.megaup.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_3Aga=1679949214751&crc=1
108.157.229.116200 OK 1.6 kB URL HTTP/2 ingforthemoonheap.com/multi?cs=OFYyMWYIYAoAXw1jBwFeDm8FCF8&abt=0&red=1&sm=76&k=download%20file%20rush%20vrex&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=121.35922330097088&ref=https%3A%2F%2Fmegaup.net%2F4dHiy%3Fpt%3D%252BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%253D&osr=download.megaup.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_3Aga=1679949214751&crc=1
IP 108.157.229.116:0
File type ASCII text, with very long lines (3315), with no line terminators
Hash e2565e316520a6df31f34748a0daf721
1a274855c739ec5608203c79d4a5cc63fcb91e1b
d5fb79e20f2f38096a4c59208fb5a9afc015eff15e78a90babfd4dee71fb0251
GET /multi?cs=OFYyMWYIYAoAXw1jBwFeDm8FCF8&abt=0&red=1&sm=76&k=download%20file%20rush%20vrex&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=121.35922330097088&ref=https%3A%2F%2Fmegaup.net%2F4dHiy%3Fpt%3D%252BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%253D&osr=download.megaup.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_3Aga=1679949214751&crc=1 HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1619
date: Mon, 27 Mar 2023 20:33:16 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=2f9650c7-d45e-4f0f-9f9d-ff69f0795d26
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: qOVmN6um6nw1sfmxcegimcYXotXbTMjCAWWjpxCsR_lc21Bhsp9q6Q==
X-Firefox-Spdy: h2
cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
104.26.2.51200 OK 52 kB URL HTTP/2 cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 104.26.2.51:0
Hash 6d69e3783e190e38682b5466954eb491
295f3e7bd2a5ddc21ff2d62b361dd0b4e03f74bf
11711edf66a1af79e48334cf0b8ca447f6cefbe6ab71fc287b8f0cf682d01a36
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"7ff55b7265a6d704f52d31c2e9cb60be"
last-modified: Mon, 27 Mar 2023 13:10:05 GMT
x-amz-id-2: MWlTInne54brUjGxT8P+0oz5IqhMeQ9/f1lUcaukziCCID04GmA8XAulVTyDixnn86fofxKa0ug=
x-amz-request-id: T3SDQ18TEHXF6TM0
cache-control: max-age=86400
cf-cache-status: HIT
age: 4827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZGYGrv80XX9OMk84hNQU2B7oqJGNYjamgnxEK18d%2Bl9Y8KMjBSB6QzOK%2BRI0iqAVyXSaZ%2BJcoJpFNlQ8EQ3RtMfkef2LQcSu%2BDhhmfl%2Byp1%2F5iqjhlbCrdSnTd5ZNwRMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea684ccb630b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
ingforthemoonheap.com/floater?cs=VTFOaDdsA3xRB2YGdlgObAB6XQU&abt=0&red=1&sm=83&k=download%20file%20rush%20vrex&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=121.35922330097088&ref=https%3A%2F%2Fmegaup.net%2F4dHiy%3Fpt%3D%252BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%253D&osr=download.megaup.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_lEXF=1679949214754&crc=1
108.157.229.116200 OK 4.0 kB URL HTTP/2 ingforthemoonheap.com/floater?cs=VTFOaDdsA3xRB2YGdlgObAB6XQU&abt=0&red=1&sm=83&k=download%20file%20rush%20vrex&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=121.35922330097088&ref=https%3A%2F%2Fmegaup.net%2F4dHiy%3Fpt%3D%252BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%253D&osr=download.megaup.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_lEXF=1679949214754&crc=1
IP 108.157.229.116:0
File type ASCII text, with very long lines (6163), with no line terminators
Hash 1acbe5d31041babf01c8ecd7da7ad347
115d75aa46d79d6a7a7769d0ae0d4602e5da84d0
3835670de55e706311059a861ee01d863fa3b32828e801bb395eea48d39806c2
GET /floater?cs=VTFOaDdsA3xRB2YGdlgObAB6XQU&abt=0&red=1&sm=83&k=download%20file%20rush%20vrex&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=121.35922330097088&ref=https%3A%2F%2Fmegaup.net%2F4dHiy%3Fpt%3D%252BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%253D&osr=download.megaup.net&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_lEXF=1679949214754&crc=1 HTTP/1.1
Host: ingforthemoonheap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 3995
date: Mon, 27 Mar 2023 20:33:16 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=39fa09c7-5095-426c-89db-d383f5849c07
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: oscqjoO6II6R24TU2Oyn9OgSVTsVCzQ6zC2H3BK887Q8A0zJ9lbAqA==
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=44a2eaa2-e236-4c3c-a89b-9caa318bd2e5&ts=1679949214615
34.196.72.114200 OK 1.7 kB URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=44a2eaa2-e236-4c3c-a89b-9caa318bd2e5&ts=1679949214615
IP 34.196.72.114:0
Hash 66ffddec6d86f1e2bc1b8f2396f7386b
69d362dcce5240051f928f47d712f2c7ab1afc38
6088c75731aa0a6cb734fb648352df86ba6525337277473b5df66f3bf44db1c2
GET /x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=44a2eaa2-e236-4c3c-a89b-9caa318bd2e5&ts=1679949214615 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.11
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzRkSGl5P3B0PSUyQk5NeG9KZmRmWUVBY09wdkpOd1Vwd1Z5ZnRveFJXZjRTRWtnWTFZUU5VMCUzRA==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 107a7633-1f8f-408b-b814-d8d2dd2283d0
x-api-version: 0.46.9
set-cookie: pa-user-id=035516af-c2c5-4b4a-884c-0ea15e3bd761; Domain=.purpleads.io; Path=/
pa-user-id: 035516af-c2c5-4b4a-884c-0ea15e3bd761
etag: W/"c66-rYxfUFHu8BaBAVWcYb1Q/cI8Sgs"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.9.169200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 347871
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlR9HXFy%2FQcdPeyB1aPxr3YmxH3OPE6qRjo8LxpTuSIAFsh3lEcnF20T%2F2y1Io0dLytmrT3Msi3TkV3bJRz5kOicv0NbH8Nl8SNMe%2F5qJrJ%2Fta9o2k5wfOTzunZeTYhG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aea684e9862b50c-OSL
Content-Encoding: br
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d1e005a7273f04b6ff8179094a19636
f57a0273afafca35bb92fe91cdc4bca465c934e9
313a7b08df5e4b239bbc8a80e5ffc35b2d630c4fdc767ce44aa1b0de1a4cd234
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 12:04:31 GMT
Expires: Sun, 02 Apr 2023 12:04:30 GMT
Etag: "f57a0273afafca35bb92fe91cdc4bca465c934e9"
Cache-Control: max-age=487273,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aea684d8dc8b4f4-OSL
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2107
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:16 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aea684ebcfcb517-OSL
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 126 kB IP 172.64.107.19:0
Size 126 kB (125611 bytes)
Hash 8ab303fb813d7184c6a2c51926894a85
a1a7e92b4c5f369749be7a1976c67312054690f9
4535dadf5400e8e8beabf43006884a4d01b1a0e703c6d18c485a5cac9103d8ec
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6803
last-modified: Mon, 27 Mar 2023 18:39:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqxMXw7Fzqmn1rVhJOJv0fvmhm0f0g%2FDXZjvlXp0GjWnotbC0QnMcPbsWwra0ULq2sGqYAYTk2o8GCL3qEryJWymQjAwpW2VS9%2FvGfX%2Fa0S8txppQLv%2ByLrLWdGi8uOD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea6848c8c924dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ed8a6a15efdfd564252753b7124e904d
cb810c7eab2f94657ab141162d7fdcb6137240fc
f28c8fdaca48797394cec951ca6b58175417411ec2adbe99c258269a7066b67b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F28C8FDACA48797394CEC951CA6B58175417411EC2ADBE99C258269A7066B67B"
Last-Modified: Sat, 25 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10118
Expires: Mon, 27 Mar 2023 23:21:54 GMT
Date: Mon, 27 Mar 2023 20:33:16 GMT
Connection: keep-alive
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1642
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 27 Mar 2023 20:33:16 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="a8001a3f8b10f439"; Path=/; HttpOnly
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.101200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.101:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f482dd7f9e97b7f276acb2d0f85e2df0
96767906bfdde235dce1a9afa128032976307267
d36ae9fcd68e50f7d5ab7016ff56ac73c3084d3e0a4c7c241e938d1fb079346b
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1035
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 27 Mar 2023 20:33:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d5925e23-d3f0-4680-a115-35c67dfb2286
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 22f88b39934d983e2e5c00e29faf455d
751414748a6204582bdbc1089efa1890d01619b0
f6d4a7674c23ec3222bbb910c32fec958e5e03a01974462cfc09ab0e74d6ea1f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3286
Cache-Control: max-age=106524
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 20:33:16 GMT
Etag: "6420edd2-1d7"
Expires: Wed, 29 Mar 2023 02:08:40 GMT
Last-Modified: Mon, 27 Mar 2023 01:13:54 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d1e005a7273f04b6ff8179094a19636
f57a0273afafca35bb92fe91cdc4bca465c934e9
313a7b08df5e4b239bbc8a80e5ffc35b2d630c4fdc767ce44aa1b0de1a4cd234
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 12:04:31 GMT
Expires: Sun, 02 Apr 2023 12:04:30 GMT
Etag: "f57a0273afafca35bb92fe91cdc4bca465c934e9"
Cache-Control: max-age=487273,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aea684f0864b4f4-OSL
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:16 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea684fb99f1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.prplads.com/prebid-2023-03-22.js
104.26.2.51200 OK 114 kB URL HTTP/2 cdn.prplads.com/prebid-2023-03-22.js
IP 104.26.2.51:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 114 kB (113552 bytes)
Hash 65662046f6a35f8fd8ce2a30a6b509c1
bd2051c430c04a0a6029595828b1a8bbe7c8e5df
a91627e7078c6a3ef7c5a5207a18b878bef40dd777afe6162055bb9cbe870e9a
GET /prebid-2023-03-22.js HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:16 GMT
content-type: application/javascript
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=375127
etag: W/"99f3c3ccaab6ea63fe6fdc9617e04981"
last-modified: Wed, 22 Mar 2023 16:08:32 GMT
x-amz-id-2: tfIde3Z15D2eLP//UJilb9u8uhCt0yPvOj1j2aVDRqen5Y9+IRpaxx2/c6GWQPnFpjKeKpG02Ro=
x-amz-request-id: WEEHEZZ3GQGXCX9S
cf-cache-status: HIT
age: 26445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cn68vRI1DMCh4UYdj1NruqOOZ3%2FrHIxkVJOZ4b4la09EJf9QfZtPRYuyGk2QeET7rctYoEAWxDk1LczdrsbifLX%2B%2FlWWYJSDK3XLFdqkUrtFF2QVYrWrdhp%2FjictbZTsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea684ddd1a0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d89be83374f516673ad6ebb04ffda31
ca8c9c5379c564e5c8be32958a4490df00262963
4dc9662f6e9e21f8437f844c47540efbb247eefe0250c9906baccb48eb084b38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DC9662F6E9E21F8437F844C47540EFBB247EEFE0250C9906BACCB48EB084B38"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20370
Expires: Tue, 28 Mar 2023 02:12:46 GMT
Date: Mon, 27 Mar 2023 20:33:16 GMT
Connection: keep-alive
ame1oeaqidho.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 ame1oeaqidho.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ame1oeaqidho.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:16 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e19e7ae3b7d1ffbcd7ab25777f91e0df
1e8290ce881dce150849c1863620e0c426bd30eb
e08227903eb1191994dcd343220e9e2dc48bb94946cb6c676630c24ae8ec7ae8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E08227903EB1191994DCD343220E9E2DC48BB94946CB6C676630C24AE8EC7AE8"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3045
Expires: Mon, 27 Mar 2023 21:24:02 GMT
Date: Mon, 27 Mar 2023 20:33:17 GMT
Connection: keep-alive
api.purpleads.io/x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&ts=1679949215445
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&ts=1679949215445
IP 34.196.72.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&ts=1679949215445 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:16 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: fdea7e60-042f-402f-9b46-57a5da36fd39
x-api-version: 0.46.9
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.9.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Mon, 27 Mar 2023 20:33:17 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 347872
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3ujsNTVnqwlkMiHyShXuRdR3sMcAQUzPx1ctUfkTrQTvIqrf9XGu8aloq6vpit9azyXt9qIvgVrEudDKskWdWVDoW2Q7wo3zmymTOKBqii4tTagXGyZP%2BIIF6rlgvUP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aea68537f7db50c-OSL
script.4dex.io/adagio.js
104.26.9.169304 Not Modified 0 B IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:17 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Mon, 27 Mar 2023 20:33:17 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 1271709
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoBdb5XAb7C0zQT4StpxhVpqS6FmqtcGD93s0gt83QRoF3Uo9KssZV2lUYQ8C8biuReS9p91ygdSirpHt4n%2BagqetPQ%2BvweI6UAmiFD0gMx1SsgpHbdcqabpbsblB9ND"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7aea68539bf10b06-OSL
prebid.a-mo.net/a/c
147.75.85.234204 No Content 29 B IP 147.75.85.234:0
Hash 91f392b4eeaed49fac554f44a3cdb41b
054f3665bcb1e6a1d2913ca916d83851d869d61b
c89a6473fb2d1ec2e47011ed69b807b7d40db9b6ca9c7d0f50cd95ed94c0d963
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1575
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 27 Mar 2023 20:33:17 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
set-cookie: X-Contour-Session-Affinity="a8001a3f8b10f439"; Path=/; HttpOnly
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2184
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aea68538d80b517-OSL
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 770
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 27 Mar 2023 20:33:17 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&ts=1679949215445
34.196.72.114200 OK 1.7 kB URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&ts=1679949215445
IP 34.196.72.114:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3295), with no line terminators
Hash 8ae3b753b4d0a3a68dce9817178dd713
801d5709dc4e4a096b23fa6fba6f6f6d0d245752
1edb8a7d0785886a3f457caeaf0edbd790223f390aaae820cd2f25e56513efeb
GET /x/b/?idx=0&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&ts=1679949215445 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.11
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzRkSGl5P3B0PSUyQk5NeG9KZmRmWUVBY09wdkpOd1Vwd1Z5ZnRveFJXZjRTRWtnWTFZUU5VMCUzRA==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: d8677330-56f7-4e97-a40d-b548643534ee
x-api-version: 0.46.9
set-cookie: pa-user-id=b59783d7-8493-4781-a267-8a554cf433a9; Domain=.purpleads.io; Path=/
pa-user-id: b59783d7-8493-4781-a267-8a554cf433a9
etag: W/"c6c-fO0KEN/qQataAWkekIcpmeXzeTU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.101200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.101:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1024248d50a579a525a28a9f86dec0af
cdd679f3557911d6af049fbd349bf9c50b0f3382
441df32b3e2788ca47a47b68327be07a6ab53af974e0e4b0add5d76d43733b59
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 964
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 27 Mar 2023 20:33:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 291f2463-d431-4aee-9506-dc0c1833c200
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
api.purpleads.io/x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=44a2eaa2-e236-4c3c-a89b-9caa318bd2e5&demand=unifiedPb&ts=1679949215952
34.196.72.114200 OK 121 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=44a2eaa2-e236-4c3c-a89b-9caa318bd2e5&demand=unifiedPb&ts=1679949215952
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash eb7483d7feeae3fd661b499a6183be29
dc4580b7dba247e56b3e5c4d49d95c445275abdd
70a942b72e84e8a16c25b56d414ffa73e9289cdf73a79b7601177021b485074e
GET /x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=44a2eaa2-e236-4c3c-a89b-9caa318bd2e5&demand=unifiedPb&ts=1679949215952 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.11
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzRkSGl5P3B0PSUyQk5NeG9KZmRmWUVBY09wdkpOd1Vwd1Z5ZnRveFJXZjRTRWtnWTFZUU5VMCUzRA==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:17 GMT
content-type: application/json; charset=utf-8
content-length: 121
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: ba176810-ccfe-4b73-b055-3cfebef43430
x-api-version: 0.46.9
set-cookie: pa-user-id=5dd572e9-a32e-4219-a885-9a8a29a160da; Domain=.purpleads.io; Path=/
pa-user-id: 5dd572e9-a32e-4219-a885-9a8a29a160da
etag: W/"79-3EWAt9uiR+VrPlxNSdlcRFJ1q90"
vary: Accept-Encoding
X-Firefox-Spdy: h2
engine.4dsply.com/verify?sig=BAYAZCH9jQFkIf2NgAGBAcAAIEscZf3dDLogym8YQyAmGJaB-FeR1Gt2amYzq34Ee-2iwQAgijD_6V5bXITNeVGzga1OpCluwEumbvctMtX2XRAkVbU
104.16.158.17200 OK 17 B URL HTTP/2 engine.4dsply.com/verify?sig=BAYAZCH9jQFkIf2NgAGBAcAAIEscZf3dDLogym8YQyAmGJaB-FeR1Gt2amYzq34Ee-2iwQAgijD_6V5bXITNeVGzga1OpCluwEumbvctMtX2XRAkVbU
IP 104.16.158.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f9bf086d73f8b7cc483324aedb224ed0
be03b282679354a90df7b59b4c92da6e8caeaccc
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
GET /verify?sig=BAYAZCH9jQFkIf2NgAGBAcAAIEscZf3dDLogym8YQyAmGJaB-FeR1Gt2amYzq34Ee-2iwQAgijD_6V5bXITNeVGzga1OpCluwEumbvctMtX2XRAkVbU HTTP/1.1
Host: engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:17 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
x-adscore-status: bot
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea68549b4ab512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ac8d9cdf223e611b7f8416c986c1b2e
22410c6eb7ebc2e9ea54618ec5aca74fa46dbeaa
ad997ef489632d7cf36a034a50b1926463ef042bfe9064156514903b90d0e4a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD997EF489632D7CF36A034A50B1926463EF042BFE9064156514903B90D0E4A7"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 27 Mar 2023 22:25:21 GMT
Date: Mon, 27 Mar 2023 20:33:17 GMT
Connection: keep-alive
api.purpleads.io/x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&demand=unifiedPb&ts=1679949216445
34.196.72.114200 OK 121 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&demand=unifiedPb&ts=1679949216445
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 393d79546d7524d38636f7901c692723
b0bffd48b4944b56153619d4e30d69abe00acbe1
a26f15d544c1e61ac72ab1b9c6a20bfffef72cc78af7cd36c03ad65960ae7934
GET /x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&demand=unifiedPb&ts=1679949216445 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.11
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzRkSGl5P3B0PSUyQk5NeG9KZmRmWUVBY09wdkpOd1Vwd1Z5ZnRveFJXZjRTRWtnWTFZUU5VMCUzRA==
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:17 GMT
content-type: application/json; charset=utf-8
content-length: 121
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 9c30f19b-dc2c-408b-941d-c938564fd837
x-api-version: 0.46.9
set-cookie: pa-user-id=42edbff0-e234-4b48-96cd-d5e99ee05d3e; Domain=.purpleads.io; Path=/
pa-user-id: 42edbff0-e234-4b48-96cd-d5e99ee05d3e
etag: W/"79-sL/9SLSUS1YVNhnU4w1pq+AKy+E"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ame1oeaqidho.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 ame1oeaqidho.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ame1oeaqidho.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 20:33:17 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
104.16.159.17200 OK 0 B URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP 104.16.159.17:0
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:16 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Mon, 27 Mar 2023 20:22:30 GMT
cf-cache-status: HIT
age: 455
expires: Mon, 27 Mar 2023 20:48:16 GMT
server: cloudflare
cf-ray: 7aea684cec3c0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6803
last-modified: Mon, 27 Mar 2023 18:39:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmKOOu%2BND43pcCuqhqbIR6t8gBEVYfXGNZ37Gf05eEWBXNkU84%2FCv7YKfDdiB60%2FblyXDOcRdRLajmUjRTeFxpHXyHboIYMuEhZ7y%2BFdMkHYJwD7uZHfA8nbByhWK1Xu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea6848b8a824dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
136.243.22.74200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 136.243.22.74:0
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6803
last-modified: Mon, 27 Mar 2023 18:39:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIIgC8qCu4rstUkV5E1gOXoCvRRudLBLatyBATyDwwur7WNUi%2BLWT9dButaWVMyLPI7Enwf4qUHcYu5%2BXooMB9%2F0WNOaEJdPbmvHPjBG%2FDGTotSlLjUc%2FprR5BPbqtYB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea6848c8cf24dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
172.67.192.50403 Forbidden 0 B URL HTTP/2 download.megaup.net/?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB
IP 172.67.192.50:0
GET /?idurl=0lixLaV5L89JKamcHXUbetVcZmEM3csfkolfrHaF55iuKwbT+M5hh9auXMx1R2INewKeDjm5DPjuT5UPAkRDYsaI+EmkaeBWO0GoorCYpsw=&idfilename=RUSH.VR-VREX.rar&idfilesize=3.18+GB HTTP/1.1
Host: download.megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://download.megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 27 Mar 2023 20:33:11 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6hPnltH6DXThQxVIQ2Isr3FU3iphQYFY4VJlHT6dtOFsHPaAAevGHw0bclLeKhxzjl%2BFSoBb7rrHEuaowUdBGI0KPALJvPkaG3o6mYwx68ijUjKLr6Hg5HE3f9etHRbNQ0oWOzp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea682bcae61c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
IP 91.209.70.182:0
GET /4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.megaup.net/
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=kbv6077o27dgknqak0gb1qcpq0; expires=Tue, 28-Mar-2023 20:33:14 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: text/plain
set-cookie: csu=2223194831706402@1@1679949195; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=at3YXAnophTuiT5d5VSwOHbimEMyBFqkRPFv08UwThAGq9pw94x4V0Ug7%2FY1jUAspdzD9Fu4q6Hoc7YtE2GRCwb8eENTMlWoEOVl%2Fq1aZ%2B8nBx9%2BA83ttCCWTpduoLIF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aea6848c8ce24dd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6803
last-modified: Mon, 27 Mar 2023 18:39:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqQhBhsvbCW6uc5o7QiZPm%2FKZS%2BScD0ho4vJcNQ0AbqJORAM8UkscfmxHs34tkNjNpnlrJzv%2B47%2B0V9LawMeqZo62s6s8lN%2B8qbIN0SZlrqQlWFexTYBtl%2BZvqkkSwin"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aea6848c8d524dd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1679949214392
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/init?ts=1679949214392
IP 34.196.72.114:0
OPTIONS /x/init?ts=1679949214392 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:15 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: a4a96e8d-de61-4add-be25-f8c1c4d561bf
x-api-version: 0.46.9
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1679949214098
172.67.74.36200 OK 0 B URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1679949214098
IP 172.67.74.36:0
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1679949214098 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:15 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FePieqc9uBecyun3Xgo8NyttiHeXkLMEuhsuISVPt5gXAmNqbgIfuCSG0Pjhf3ruyj1uARMpY7rVodmplMDZHPaxKkLuhfvxEG1eDcDcfLm2x85JgXoOHRvLhD5zG6kfKcbvBCZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aea68468ed1b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&demand=unifiedPb&ts=1679949216445
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&demand=unifiedPb&ts=1679949216445
IP 34.196.72.114:0
OPTIONS /x/b/?idx=1&pid=e1204e6701114ac8953e5328b6c237c6&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=41937d66-4b90-4ccc-a9e5-e5493c039b62&demand=unifiedPb&ts=1679949216445 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 20:33:17 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 50d0eaf0-8eb6-4268-8fbc-2a2a4eece9b4
x-api-version: 0.46.9
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 0 B IP 91.209.70.182:0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/4dHiy?pt=%2BNMxoJfdfYEAcOpvJNwUpwVyftoxRWf4SEkgY1YQNU0%3D
Connection: keep-alive
Cookie: cf_clearance=fBPIeeJuR3.lgEjx_wBlSa587aWIIedTv.2QSR5sxMI-1679949191-0-150; filehosting=kbv6077o27dgknqak0gb1qcpq0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 20:33:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.205302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.205:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Mar 2023 20:33:15 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7T2jNfVUbUyyCK-HuHkq5TE2btfnBpjqqfMwM3r3gC-UQPaWxWhSELGLxVyw0EGbofFtlFfKQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-ECNazXcqBcKnIDngqB4WTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:GeLJQNBhUJw9IN1ItZ7D0P7RxsEd7g:t74U69Gd_3ccv5Eq; Expires=Wed, 26-Mar-2025 20:33:15 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2