megaup.net/176vy/sc22307-DLTWOSH.part01.rar
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/176vy/sc22307-DLTWOSH.part01.rar
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /176vy/sc22307-DLTWOSH.part01.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 28 Mar 2023 13:17:40 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2664
Expires: Tue, 28 Mar 2023 14:02:04 GMT
Date: Tue, 28 Mar 2023 13:17:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Tue, 28 Mar 2023 14:36:26 GMT
Date: Tue, 28 Mar 2023 13:17:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16667
Expires: Tue, 28 Mar 2023 17:55:27 GMT
Date: Tue, 28 Mar 2023 13:17:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Backoff, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 12:28:03 GMT
content-type: application/json
age: 2977
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 100Dj5dYcQ6GgMqxjzS+JB95chOymEiLRFnfLkzP3oD526VFLg3zQvPvSq61xeR6ytnH9oTTlKcvvbLKQWT+Jg==
x-amz-request-id: J1K2YXHD01605W2T
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 12:56:13 GMT
age: 1287
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:40 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2fdd88c5328a20e99bd682e34b8c0173
a6415caf042550cb51822e482d1f5b9178938ea3
f15a1244d7acc3b892df1a3ea767c24ce5f661e2e623fedc25ade8c7094c8af6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 13:17:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 23:25:48 GMT
Expires: Mon, 03 Apr 2023 23:25:47 GMT
Etag: "a6415caf042550cb51822e482d1f5b9178938ea3"
Cache-Control: max-age=554285,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af0279b184db527-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Content-Length, Cache-Control, Expires, ETag, Pragma, Backoff, Last-Modified, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 13:17:25 GMT
age: 16
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 1.8 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
Hash 0d4fa51a1335bf84a6aa70cc4991293e
0c45b66c705571f5a7f2be084be7a66ef344515b
c83c0e631ac03a53e2a86eee381ed98f630a059bf85c53d8b128c7df0b0d0a9c
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7e2d8156baac12231cc9cbfdefedacf1
62384d8842fb5b560ac39636bb519953e22dc664
ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 13:17:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.136200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.136:0
File type ASCII text, with very long lines (2206)
Hash 31c364795392a6b2e5413c411b3f7d84
708f19df5fb64d421b4253b61897372b95d25fe6
27d8c657f38bc4e8b27a9eba0505fcb15f56d7c9d9acf959c2a91364e873ca86
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Mar 2023 13:17:41 GMT
expires: Tue, 28 Mar 2023 13:17:41 GMT
cache-control: private, max-age=900
last-modified: Tue, 28 Mar 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7e2d8156baac12231cc9cbfdefedacf1
62384d8842fb5b560ac39636bb519953e22dc664
ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 13:17:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 35 kB URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
File type Unicode text, UTF-8 text, with very long lines (8746)
Hash c2a60cd596a6c9bc9304aa644ccb055c
cb0e0b24dfd8829d9f8af1aca1aebee41515ab21
04602086f0a8cdc6c87b1488ed58084f8dc412d8532579b4eba65b162bea4d8e
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
91.209.70.182200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 40 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (28941)
Hash 69b7eecf3244cb5762d3379572ca60de
891f2d816e71b7d2ecbfebe90c1f7cbf2f60a7b4
221b98e7fb3628b7059cc07df7e61806e6403a0a019204229d8c2e29dff2a159
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 65 kB IP 91.209.70.182:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4d0420de219eff4780844a7211acdcd0
c9ebbd897924c1bc3a0ca217d7c5a74f43cd6af4
9f8830bccf1e0f261d4a3ce74f225152dc8f915ff6f97c79e9be5bc7cf56da85
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 10dfebf8c22a8737ee54347e9c5070be
9a6a7587836195c72954825918cdf9dce9f82fc6
9d1bacfd5c954fd7cc93310a9dd7f31dca719b2a19658073b725cf0b532e7a9c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D1BACFD5C954FD7CC93310A9DD7F31DCA719B2A19658073B725CF0B532E7A9C"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14355
Expires: Tue, 28 Mar 2023 17:16:56 GMT
Date: Tue, 28 Mar 2023 13:17:41 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 8.8 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash 8dda9aee41450406a0fcc9de2276841f
d00b3b9cd5d8c7620888027c942ca4b5c6842299
576efff7cb2b120d248b94a813e55ca575ce8e619f9b0c8a6167c08c756f56ec
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 13:17:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 29-Mar-2023 13:17:41 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Wed, 29-Mar-2023 13:17:41 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 13:17:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 29-Mar-2023 13:17:41 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Wed, 29-Mar-2023 13:17:41 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
push.services.mozilla.com/
52.41.23.0101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.23.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1YiF6Sv+8MtxlKfUjRCgIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tig6u/Jj+tERC9F84EtUguKUGCY=
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
54.230.245.57200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 54.230.245.57:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 189 kB (188678 bytes)
Hash c51ad738faef78d4312c2093de9ff32c
5131dde86a070d47285d6002d6783144de472cdb
38ab031d81fd4ae3459916ff91b12df95bbd3f76a229286f42ee6c368fcdcd52
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188678
date: Tue, 28 Mar 2023 13:17:41 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dOAObRSqV8LYkY9O7By8XFmh-gGcKl1YqvmA5YYEWYIiVuESdq-UVQ==
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 13:17:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 13:17:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
foreyeshehadtw.com/ZXBWbVJKTzUebzE4DxczDzphPzURJBReKjUyOh4UAzUPJQoCPXAZOwFNYVtjVEhgSyIMFGtcdBYENxknFk1nSzsLFjlQdBNNZ0NhUV5lX3xXViNQY0MEJgw1WEFwHSYRHGtcZF1AZl1rUUhkW2Bc
188.114.97.1204 No Content 0 B URL HTTP/2 foreyeshehadtw.com/ZXBWbVJKTzUebzE4DxczDzphPzURJBReKjUyOh4UAzUPJQoCPXAZOwFNYVtjVEhgSyIMFGtcdBYENxknFk1nSzsLFjlQdBNNZ0NhUV5lX3xXViNQY0MEJgw1WEFwHSYRHGtcZF1AZl1rUUhkW2Bc
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZXBWbVJKTzUebzE4DxczDzphPzURJBReKjUyOh4UAzUPJQoCPXAZOwFNYVtjVEhgSyIMFGtcdBYENxknFk1nSzsLFjlQdBNNZ0NhUV5lX3xXViNQY0MEJgw1WEFwHSYRHGtcZF1AZl1rUUhkW2Bc HTTP/1.1
Host: foreyeshehadtw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8zgADp0kXyLZe0RxyzuUtkHu8%2BV8vDxcScH02kxWXwEELw%2B1AL9LbbCiv%2BjRqWwPBgkMTdLTzs5i17ZUNhvrXVBc274B8bG%2BpUAsyob81FzlXZpoplwWzWzTRNz%2BSozatxqdZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af027a1c84cb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 34 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (32341)
Hash 261af9378b3d6da2f5a4f0212a3c01ef
45237df19652131995af6053358a4a713c73330c
fcfe1f4b4bf271f62a26c7822ceffa184919908ee64845c99a88400df37821c7
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 646 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1249)
Hash 4d59385d7a019720d2fa366fa5e10562
6c31c87d1fd67579ba0156ee5b310a30cadb26dc
3c276010422a5c52835214892457d3e8d6e8e4d7b9b9c598702945e517891f3d
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 5.2 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash 7e4eb1f86db5e2a93f0ccbc7f0605677
f6484bdf3a95938abcf7bb3a4cbb50f00a458e0c
37bc8012eb8cab3901b632a0a484ccb869a04a15af188a0e8d60e019e1c73531
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 515 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (1032), with no line terminators
Hash 157682f7cef69adc4d6b509f174697bb
e2f655858fb4db390eaa986e948d256864723ac0
96b1c4b8e04c1f56acad5fcda2155712c1b8abf3b46c68fe03a4d3f40b0afc2c
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
foreyeshehadtw.com/OTNkYXYWDAcSS2MAIVQlU2UCMAFNBSU3JHxyPA40bAMHMRNoREIVH10OU1dCCAdVRwZQV1lQUEpHBRUDSg5VRx9XVQtcUE8OVU9FDR1XU1gLFRFcRx9HFAARBAJCEQJNX1lQQAEDVFFPDQtWV0AO
188.114.97.1204 No Content 0 B URL HTTP/2 foreyeshehadtw.com/OTNkYXYWDAcSS2MAIVQlU2UCMAFNBSU3JHxyPA40bAMHMRNoREIVH10OU1dCCAdVRwZQV1lQUEpHBRUDSg5VRx9XVQtcUE8OVU9FDR1XU1gLFRFcRx9HFAARBAJCEQJNX1lQQAEDVFFPDQtWV0AO
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OTNkYXYWDAcSS2MAIVQlU2UCMAFNBSU3JHxyPA40bAMHMRNoREIVH10OU1dCCAdVRwZQV1lQUEpHBRUDSg5VRx9XVQtcUE8OVU9FDR1XU1gLFRFcRx9HFAARBAJCEQJNX1lQQAEDVFFPDQtWV0AO HTTP/1.1
Host: foreyeshehadtw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwxVkQJeszrqwTyFkqdovDKfo10HNtB4szuVTHg933yQjBk5XEw%2FgJtSINeBh61c1CgGEh7uVycVIHprhuXjKFCMrVN0qoAvNKscyx8BaPLneFaumK6qD42wRqBMbEHjirBW2gM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af027a208adb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 2.3 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash c173d264301bd5ad9d201e6693c94fe3
5cc27773ffb65cacfc1d18ba3f654f8ace86f3bd
20fe4067c5a3dc9e2fb7692c5c18988996053e54064ea87ff65fe722dda478db
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
itehappymutte.com/YjhQOWQDWjNUWwMFMh8REFRtHFYkHWJ/AA9VKlICBgBiTgUbVn5aCA1NNF8WDVYkFwoHTHULIjViPFEjLwsdfyobUAZtJitAGV5RJ20XQVcgCBp4KQhuM3E2OFQaCyIkdDdwXCN6BX8sUXERexM0HWJ7KQlTCG5WCl8IQS0raGNKMiRfNw4BFXIGex4VUxRSACN0FGMHJX4jUSoOSwN8HVJTAngPOl46dzc2XyMKNCRXNnoODlIRbTI2XD5gMzNuCk4pNFc0eA4BQAF/PjdZE1EsNFQCVgAVdjRvClMJM28+N1kUfwUqbhJKPRV5KGhWEgoDCTIxXggUMhpuPGsLLH0GbjIwVGN4VDhxMX5cNWkGYEFQfhkIJTt7CAhUBm0WbgU6YRRoCDhICU4iJnkUfFQ0UAVzLSV1EncyBlczQVUmaRMIUyNfdlMXDVYgBAUwDhhjHlFeM35QUUwz
108.157.214.102200 OK 1.2 kB URL HTTP/2 itehappymutte.com/YjhQOWQDWjNUWwMFMh8REFRtHFYkHWJ/AA9VKlICBgBiTgUbVn5aCA1NNF8WDVYkFwoHTHULIjViPFEjLwsdfyobUAZtJitAGV5RJ20XQVcgCBp4KQhuM3E2OFQaCyIkdDdwXCN6BX8sUXERexM0HWJ7KQlTCG5WCl8IQS0raGNKMiRfNw4BFXIGex4VUxRSACN0FGMHJX4jUSoOSwN8HVJTAngPOl46dzc2XyMKNCRXNnoODlIRbTI2XD5gMzNuCk4pNFc0eA4BQAF/PjdZE1EsNFQCVgAVdjRvClMJM28+N1kUfwUqbhJKPRV5KGhWEgoDCTIxXggUMhpuPGsLLH0GbjIwVGN4VDhxMX5cNWkGYEFQfhkIJTt7CAhUBm0WbgU6YRRoCDhICU4iJnkUfFQ0UAVzLSV1EncyBlczQVUmaRMIUyNfdlMXDVYgBAUwDhhjHlFeM35QUUwz
IP 108.157.214.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3046), with no line terminators
Hash 03ac0584af1c1f285aa717a35534e8c5
7afdbd8e961417c3243d1357b744e3000499f862
016cb002f1d7c8257700663f9c681556158c401adb636ac1b09918b9fd9e31fd
GET /YjhQOWQDWjNUWwMFMh8REFRtHFYkHWJ/AA9VKlICBgBiTgUbVn5aCA1NNF8WDVYkFwoHTHULIjViPFEjLwsdfyobUAZtJitAGV5RJ20XQVcgCBp4KQhuM3E2OFQaCyIkdDdwXCN6BX8sUXERexM0HWJ7KQlTCG5WCl8IQS0raGNKMiRfNw4BFXIGex4VUxRSACN0FGMHJX4jUSoOSwN8HVJTAngPOl46dzc2XyMKNCRXNnoODlIRbTI2XD5gMzNuCk4pNFc0eA4BQAF/PjdZE1EsNFQCVgAVdjRvClMJM28+N1kUfwUqbhJKPRV5KGhWEgoDCTIxXggUMhpuPGsLLH0GbjIwVGN4VDhxMX5cNWkGYEFQfhkIJTt7CAhUBm0WbgU6YRRoCDhICU4iJnkUfFQ0UAVzLSV1EncyBlczQVUmaRMIUyNfdlMXDVYgBAUwDhhjHlFeM35QUUwz HTTP/1.1
Host: itehappymutte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Tue, 28 Mar 2023 13:17:42 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7_iwlYo-kmBBT3sB5ccK554LuG_BeADNfv5-6_QkZpBV7vWgXsqMuQ==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 2.6 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
Hash 0e227f637bff169fd37461a21c1111f9
06f6e6751d7fe8d13b47f1cdd9d08e410f928ea8
3608594e4dde793b95fba11e0f44ff1b22a9ccc6a264f4afc3ed3fbfb244a44c
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 6.9 kB URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
Hash 308c60143aa65985991bf33e3735636d
4c2d582d621e1259ea8bfb92e0a8b078aae857c4
e106394e21b328b996f9bb5c67e54fc4218e2053f6bcca4e19d20c72f0814c8e
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 3.5 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
Hash f4a9a32aeef18aaac4c101639d3bd50b
abb3505e8ba3edfbe08fb8531761bab97cc6fd16
87a8a4d8300b81d049eb7e508586c21fbc47f3bb9cbfdbc37e5cb8418b4a65eb
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/imageads/007.gif
91.209.70.182200 OK 286 kB URL HTTP/2 megaup.net/imageads/007.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 286 kB (286260 bytes)
Hash 22cf30a617a5dd2c867ab79ac53e6e2f
6e9a4c81ff41c74252cd08f50977d38d1b97de84
c42588d86df4e614bd8f60fef733e95b9a49b35668fe3f1294308bcd13c33eb8
GET /imageads/007.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: image/gif
content-length: 286260
last-modified: Thu, 01 Apr 2021 04:06:40 GMT
vary: Accept-Encoding
etag: "606546d0-45e34"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
104.26.3.107200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 104.26.3.107:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Fri, 21 Apr 2023 07:19:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 531125
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1uN86mlRvplz1KX8yqdQ%2FKGwJCwuW3XjAbQOUUXQg16tQz%2FUUZEp%2B%2FDwFsdQz5V0XpSUMztQsTAw6ObYEa%2FbhEwBAfzk0ZaCPNI7Z66bi%2BZskxGyLfNs5ouls0ZuS4HMEA5qgST"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027a3cdb30b31-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 282 B IP 172.64.155.188:0
Hash d986f9507590f78cb7e62b4c0072268f
35d899ad0ed0d2d280d3fbe6d6def6774cc3ae7f
a05b3b8fba96a231b432c6f2918fd32283aca4d7f312e59949b1704e707f344d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 13:17:42 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 16:43:16 GMT
Expires: Sun, 02 Apr 2023 16:43:15 GMT
Etag: "35d899ad0ed0d2d280d3fbe6d6def6774cc3ae7f"
Cache-Control: max-age=443732,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af027a38d1ab527-OSL
dmmzkfd82wayn.cloudfront.net/GVHhBUWs3Fy83VCARJWxcYklwaV1yEjI+BSRFAzJbMg0QHBhjOjEZPBpeNSsPaUhnPQo6H3x3DjobfGBNNRwjbF9yDDE+AGkBMTkKIQ0jJhElXjQwVjkXOzgHOBlkYy1hVnF0WWRQNjgFMBc2Ik5mSC8lTmZIcGFFZF1yE05mSDY4BWJMZGIpcUpxKV1gXX-ITTmZIMydOZzlwYV56SGh0WWQfJDIAO11zF1lkSXFhWmRJZGNbMhEzNA07AGRjLWVIdH9bcg18YA
54.230.245.57200 OK 606 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/GVHhBUWs3Fy83VCARJWxcYklwaV1yEjI+BSRFAzJbMg0QHBhjOjEZPBpeNSsPaUhnPQo6H3x3DjobfGBNNRwjbF9yDDE+AGkBMTkKIQ0jJhElXjQwVjkXOzgHOBlkYy1hVnF0WWRQNjgFMBc2Ik5mSC8lTmZIcGFFZF1yE05mSDY4BWJMZGIpcUpxKV1gXX-ITTmZIMydOZzlwYV56SGh0WWQfJDIAO11zF1lkSXFhWmRJZGNbMhEzNA07AGRjLWVIdH9bcg18YA
IP 54.230.245.57:0
File type ASCII text, with very long lines (838), with no line terminators
Hash 94f1546e5a42740d43606150a2747ef8
5ed84efde526f54cc4d924e37aa453c2d4c87317
100a960012f1845db7274837b90db870f5979efc8cb623f716e2ee3542c449fe
GET /GVHhBUWs3Fy83VCARJWxcYklwaV1yEjI+BSRFAzJbMg0QHBhjOjEZPBpeNSsPaUhnPQo6H3x3DjobfGBNNRwjbF9yDDE+AGkBMTkKIQ0jJhElXjQwVjkXOzgHOBlkYy1hVnF0WWRQNjgFMBc2Ik5mSC8lTmZIcGFFZF1yE05mSDY4BWJMZGIpcUpxKV1gXX-ITTmZIMydOZzlwYV56SGh0WWQfJDIAO11zF1lkSXFhWmRJZGNbMhEzNA07AGRjLWVIdH9bcg18YA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itehappymutte.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 606
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kioQNakVLFHo_SB1bS4lIfN1FGvCEe3zqBXs48V7WqHs2x7_nqOwsw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/seUw2VXgaI1gzRw0lUmhAS3kPZElfJkU6FglxV2RPPAtDHAoufhAhAh1xBnMUGCJRaF4cIlVoSV8tUjdFTWpCJRcScUM7HBwqXzsdHWpDNEUUI0w8FBUtE2c+TGIGcEpJZEE8Fh0jQSZdS3xYIV1LfAdlVklpBRddS3xBPBZPeBNmOlx+Bi1OTWkFF11LfE-QjXUoNB2VNV3wfcEpJK1M2ExZpBBNKSX0GZUlJfRNnSB8lRDAeFjQTZz5IfAN7SF85C2Q
54.230.245.57200 OK 361 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/seUw2VXgaI1gzRw0lUmhAS3kPZElfJkU6FglxV2RPPAtDHAoufhAhAh1xBnMUGCJRaF4cIlVoSV8tUjdFTWpCJRcScUM7HBwqXzsdHWpDNEUUI0w8FBUtE2c+TGIGcEpJZEE8Fh0jQSZdS3xYIV1LfAdlVklpBRddS3xBPBZPeBNmOlx+Bi1OTWkFF11LfE-QjXUoNB2VNV3wfcEpJK1M2ExZpBBNKSX0GZUlJfRNnSB8lRDAeFjQTZz5IfAN7SF85C2Q
IP 54.230.245.57:0
File type ASCII text, with very long lines (466), with no line terminators
Hash afd47ff5c66cf470d898f2204d8a0876
c6dd34b130335614e2d3b60a0187a9b55f3fdcf1
2f9f9220b8ba69c72e8afcf50ad4c73ce44f56b266d8d16082366b9aaa45b940
GET /seUw2VXgaI1gzRw0lUmhAS3kPZElfJkU6FglxV2RPPAtDHAoufhAhAh1xBnMUGCJRaF4cIlVoSV8tUjdFTWpCJRcScUM7HBwqXzsdHWpDNEUUI0w8FBUtE2c+TGIGcEpJZEE8Fh0jQSZdS3xYIV1LfAdlVklpBRddS3xBPBZPeBNmOlx+Bi1OTWkFF11LfE-QjXUoNB2VNV3wfcEpJK1M2ExZpBBNKSX0GZUlJfRNnSB8lRDAeFjQTZz5IfAN7SF85C2Q HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itehappymutte.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 361
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tIkm7PZZnQkkZvhLbByUJk02rlqE2kLcKBx9y3_bOBqeN0NfmHa7Cg==
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 22 kB URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (2546), with no line terminators
Hash 9f33368fbc1ae9065d2d55ce6c8896af
c2216e61e5d3b7c4107cb124bb06433769dff3d0
f0a95edce95318abba30a23836c3f28733d50d1afd72116292c3b0f4ed92086a
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/6OGZMSVhbCSIvZ0wPKHRgD1B/eGAeDD8mNkhbFgIBUS87Gg8OQDgzPAVWaiU5VgFxbz1WBXF4flkCLnRsHhI8JjMFHzwhOU0TLj4iSUA5KGVVCTYgNFQHaXseDUh8bGoITjsgNlwJOzp9ClYiPX0KVn15dghDfwt9ClY7IDYOUml6Gh1UfDFuDEN/C30KVj-4/fQsnfXltFlZlbGoIASkqM1dDfg9qCFd8eWkIV2l7aF4PPiw+Vx5pex4JVnlnaB4TcXg
54.230.245.57200 OK 449 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/6OGZMSVhbCSIvZ0wPKHRgD1B/eGAeDD8mNkhbFgIBUS87Gg8OQDgzPAVWaiU5VgFxbz1WBXF4flkCLnRsHhI8JjMFHzwhOU0TLj4iSUA5KGVVCTYgNFQHaXseDUh8bGoITjsgNlwJOzp9ClYiPX0KVn15dghDfwt9ClY7IDYOUml6Gh1UfDFuDEN/C30KVj-4/fQsnfXltFlZlbGoIASkqM1dDfg9qCFd8eWkIV2l7aF4PPiw+Vx5pex4JVnlnaB4TcXg
IP 54.230.245.57:0
File type ASCII text, with very long lines (589), with no line terminators
Hash 81e76706e7f9edb768a800982c3eebea
63afe75c5b6b839cb80a1a3218a5d16bcb94f9f5
0fc823695134001a09b23f3bab1ae7ef2c5f6ebe07fafb93f91d8a41cc7a3d49
GET /6OGZMSVhbCSIvZ0wPKHRgD1B/eGAeDD8mNkhbFgIBUS87Gg8OQDgzPAVWaiU5VgFxbz1WBXF4flkCLnRsHhI8JjMFHzwhOU0TLj4iSUA5KGVVCTYgNFQHaXseDUh8bGoITjsgNlwJOzp9ClYiPX0KVn15dghDfwt9ClY7IDYOUml6Gh1UfDFuDEN/C30KVj-4/fQsnfXltFlZlbGoIASkqM1dDfg9qCFd8eWkIV2l7aF4PPiw+Vx5pex4JVnlnaB4TcXg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itehappymutte.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 449
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VPgZsMpB8sPMkr2ZmdmECuHRBkuIGz7rl71ebt3oR6Hi_zmK1gZN6Q==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/WZlhGM3MFNyhVTBIxIg5EUGx3B0JAMjVcHRZlJ2FFLgI8ABUFH3IABwV+MkkXW2hgXxIIP3sVFgg7ewJVBzwkDkdALDZcGFshNlsSEy0kRAkXfjNSTgs3PFofCjljATVTdnYWQVZwMVodAjcxQFZUaChHVlRodwNdVn11cVZUaDFaHVBsYwAxQ2p2S0VSfX-VxVlRoNEVWVRl3A0ZIaG8WQVY/I1AYCX10dUFWaXYDQlZpYwFDADE0VhUJIGMBNVdocx1DQC17Ag
54.230.245.57200 OK 610 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/WZlhGM3MFNyhVTBIxIg5EUGx3B0JAMjVcHRZlJ2FFLgI8ABUFH3IABwV+MkkXW2hgXxIIP3sVFgg7ewJVBzwkDkdALDZcGFshNlsSEy0kRAkXfjNSTgs3PFofCjljATVTdnYWQVZwMVodAjcxQFZUaChHVlRodwNdVn11cVZUaDFaHVBsYwAxQ2p2S0VSfX-VxVlRoNEVWVRl3A0ZIaG8WQVY/I1AYCX10dUFWaXYDQlZpYwFDADE0VhUJIGMBNVdocx1DQC17Ag
IP 54.230.245.57:0
File type ASCII text, with very long lines (834), with no line terminators
Hash dc890b58f94f8d3cb629e97468225ec7
aa6bc848f6f8238bde1e840b7af7358e0d4ba216
ec9f07819c93d27543a25c0c53f6d1fcfa1bd2250e2b8dcc4ebcc31a6e269c8e
GET /WZlhGM3MFNyhVTBIxIg5EUGx3B0JAMjVcHRZlJ2FFLgI8ABUFH3IABwV+MkkXW2hgXxIIP3sVFgg7ewJVBzwkDkdALDZcGFshNlsSEy0kRAkXfjNSTgs3PFofCjljATVTdnYWQVZwMVodAjcxQFZUaChHVlRodwNdVn11cVZUaDFaHVBsYwAxQ2p2S0VSfX-VxVlRoNEVWVRl3A0ZIaG8WQVY/I1AYCX10dUFWaXYDQlZpYwFDADE0VhUJIGMBNVdocx1DQC17Ag HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itehappymutte.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 610
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g5dSlkikAhKvGFq-1sN1267hvd2Hx8ZofN927jrlb1nFRVX2BRuBPQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/QaXZzb1oKGR0JZR0fF1JjXU9LWW5PHAAANBlLFyYgLxQBCT0cBwRcfB0MF1JqTxoSAT1UUBYBOVRHVQ4+C0tHSS8ISx4AIAAaHw5/WzBGQWpMRENHLQAYFwAtGlNBXzQdU0Ffa1lYQ0ppK1NBXy0AGEVbf1o0Vl1qEUBHSmkrU0FfKB9TQC5rWUNdX3NMRE-MIPwodHEpoL0RDXmpZR0Nef1tGFQYoDBAcF39bMEJfb0dGVRpnWA
54.230.245.57200 OK 187 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/QaXZzb1oKGR0JZR0fF1JjXU9LWW5PHAAANBlLFyYgLxQBCT0cBwRcfB0MF1JqTxoSAT1UUBYBOVRHVQ4+C0tHSS8ISx4AIAAaHw5/WzBGQWpMRENHLQAYFwAtGlNBXzQdU0Ffa1lYQ0ppK1NBXy0AGEVbf1o0Vl1qEUBHSmkrU0FfKB9TQC5rWUNdX3NMRE-MIPwodHEpoL0RDXmpZR0Nef1tGFQYoDBAcF39bMEJfb0dGVRpnWA
IP 54.230.245.57:0
File type ASCII text, with no line terminators
Hash ee18ce6f66e5b52a076159fdeba73ef3
c66d464cbab760c2e6f60a5fe465fb4a7aeddf82
bff88865eb2512208416ebab74d5cd95648f041b6cbed662d12bd5470e86e21d
GET /QaXZzb1oKGR0JZR0fF1JjXU9LWW5PHAAANBlLFyYgLxQBCT0cBwRcfB0MF1JqTxoSAT1UUBYBOVRHVQ4+C0tHSS8ISx4AIAAaHw5/WzBGQWpMRENHLQAYFwAtGlNBXzQdU0Ffa1lYQ0ppK1NBXy0AGEVbf1o0Vl1qEUBHSmkrU0FfKB9TQC5rWUNdX3NMRE-MIPwodHEpoL0RDXmpZR0Nef1tGFQYoDBAcF39bMEJfb0dGVRpnWA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itehappymutte.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 187
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bKht64EDfl9pZC8gddhjJAbUAEf62LdjQWQr3ORjR-wzLpT4z4DYsA==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:0
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680009482772
104.26.3.107200 OK 29 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680009482772
IP 104.26.3.107:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5377), with no line terminators
Hash e5a288f0f7d0e61261e84ed40e9c0bf0
0d343361039d36ca35ba899ca2784d609924d85a
7832cf75c17f7e37aefc2fa47b47c009fe8fa1bd3d86465acd2cebeac55aec35
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680009482772 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0Zs%2BI9vfWhX6JRTcRAJEneUvH0GRyCedqdxDHiemYhzo%2ButA%2FLJZTGjRxyshbEkBI3rlkK243f5mfibaVTcwqbazFnfBSlYeFxScXymEgODOKw4%2FSpRTxcYArVL0a6ho5NkAYji"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af027a2ccb90b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9fe041d86f94c0955b807d3b411c9fe1
83fb0b2adc624d0dd7562f3a6bfce55e11ccfce6
e4da5aa3c19c4ee5c4bb0324539228134b1c0bb178324c91633d9d3ecf210ff8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4DA5AA3C19C4EE5C4BB0324539228134B1C0BB178324C91633D9D3ECF210FF8"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6276
Expires: Tue, 28 Mar 2023 15:02:18 GMT
Date: Tue, 28 Mar 2023 13:17:42 GMT
Connection: keep-alive
imp9.bidgear.com/rec?t=1&z=6192&uuid=5e4ea401e8ef40d092256822b806b936&p=28&g=NO&token=4a44335432&tbg=1680009462
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=5e4ea401e8ef40d092256822b806b936&p=28&g=NO&token=4a44335432&tbg=1680009462
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=5e4ea401e8ef40d092256822b806b936&p=28&g=NO&token=4a44335432&tbg=1680009462 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3ICe%2BJM1dBSYzADngaYLjkuhW2AKJg3SRFWBNCFbBI%2BfmWqlaxjjF5CAsAfxo4f9fW8oOlbN4zRPdqmNXz23wpEWRZeDihcz3rcec%2FsRBHMh3YSjASNy1Ibgc9QW%2FjFFCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af027a3ede40b31-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 28 Mar 2023 12:05:11 GMT
expires: Tue, 28 Mar 2023 14:05:11 GMT
cache-control: public, max-age=7200
age: 4351
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash db1f11cedde47cf778700089de6fe437
f275c6617546a36e66bba98d8909af268adac418
cba914b21c23042c7b2d1abdf15f91dc21371a3eb8221e71395ccf71f93b9e8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 13:17:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 600b67e46094ec7a1c3ae8d7ad2904d3
dd504ae4eb47813cf00a81aecd808c7a8ab5d434
3fe083b944c9bfe6d239e532f1356017758075193ee908cf9969cf07c5b0d269
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: max-age=148785
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 13:17:42 GMT
Etag: "64227319-1d7"
Expires: Thu, 30 Mar 2023 06:37:27 GMT
Last-Modified: Tue, 28 Mar 2023 04:54:49 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
itehappymutte.com/utx?cb=v6Gcb2OepjP1&top=megaup.net&tid=761186
108.157.214.102204 No Content 0 B URL HTTP/2 itehappymutte.com/utx?cb=v6Gcb2OepjP1&top=megaup.net&tid=761186
IP 108.157.214.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=v6Gcb2OepjP1&top=megaup.net&tid=761186 HTTP/1.1
Host: itehappymutte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 28 Mar 2023 13:18:42 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Go4ikru0gyRHExBCXKd-E-INqgdbKOwSFHGVoDqujgt-hX0XDKbwvg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash db1f11cedde47cf778700089de6fe437
f275c6617546a36e66bba98d8909af268adac418
cba914b21c23042c7b2d1abdf15f91dc21371a3eb8221e71395ccf71f93b9e8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 13:17:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 279 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ec5a55ea1727c63acc27a2c57da6b9a
a25b42d999e63a2466a33aaeaae6125fedfd40b7
48ec88619b2c113a507054ce2b0f95f47d85261c124bc0d4f1cde69a88e77945
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
54.230.245.57200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 54.230.245.57:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YjmZmuhPcV_RSFULwg_aZOgSjo_3327Af634v6f5VSGVq8rOTK8yog==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
95.211.229.245200 OK 972 B URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1325), with no line terminators
Hash 5b8cfd166cf76454fc4594188fe6998f
4c14185ff30f6e2e7ed1eb9428ce1752a60a5d32
fc5d82c91f5c794e3a5eade263b83c64fb7c3f8c4696fd88bd374016668778fc
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 323
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 13:17:42 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226422e8f69b3f76.572586162231909474%22%3B%7D; expires=Thu, 27-Mar-2025 13:17:42 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
itehappymutte.com/utx?cb=zuykGiajzBdr&top=megaup.net&tid=876318
108.157.214.102204 No Content 0 B URL HTTP/2 itehappymutte.com/utx?cb=zuykGiajzBdr&top=megaup.net&tid=876318
IP 108.157.214.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=zuykGiajzBdr&top=megaup.net&tid=876318 HTTP/1.1
Host: itehappymutte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 28 Mar 2023 13:18:42 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ybobJSvAbXgbWjKF5ZToWxRNiJ23tGFEefVNhbrQE8flIgkNhOGVsQ==
X-Firefox-Spdy: h2
itehappymutte.com/utx?cb=3pyrowQ5LuIg&top=megaup.net&tid=825911
108.157.214.102204 No Content 0 B URL HTTP/2 itehappymutte.com/utx?cb=3pyrowQ5LuIg&top=megaup.net&tid=825911
IP 108.157.214.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=3pyrowQ5LuIg&top=megaup.net&tid=825911 HTTP/1.1
Host: itehappymutte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 28 Mar 2023 13:18:42 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: H9c3EXc2lA_P5UZuEsrBPfTPzgrvHjXT9yzvunW2xkq-69HPmTk4Ig==
X-Firefox-Spdy: h2
itehappymutte.com/utx?cb=pOb4IpQdHDGf&top=megaup.net&tid=764141
108.157.214.102204 No Content 0 B URL HTTP/2 itehappymutte.com/utx?cb=pOb4IpQdHDGf&top=megaup.net&tid=764141
IP 108.157.214.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=pOb4IpQdHDGf&top=megaup.net&tid=764141 HTTP/1.1
Host: itehappymutte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 28 Mar 2023 13:18:42 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: T7rXwzZOv_dMdzcn7R6r-1OKjFbvo38qVYwMoWTbB80po6LtyBnX1Q==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 471 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
Hash eb2978f78249fa2030ff84708ab627b5
0003a93bc57234fba10c90bd0bd80c00d5a90884
b76d3066ba863b1aaf4f5f4fced0a48768bc34de818dc3494e89c045f41f5acf
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Mar 2023 13:17:42 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7R7YkZwV1ld6aUoEc02p9OJDql7tE6vZr0pp1uBm5IJZeVXhlZYD-q0V9-Yq7zMgxqqDdRU8Q
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Wjr3DoC1yHtapMTq6f2DuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:MXkp3fxpO2fN7XhL-HbFNQc8i-Fg4Q:Z3S931aQJ8BF_cox; Expires=Thu, 27-Mar-2025 13:17:42 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 600b67e46094ec7a1c3ae8d7ad2904d3
dd504ae4eb47813cf00a81aecd808c7a8ab5d434
3fe083b944c9bfe6d239e532f1356017758075193ee908cf9969cf07c5b0d269
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4501
Cache-Control: max-age=147128
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 13:17:42 GMT
Etag: "64227319-1d7"
Expires: Thu, 30 Mar 2023 06:09:50 GMT
Last-Modified: Tue, 28 Mar 2023 04:54:49 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QW07DMBC8ChdotI+xvdtvvkECcYAkTfiiQqJIRZrD46SowiNrx97xeGwT84P4weJB8qjtCGPqkDLABi3g0/MLofxY3sfvz+G8XFjNoiVrpiCYjrBKoEKjsqgSLsUbiJQWUY0QOqXDigMbG0SUIXx7fdyndhhd5GpFOt9upQXRuVy3ozohahnXecYkFtJGVMk6NUVpJ89N+D+l3DCIuu3mfxt0hVt/5UHvC7AP4d4ev37OM3mX31B2g54S2AoXc18bVOb+GVZPOWWuPqlG5Lwu+AVfC1hsVwEAAA==
95.211.229.245200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QW07DMBC8ChdotI+xvdtvvkECcYAkTfiiQqJIRZrD46SowiNrx97xeGwT84P4weJB8qjtCGPqkDLABi3g0/MLofxY3sfvz+G8XFjNoiVrpiCYjrBKoEKjsqgSLsUbiJQWUY0QOqXDigMbG0SUIXx7fdyndhhd5GpFOt9upQXRuVy3ozohahnXecYkFtJGVMk6NUVpJ89N+D+l3DCIuu3mfxt0hVt/5UHvC7AP4d4ev37OM3mX31B2g54S2AoXc18bVOb+GVZPOWWuPqlG5Lwu+AVfC1hsVwEAAA==
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01QW07DMBC8ChdotI+xvdtvvkECcYAkTfiiQqJIRZrD46SowiNrx97xeGwT84P4weJB8qjtCGPqkDLABi3g0/MLofxY3sfvz+G8XFjNoiVrpiCYjrBKoEKjsqgSLsUbiJQWUY0QOqXDigMbG0SUIXx7fdyndhhd5GpFOt9upQXRuVy3ozohahnXecYkFtJGVMk6NUVpJ89N+D+l3DCIuu3mfxt0hVt/5UHvC7AP4d4ev37OM3mX31B2g54S2AoXc18bVOb+GVZPOWWuPqlG5Lwu+AVfC1hsVwEAAA== HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226422e8f69b3f76.572586162231909474%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 13:17:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Thu, 27 Mar 2025 13:17:42 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
static.a-ads.com/a-ads-banners/406740/300x250?region=eu-central-1
148.251.152.47200 OK 621 kB URL HTTP/2 static.a-ads.com/a-ads-banners/406740/300x250?region=eu-central-1
IP 148.251.152.47:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 621 kB (621339 bytes)
Hash c8694e7d5d3b9a928d4d57026ac2b68b
169b9f311167e19bd5061b53fc7e4f528e3ba7a9
0c23834abdcff9f74a47b37290da55f2c84c31c82ce26d9493b39a388b51ed6a
GET /a-ads-banners/406740/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: image/gif
content-length: 621339
x-amz-id-2: G/I1TQmX7iL/Usln3AvFTKEmtDWPlVs+700t+eu3ycVndmqkEXsz5AElc2JbuHgukO+1wCH1LQI=
x-amz-request-id: FKSSVK755DA0F9QS
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:17:39 GMT
etag: "c8694e7d5d3b9a928d4d57026ac2b68b"
cache-control: max-age=315360000
x-amz-version-id: CpzkFSVTHlSKMdhV9N03JaP1PcAFvRyH
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/622879/0871cc4c75af90aa45b9ad6f8a222092b6962738.mp4
185.76.9.24206 Partial Content 43 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/622879/0871cc4c75af90aa45b9ad6f8a222092b6962738.mp4
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 28e045f16b58ee636a44de8d7261a907
0871cc4c75af90aa45b9ad6f8a222092b6962738
ea8dbb0f6909e6592b9c3fa06fa7de0764328e9d07c1f1059e6786d313061398
GET /library/622879/0871cc4c75af90aa45b9ad6f8a222092b6962738.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: video/mp4
content-length: 43445
last-modified: Mon, 08 Mar 2021 12:46:10 GMT
etag: "60461c92-a9b5"
expires: Tue, 24 Oct 2023 15:37:02 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCRS32h7/Nr0bAA
x-77-nzt-ray: af58563044099b0bf6e82264c1495e34
x-accel-expires: @1709727552
x-cache: HIT
x-age: 1817910
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-43444/43445
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 1e450df39afcb7a94ea40b4db83584cb
bf5dae5f9c5ecd382806d8273732f14c83c43402
47672835925a643ece7932bcc8f42a54a33c6c4af9065ab79f8e3b8b40335fdd
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159912
Date: Tue, 28 Mar 2023 13:17:42 GMT
Etag: "6422b69e-1d7"
Expires: Thu, 30 Mar 2023 09:42:54 GMT
Last-Modified: Tue, 28 Mar 2023 09:42:54 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZeFxyo6J0nJpTBUIrZ8TdCNLtM-E2eS_ySmDrcMmC_x_VRR7NP1Emg==
parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=Hy6PT8srMT4h
65.9.55.34204 No Content 0 B URL HTTP/2 parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=Hy6PT8srMT4h
IP 65.9.55.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=Hy6PT8srMT4h HTTP/1.1
Host: parrecleftne.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 28 Mar 2023 13:18:42 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 bc362383b5c95fa821ce42f151e2a4aa.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: WDtAu1z9xOGlr3KnMLptI42Sjbyy-O66Wxhf9c7LqkoVA1M1l4lmwQ==
X-Firefox-Spdy: h2
theharityhild.buzz/bmlFSXQ1S316RlhadmtYTEtpaxJWWnYqRFoLaH8RXgtofRAMWWhwQFZeaC9CCwwgKhENCiYqEUxFZyxMDV0jLxELRHMoQl9EcX5HXEQkKkcLRH1%2BRlZcIHxAXg8jflZCSzY%2BVkJLMSERBgg3IAAXASwlEEALMDMOTEVneERAXGdlEg8FNixYCAgpOhFCDyQlBws0
54.162.51.18200 OK 14 kB URL HTTP/2 theharityhild.buzz/bmlFSXQ1S316RlhadmtYTEtpaxJWWnYqRFoLaH8RXgtofRAMWWhwQFZeaC9CCwwgKhENCiYqEUxFZyxMDV0jLxELRHMoQl9EcX5HXEQkKkcLRH1%2BRlZcIHxAXg8jflZCSzY%2BVkJLMSERBgg3IAAXASwlEEALMDMOTEVneERAXGdlEg8FNixYCAgpOhFCDyQlBws0
IP 54.162.51.18:0
File type ASCII text, with very long lines (33871)
Hash b638c51b0d5e13a9029ea23e8099fedc
396e2b92da42e4a213cce11322c29a280c91e5d1
1350f7e15418a71b7d2dbfd4e967914d28da1b687ce9c78a294e756e0bbe5853
GET /bmlFSXQ1S316RlhadmtYTEtpaxJWWnYqRFoLaH8RXgtofRAMWWhwQFZeaC9CCwwgKhENCiYqEUxFZyxMDV0jLxELRHMoQl9EcX5HXEQkKkcLRH1%2BRlZcIHxAXg8jflZCSzY%2BVkJLMSERBgg3IAAXASwlEEALMDMOTEVneERAXGdlEg8FNixYCAgpOhFCDyQlBws0 HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 73ccc59a93f4187736d28d631c8e5d12=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8449-dpzPpdgixDs0VDZe1CZgWxmeRbg"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Tue, 28 Mar 2023 14:25:05 GMT
Date: Tue, 28 Mar 2023 13:17:43 GMT
Connection: keep-alive
pogothere.xyz/asd100.bin
188.114.97.1200 OK 102 kB IP 188.114.97.1:0
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3166
last-modified: Tue, 28 Mar 2023 12:24:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLtJqOm%2BQ5O7nAyRNYaqj9RVPm%2BpO1TuPFBbn3wp5HN1Xms9hXm5saHuWj0dau381MPLAXQhXDJSS%2BJ4tJ45qZnVPw6Vz0iVOJ4c4oeejQmFrqPS4p5OwGN1qJmJEVhW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027a52cfcfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Tue, 28 Mar 2023 14:25:05 GMT
Date: Tue, 28 Mar 2023 13:17:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Tue, 28 Mar 2023 14:25:05 GMT
Date: Tue, 28 Mar 2023 13:17:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada29e049501b12a35b0bcc5f68e3e57
5c1ba9bffbcc9007e7f119dbb3197db34a12f8da
b45583b5845129386a456e03fbdba25305c8d6d9fb5a8f01d783816ced080629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10744
x-amzn-requestid: d693d820-7eed-47a3-9b0b-8f43c141bd3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbogF0poAMFTAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-22ab350146e8a3a606f74c42;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: KAI78tfv0ATn1DQvBGyodBs9UWsIGdj1Fa50KowbUAO4ab2ceaYhMw==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:49:26 GMT
age: 55697
etag: "5c1ba9bffbcc9007e7f119dbb3197db34a12f8da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
188.114.97.1200 OK 110 kB IP 188.114.97.1:0
Size 110 kB (109937 bytes)
Hash 198f7c30ffabaa3b14b150463ecd35f2
b671b428d120aa009ea366185e79be43325697c8
e9618d0b2a9013852cf4ca8965cabcd6e781997996bc8a0a1b8f9152625b7929
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3166
last-modified: Tue, 28 Mar 2023 12:24:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYW%2Fk9Z7SzRQTKG8%2FIM11aDZ7%2FxHWLKP1ecd6thO9zaC7xOnzUxznsD5hEIYwluFvIJUTgpmsbEmmwyKb6aCIz%2Ftz28JELaerLo52b%2F5igo2oaMeZn7oewgEDqcvK%2FQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027a51cf6fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
188.114.97.1200 OK 9.0 kB IP 188.114.97.1:0
File type ASCII text, with no line terminators
Hash 0eb1a199c3f83bccc9c6ae75b24480b2
efa229b16245561c2ce6f7e103aded6eb24a7cfc
e0ac00a996037ed44b58d776daf6204834673c3b4f954fd2c47b89db5b7d8f24
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: text/plain
set-cookie: csu=1750291189723915@1@1680009462; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWeIwnfGem4hcf9LCM6hPWzFgCs9fh1YcEY0kYFrC8iZI17CyxSvi6VGLNiQB%2FvLD%2FCAzGPv8qHvTKdu9NSo2JlXhuV6Ub2R%2BDBnXLzZwXZcDzmcLm3aWUtMo1ehCUFn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af027a53cfefab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 10:12:21 GMT
age: 11122
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee9c83faa5fdb77ba988a41207800b0e
4ac4c600767de39c5134cb97f78fcb29a681ee18
9039f7232ada16ae6d8a447225a15ef949c705a6f9e7aa20b367d001cd88c94f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11894
x-amzn-requestid: 8b0857c4-1333-45b7-84de-cf3ea7a3240e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdburGzXoAMF2Cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cc4-005cc42d48948a3e0ef56b08;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:12 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: fw1M0poEZrxuB51jVwizwBuvn_JY1jaEFXGsRor3wj-OSCfU-lUuIQ==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:05:18 GMT
etag: "4ac4c600767de39c5134cb97f78fcb29a681ee18"
content-type: image/jpeg
age: 54745
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=bb28d918-da3d-4cc3-b629-5aa52a5dcce4&ts=1680009483347
34.196.72.114200 OK 7.4 kB URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=bb28d918-da3d-4cc3-b629-5aa52a5dcce4&ts=1680009483347
IP 34.196.72.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f
OPTIONS /x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=bb28d918-da3d-4cc3-b629-5aa52a5dcce4&ts=1680009483347 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 92b0ac63-de14-4715-b512-8740c94052e6
x-api-version: 0.46.10
X-Firefox-Spdy: h2
itehappymutte.com/multi?cs=VU9CQXpgenR1T2R%2Bd3VDbH91cU8&abt=0&red=1&sm=76&k=download%20file%20sc22307%20dltwosh%20part01&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=136.6120218579235&ref=https%3A%2F%2Fmegaup.net%2F176vy%2Fsc22307-DLTWOSH.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Khu5=1680009483430&crc=1
108.157.214.102200 OK 1.6 kB URL HTTP/2 itehappymutte.com/multi?cs=VU9CQXpgenR1T2R%2Bd3VDbH91cU8&abt=0&red=1&sm=76&k=download%20file%20sc22307%20dltwosh%20part01&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=136.6120218579235&ref=https%3A%2F%2Fmegaup.net%2F176vy%2Fsc22307-DLTWOSH.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Khu5=1680009483430&crc=1
IP 108.157.214.102:0
File type ASCII text, with very long lines (3307), with no line terminators
Hash 707a07efbc4501e3b81c8972627e5f44
66e1a1febed98aa71addffd385ed417360543b45
7e7fa40e42513fbe4f2db4140a5b9563e73f24ea89cabac3421c2e761eb8edd2
GET /multi?cs=VU9CQXpgenR1T2R%2Bd3VDbH91cU8&abt=0&red=1&sm=76&k=download%20file%20sc22307%20dltwosh%20part01&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=136.6120218579235&ref=https%3A%2F%2Fmegaup.net%2F176vy%2Fsc22307-DLTWOSH.part01.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Khu5=1680009483430&crc=1 HTTP/1.1
Host: itehappymutte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1573
date: Tue, 28 Mar 2023 13:17:43 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=3af393ee-eec8-4bfa-bd81-360ffa884f1a
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: FI0SCXRad51yIjw9pKKhaGYbE1zfF8njpa51cpF1WeWqE670dM9Eeg==
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1680009483095
34.196.72.114200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1680009483095
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1680009483095 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.11
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzE3NnZ5L3NjMjIzMDctRExUV09TSC5wYXJ0MDEucmFy
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:43 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 244fe72e-543a-4e2f-a897-deef37b82356
x-api-version: 0.46.10
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6; _ga=GA1.2.1542905183.1680009483; _gid=GA1.2.2083835059.1680009483; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:43 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 26 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (2241), with CRLF line terminators
Hash 0e5ecc3596714edbf2ee9919c493f507
a407cecf18c8976883911dffec8cc002225d5f81
0c5eb60a29ba39aea451e1d7be7ce70c6969b39313201dde36bc1088fa8663ca
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
104.26.3.51200 OK 20 kB URL HTTP/2 cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 104.26.3.51:0
File type Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash 5d36b05e714ab49aed18715fd6045f74
4574b38f7d160ded1fd5f30de3241dacdc465a0e
aaa6e7e1f98c96aca744051ab39a346ff8494aa1703b9a96545db4fbbc8b4097
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:43 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"7ff55b7265a6d704f52d31c2e9cb60be"
last-modified: Mon, 27 Mar 2023 13:10:05 GMT
x-amz-id-2: MWlTInne54brUjGxT8P+0oz5IqhMeQ9/f1lUcaukziCCID04GmA8XAulVTyDixnn86fofxKa0ug=
x-amz-request-id: T3SDQ18TEHXF6TM0
cache-control: max-age=86400
cf-cache-status: HIT
age: 250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLDwPlEXWN2alESha%2FUaCU48nXBtEJUz0dtxeSXDoW1iyyjy9ttOikSd%2FUCueoVXQNXJMl%2FO%2Fnf6CnmeFLgYfkXGN9d57nZBxKzNNTxqgHa47sYJrq%2Bf6epmNGGhzUU%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027aa0c93b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2001
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:43 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7af027aaef640b49-OSL
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.9.169200 OK 23 kB IP 104.26.9.169:0
File type ASCII text, with very long lines (65354)
Hash 0ffb2c9b6dd933ae18ab7dc729d58e69
bb88b2f3fc47452873348d1cdcb7ea3d4a2bbc10
0cd0e55fa43693dfe4b04a225bf7774eb3f66e232828f8d661547728475a12f2
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 13:17:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 1331975
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TaNWh2w3uLiIyg%2FFWd9Ij8Tr7jbpQD8C3zaRBM4rbRxyU7VYEFiX%2BGIU9P1pTLwkvLvs6NBeXR7V4sMHmvogvPloPsxCOXCtsfQf%2Fpmc%2Bb7X%2FXzSHKf34CEjY5I1GVp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7af027ab0abd1bfe-OSL
Content-Encoding: br
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f3db3accfba84ad9613969af076cf2c3
e8afa596b8861e2fa99b3f62dcaa8d5c3b8dfe54
37baee52cc4e215972511ddb6d9129a9f2d88855663198e07dd6e2a570ebb5ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37BAEE52CC4E215972511DDB6D9129A9F2D88855663198E07DD6E2A570EBB5BA"
Last-Modified: Mon, 27 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4063
Expires: Tue, 28 Mar 2023 14:25:26 GMT
Date: Tue, 28 Mar 2023 13:17:43 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 60b4b07d59dbdd7807e3bc9ceb40c3ba
fdcd14cfb7e0693a81abe2553421455edca61336
8f95b92305d4ee2fbaca71d9fb696702756333cdddce943a1975affaa9f917da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4150
Cache-Control: max-age=133472
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 13:17:43 GMT
Etag: "64223f21-1d7"
Expires: Thu, 30 Mar 2023 02:22:15 GMT
Last-Modified: Tue, 28 Mar 2023 01:13:05 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1439
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Tue, 28 Mar 2023 13:17:42 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="a67adb8c2177a7d6"; Path=/; HttpOnly
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 704
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:43 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:43 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027abefd50afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1680009484069
34.196.72.114200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1680009484069
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
OPTIONS /x/init?ts=1680009484069 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:43 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 409dbcf6-351a-4029-88c8-97cec7aa8087
x-api-version: 0.46.10
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8d89be83374f516673ad6ebb04ffda31
ca8c9c5379c564e5c8be32958a4490df00262963
4dc9662f6e9e21f8437f844c47540efbb247eefe0250c9906baccb48eb084b38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DC9662F6E9E21F8437F844C47540EFBB247EEFE0250C9906BACCB48EB084B38"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1219
Expires: Tue, 28 Mar 2023 13:38:02 GMT
Date: Tue, 28 Mar 2023 13:17:43 GMT
Connection: keep-alive
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 13:17:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
fm5xk8wvtav9.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 fm5xk8wvtav9.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: fm5xk8wvtav9.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 13:17:43 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e19e7ae3b7d1ffbcd7ab25777f91e0df
1e8290ce881dce150849c1863620e0c426bd30eb
e08227903eb1191994dcd343220e9e2dc48bb94946cb6c676630c24ae8ec7ae8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E08227903EB1191994DCD343220E9E2DC48BB94946CB6C676630C24AE8EC7AE8"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1172
Expires: Tue, 28 Mar 2023 13:37:16 GMT
Date: Tue, 28 Mar 2023 13:17:44 GMT
Connection: keep-alive
fm5xk8wvtav9.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 fm5xk8wvtav9.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: fm5xk8wvtav9.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 13:17:44 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 132 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash b42eca99f4f142e22b99dad0880f0945
c75612ff17ee5fcf3622546e1fc367b1d4e67cfc
50bde3f88a0dab47892d088d39fea08ebe89941192a32f875d15957249e7fa54
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Length: 1978
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 13:17:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8ac8d9cdf223e611b7f8416c986c1b2e
22410c6eb7ebc2e9ea54618ec5aca74fa46dbeaa
ad997ef489632d7cf36a034a50b1926463ef042bfe9064156514903b90d0e4a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD997EF489632D7CF36A034A50B1926463EF042BFE9064156514903B90D0E4A7"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16406
Expires: Tue, 28 Mar 2023 17:51:10 GMT
Date: Tue, 28 Mar 2023 13:17:44 GMT
Connection: keep-alive
api.purpleads.io/x/b/?idx=1&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=bb28d918-da3d-4cc3-b629-5aa52a5dcce4&demand=unifiedPb&ts=1680009484649
34.196.72.114200 OK 121 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=bb28d918-da3d-4cc3-b629-5aa52a5dcce4&demand=unifiedPb&ts=1680009484649
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b3693f555f151daa9900af400ff20ecb
e7b349dec5a78db4db6d2b5414bd5914a324bfc9
609c1364dfb2a33dd6214fc0f7f7223725110494fc430e8ef9be55b3826a3e21
OPTIONS /x/b/?idx=1&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=bb28d918-da3d-4cc3-b629-5aa52a5dcce4&demand=unifiedPb&ts=1680009484649 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:44 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 133e1b34-db47-442f-ad39-a6d09bf9c4b6
x-api-version: 0.46.10
X-Firefox-Spdy: h2
engine.4dsply.com/verify?sig=BAYAZCLo-AFkIuj4gAGBAcAAIAe8LOGWC3fgbpbSKfvwtpX6J6GeVd9MuOI0t3-bXuoowQAgEpUvKSAEOf360GWqoaWmEfRGnP_V1bd9ib-XQFppIzQ
104.16.159.17200 OK 17 B URL HTTP/2 engine.4dsply.com/verify?sig=BAYAZCLo-AFkIuj4gAGBAcAAIAe8LOGWC3fgbpbSKfvwtpX6J6GeVd9MuOI0t3-bXuoowQAgEpUvKSAEOf360GWqoaWmEfRGnP_V1bd9ib-XQFppIzQ
IP 104.16.159.17:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f9bf086d73f8b7cc483324aedb224ed0
be03b282679354a90df7b59b4c92da6e8caeaccc
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
GET /verify?sig=BAYAZCLo-AFkIuj4gAGBAcAAIAe8LOGWC3fgbpbSKfvwtpX6J6GeVd9MuOI0t3-bXuoowQAgEpUvKSAEOf360GWqoaWmEfRGnP_V1bd9ib-XQFppIzQ HTTP/1.1
Host: engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:44 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
x-adscore-status: bot
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027b14ca3b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.9.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Tue, 28 Mar 2023 13:17:44 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 408139
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vtTj2E82t0UDvPUN5w7YLiqRqTkvqxepe6eu0EPmE3Rg4q8tf1vJLBlfOR3OU1pXEjIRL6LFz5teohrH5K3rqWfCNGZxzsoE3aRcUGhWGy3tb7hMIHQ%2BA2Dc0qB52hg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7af027b20fcfb524-OSL
script.4dex.io/adagio.js
104.26.9.169304 Not Modified 0 B IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:17 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Tue, 28 Mar 2023 13:17:44 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 1331976
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtlrTEFTpPTjgQVe3kExneqiwVxWRAfAorn6qjnVt%2Fkc7kYO17XSJqfo9jzo2XlY8Gs0eRv00w9NdXFxxKNLEbho0yCpDJb9qNF1RWggSIvC4ZZWaRP1aLi%2BKSMkJCfU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7af027b22aa91bfe-OSL
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1420
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Tue, 28 Mar 2023 13:17:43 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="a67adb8c2177a7d6"; Path=/; HttpOnly
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2101
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7af027b21f100b49-OSL
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 739
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 28 Mar 2023 13:17:44 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
fm5xk8wvtav9.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 fm5xk8wvtav9.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: fm5xk8wvtav9.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 13:17:44 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
api.purpleads.io/x/b/?idx=1&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&demand=unifiedPb&ts=1680009485502
34.196.72.114200 OK 121 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&demand=unifiedPb&ts=1680009485502
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 74045b74fd8fa0f981ace085bc9faf81
b1c90aee5ffeb18915ed7c59fa5ee9359db39dc9
b8c01d2a6fa9a73e22d7b4d5c826dfaa603c9e82da3e93f85b96d0bad3c7bb0d
OPTIONS /x/b/?idx=1&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&demand=unifiedPb&ts=1680009485502 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:44 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: afa7620c-31ba-4dc6-a9d0-530cc8e853c2
x-api-version: 0.46.10
X-Firefox-Spdy: h2
bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RTy4scRRivifEQPPhAD0KE8aYgs93z2O0xSDAmkWAeSx7sTaiuqt79Mj1VTVX39OyeFgXJSUY8mGPtb1%2Boq5g%2FQJReL7IgZC6yovsvKArBo8xkzOgH3d%2Fj91H86vt%2B9dFWccICFPx4%2BZrZoDTlC51GUH9thbQ0patfv10Pg0Zwrr5CerF9rj6c%2FOzgzTDoNILX6%2B8q0TMLzSAMgjAI65fJqsQMF6YoKDvoho1u0Gg3G2GnjaH1cEUNjtcgByfsBZAcP7324wOQqKD731xUrpeb7I1L%2FSLlubEYyP07uqdNqdGfh4mtIdH7s24YN2bs%2FikYvT9jDTPYmbBGTGNW%2BzlErPdn1BAPdh%2Bzi1MojVg%2Bg3JQQaUViFcQ5kOQfMgAIXH9BnR%2F77qxJV9%2FjPIJOmanH%2F0FKsfs9G8vQve%2FvpDSsH7LpEVORjsMEw8aVqDVCllxiHyDgcpDiPwDkPyJLTy6Ct3fueFSA5J%2BenuiCpRUSNUI3DEUk48YiqSGIquhL4%2FrvNNNgmApiZNWK2oLIVotITrRouzIVjtKAhRiQm%2BEPBtBpCMIu4nMbqJHI9jiY5CrUHAPyjwytxc1O90whBJH5%2F9mUwOn43oYd4KlSHaUDALZWep2oiDsyqUwVkIlYZIgpqPzzxbPXbvzyl2kxKD40Xd%2FzA5w2kMXfltb8rDqiM1s28r86PyTrjUPJxlczjCQHqViKB1DyRlKYihzhnLgd2Xqms7vydQVcTjzzZlv%2BW2Tr%2Fpdk68qzbayE%2Fb8dDd%2FivfRU8f1JBDNKOm2W82o3e3GkWwvtRajRSlCGal2JOHo3wmQOwXuatigMXvp19%2BRTWQjP0XMD%2BHSQwh6Fbw4C1568DWPDe0hzUFsTI9LShvC9JHlZ5Cv17bSE%2FbylMfi%2FXv%2FG62wHpn1uEs%2FMKym97ZvmpLt3DSlYw9uZDn1aYNP9HMr57l66ov31HpprLxy0Y0%2Bf1tMgEl4cFu5%2FCrXkvSqY19eICmVvWysUOzbK25FxcuFW7tQWF1kV5ffuXyln1nlHBldgdPDS59B0Jid%2BeSX6cs4%2B9VbIFvBFh794smqQKaCyDbhsnnNGQabzvM4YygLv22b8bw4EUM63zl47OH%2Bk8fzeMt9D0ceuWP%2FAAAA%2F%2F8BAAD%2F%2F9IganKDBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1680009463&pid=91283&sub2=icon&auid=1b5078d5ed00d57958019d71becef1ff&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
172.67.159.187307 Temporary Redirect 0 B URL HTTP/2 bookadil.com/winnotice?sid=H4sIAAAAAAAC%2F1RTy4scRRivifEQPPhAD0KE8aYgs93z2O0xSDAmkWAeSx7sTaiuqt79Mj1VTVX39OyeFgXJSUY8mGPtb1%2Boq5g%2FQJReL7IgZC6yovsvKArBo8xkzOgH3d%2Fj91H86vt%2B9dFWccICFPx4%2BZrZoDTlC51GUH9thbQ0patfv10Pg0Zwrr5CerF9rj6c%2FOzgzTDoNILX6%2B8q0TMLzSAMgjAI65fJqsQMF6YoKDvoho1u0Gg3G2GnjaH1cEUNjtcgByfsBZAcP7324wOQqKD731xUrpeb7I1L%2FSLlubEYyP07uqdNqdGfh4mtIdH7s24YN2bs%2FikYvT9jDTPYmbBGTGNW%2BzlErPdn1BAPdh%2Bzi1MojVg%2Bg3JQQaUViFcQ5kOQfMgAIXH9BnR%2F77qxJV9%2FjPIJOmanH%2F0FKsfs9G8vQve%2FvpDSsH7LpEVORjsMEw8aVqDVCllxiHyDgcpDiPwDkPyJLTy6Ct3fueFSA5J%2BenuiCpRUSNUI3DEUk48YiqSGIquhL4%2FrvNNNgmApiZNWK2oLIVotITrRouzIVjtKAhRiQm%2BEPBtBpCMIu4nMbqJHI9jiY5CrUHAPyjwytxc1O90whBJH5%2F9mUwOn43oYd4KlSHaUDALZWep2oiDsyqUwVkIlYZIgpqPzzxbPXbvzyl2kxKD40Xd%2FzA5w2kMXfltb8rDqiM1s28r86PyTrjUPJxlczjCQHqViKB1DyRlKYihzhnLgd2Xqms7vydQVcTjzzZlv%2BW2Tr%2Fpdk68qzbayE%2Fb8dDd%2FivfRU8f1JBDNKOm2W82o3e3GkWwvtRajRSlCGal2JOHo3wmQOwXuatigMXvp19%2BRTWQjP0XMD%2BHSQwh6Fbw4C1568DWPDe0hzUFsTI9LShvC9JHlZ5Cv17bSE%2FbylMfi%2FXv%2FG62wHpn1uEs%2FMKym97ZvmpLt3DSlYw9uZDn1aYNP9HMr57l66ov31HpprLxy0Y0%2Bf1tMgEl4cFu5%2FCrXkvSqY19eICmVvWysUOzbK25FxcuFW7tQWF1kV5ffuXyln1nlHBldgdPDS59B0Jid%2BeSX6cs4%2B9VbIFvBFh794smqQKaCyDbhsnnNGQabzvM4YygLv22b8bw4EUM63zl47OH%2Bk8fzeMt9D0ceuWP%2FAAAA%2F%2F8BAAD%2F%2F9IganKDBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1680009463&pid=91283&sub2=icon&auid=1b5078d5ed00d57958019d71becef1ff&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 172.67.159.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTy4scRRivifEQPPhAD0KE8aYgs93z2O0xSDAmkWAeSx7sTaiuqt79Mj1VTVX39OyeFgXJSUY8mGPtb1%2Boq5g%2FQJReL7IgZC6yovsvKArBo8xkzOgH3d%2Fj91H86vt%2B9dFWccICFPx4%2BZrZoDTlC51GUH9thbQ0patfv10Pg0Zwrr5CerF9rj6c%2FOzgzTDoNILX6%2B8q0TMLzSAMgjAI65fJqsQMF6YoKDvoho1u0Gg3G2GnjaH1cEUNjtcgByfsBZAcP7324wOQqKD731xUrpeb7I1L%2FSLlubEYyP07uqdNqdGfh4mtIdH7s24YN2bs%2FikYvT9jDTPYmbBGTGNW%2BzlErPdn1BAPdh%2Bzi1MojVg%2Bg3JQQaUViFcQ5kOQfMgAIXH9BnR%2F77qxJV9%2FjPIJOmanH%2F0FKsfs9G8vQve%2FvpDSsH7LpEVORjsMEw8aVqDVCllxiHyDgcpDiPwDkPyJLTy6Ct3fueFSA5J%2BenuiCpRUSNUI3DEUk48YiqSGIquhL4%2FrvNNNgmApiZNWK2oLIVotITrRouzIVjtKAhRiQm%2BEPBtBpCMIu4nMbqJHI9jiY5CrUHAPyjwytxc1O90whBJH5%2F9mUwOn43oYd4KlSHaUDALZWep2oiDsyqUwVkIlYZIgpqPzzxbPXbvzyl2kxKD40Xd%2FzA5w2kMXfltb8rDqiM1s28r86PyTrjUPJxlczjCQHqViKB1DyRlKYihzhnLgd2Xqms7vydQVcTjzzZlv%2BW2Tr%2Fpdk68qzbayE%2Fb8dDd%2FivfRU8f1JBDNKOm2W82o3e3GkWwvtRajRSlCGal2JOHo3wmQOwXuatigMXvp19%2BRTWQjP0XMD%2BHSQwh6Fbw4C1568DWPDe0hzUFsTI9LShvC9JHlZ5Cv17bSE%2FbylMfi%2FXv%2FG62wHpn1uEs%2FMKym97ZvmpLt3DSlYw9uZDn1aYNP9HMr57l66ov31HpprLxy0Y0%2Bf1tMgEl4cFu5%2FCrXkvSqY19eICmVvWysUOzbK25FxcuFW7tQWF1kV5ffuXyln1nlHBldgdPDS59B0Jid%2BeSX6cs4%2B9VbIFvBFh794smqQKaCyDbhsnnNGQabzvM4YygLv22b8bw4EUM63zl47OH%2Bk8fzeMt9D0ceuWP%2FAAAA%2F%2F8BAAD%2F%2F9IganKDBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1680009463&pid=91283&sub2=icon&auid=1b5078d5ed00d57958019d71becef1ff&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: bookadil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
date: Tue, 28 Mar 2023 13:17:45 GMT
content-length: 0
location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-request-id: b451b9e69679768bfb23c8e3c78a3d94
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B%2BERzbtHo4VthdfoJFFuuzo%2BC2YnH2qte4%2FdW3dmH0K%2FoCAqnBidHWl30TriZzCzAW%2FtUS8kYXC6vnmHr2U%2FP53YKshTAdhRsvp%2BVTX5GKUhv0588uiExHrA7pAHX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027b84ef6b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6208588e2c801b0c7ec557287d80f166
71079a8192940c19ab84d33039fc1fa437066cb3
c169a24f728f1679d861ab53a26a09ece1905057c53a6a316229cf493317e41a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C169A24F728F1679D861AB53A26A09ECE1905057C53A6A316229CF493317E41A"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16424
Expires: Tue, 28 Mar 2023 17:51:29 GMT
Date: Tue, 28 Mar 2023 13:17:45 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.10200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:46 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Thu, 30 Mar 2023 13:17:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
147.75.85.234204 No Content 0 B URL HTTP/2 prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Tue, 28 Mar 2023 13:17:46 GMT
server: envoy
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="a67adb8c2177a7d6"; Path=/; HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
147.75.85.234204 No Content 0 B URL HTTP/2 prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Tue, 28 Mar 2023 13:17:47 GMT
server: envoy
x-envoy-upstream-service-time: 7
set-cookie: X-Contour-Session-Affinity="a67adb8c2177a7d6"; Path=/; HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6; _ga=GA1.2.1542905183.1680009483; _gid=GA1.2.2083835059.1680009483; _gat_gtag_UA_108868042_1=1; a=dI9PCOmH3mChBiJDnJh0zlaexKvfQZay; token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAZCLo-AFkIuj4gAGBAcAAIAe8LOGWC3fgbpbSKfvwtpX6J6GeVd9MuOI0t3-bXuoowQAgEpUvKSAEOf360GWqoaWmEfRGnP_V1bd9ib-XQFppIzQ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:48 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5c2fd0f732615f443f32d4b1cb195b9e
ec0c754db823278ba205e5908eaac08968f08277
baa5183d4201d9da80bad86c278c3abbd57054d7ff583e68ea2f8955a1adf0a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAA5183D4201D9DA80BAD86C278C3ABBD57054D7FF583E68EA2F8955A1ADF0A8"
Last-Modified: Sun, 26 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5330
Expires: Tue, 28 Mar 2023 14:46:39 GMT
Date: Tue, 28 Mar 2023 13:17:49 GMT
Connection: keep-alive
imgspics.com/ie?v=4&c=ZouA0oe2T64J_Z90WvEqLq3X-TtOgqTDUgtMHPVd02GJGPZroBLx8U5s71t_rg26Z3xxPOKtlamcwtjd-zBtmtyRUG_24H8274zan08hUeT8bfWLlgOKSZL-jdLzArJXDvIlSvK2Cv5tnAsSd8WUuNie4cfLnJZL1gV0hlWKC0HgjqtboR4MG9loDrxrr84vdlVQemoDk-UWNbweeRgragDP8ViE1odl92222URVc9lci40pjbCFIEPAO2ZvobInOP_Ctwn8H-OCnms8FraaTVyoZo_4BMA3W8D9jxycOOa3P7-EPPS7-dwgk4H0gAMqKY2OXHBuEl6Ka4aY2afU1Zn9VKZ08I2N9xnr5jGL6dIQpQ0l7c8AlGTXczVEV7YlLnwHiESJW7tq95C0IYE0aDu6cpKYHw1G2BBsKDO9bQ==&v1=79&v2=68678
213.239.207.252301 Moved Permanently 0 B URL HTTP/1.1 imgspics.com/ie?v=4&c=ZouA0oe2T64J_Z90WvEqLq3X-TtOgqTDUgtMHPVd02GJGPZroBLx8U5s71t_rg26Z3xxPOKtlamcwtjd-zBtmtyRUG_24H8274zan08hUeT8bfWLlgOKSZL-jdLzArJXDvIlSvK2Cv5tnAsSd8WUuNie4cfLnJZL1gV0hlWKC0HgjqtboR4MG9loDrxrr84vdlVQemoDk-UWNbweeRgragDP8ViE1odl92222URVc9lci40pjbCFIEPAO2ZvobInOP_Ctwn8H-OCnms8FraaTVyoZo_4BMA3W8D9jxycOOa3P7-EPPS7-dwgk4H0gAMqKY2OXHBuEl6Ka4aY2afU1Zn9VKZ08I2N9xnr5jGL6dIQpQ0l7c8AlGTXczVEV7YlLnwHiESJW7tq95C0IYE0aDu6cpKYHw1G2BBsKDO9bQ==&v1=79&v2=68678
IP 213.239.207.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=ZouA0oe2T64J_Z90WvEqLq3X-TtOgqTDUgtMHPVd02GJGPZroBLx8U5s71t_rg26Z3xxPOKtlamcwtjd-zBtmtyRUG_24H8274zan08hUeT8bfWLlgOKSZL-jdLzArJXDvIlSvK2Cv5tnAsSd8WUuNie4cfLnJZL1gV0hlWKC0HgjqtboR4MG9loDrxrr84vdlVQemoDk-UWNbweeRgragDP8ViE1odl92222URVc9lci40pjbCFIEPAO2ZvobInOP_Ctwn8H-OCnms8FraaTVyoZo_4BMA3W8D9jxycOOa3P7-EPPS7-dwgk4H0gAMqKY2OXHBuEl6Ka4aY2afU1Zn9VKZ08I2N9xnr5jGL6dIQpQ0l7c8AlGTXczVEV7YlLnwHiESJW7tq95C0IYE0aDu6cpKYHw1G2BBsKDO9bQ==&v1=79&v2=68678 HTTP/1.1
Host: imgspics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Tue, 28 Mar 2023 13:17:49 GMT
content-length: 0
location: https://img.vmmcdn.com/get/7609021/200747_icon.png
x-app-id: 12
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6b811345ad6b6dcd42727796e28dc5ae
442e3b63ddccd2305afd1eaa663a8cdb7ef58e8a
2ca0a4822b2f8afb7cc0f5cabcac9e0bd5b7aeadad93211e7a29bb21fe468615
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CA0A4822B2F8AFB7CC0F5CABCAC9E0BD5B7AEADAD93211E7A29BB21FE468615"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=657
Expires: Tue, 28 Mar 2023 13:28:46 GMT
Date: Tue, 28 Mar 2023 13:17:49 GMT
Connection: keep-alive
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
188.114.97.1200 OK 0 B IP 188.114.97.1:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3166
last-modified: Tue, 28 Mar 2023 12:24:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMTepRLQi69AJeFK0TCaKNNaBnDXgngH18RoeonxcOQ8pk5hxd79rLIv25zpiG%2Fhlh4HC6ma8jKQv0B%2BembTN6gmkJLx%2BmQypqgPm3qcPxO1JjimFgol15mr9Ax1tAoN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027a50ceafab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 3siz1m/+SZXSM5mvLNj6rsk4N1msE1j8FgeBLiuYeE5vhFKaWlXRZqrn6tH/1M47lzfoVomX7RJUFY/abhOjuw==
date: Tue, 28 Mar 2023 13:17:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&ts=1680009484579
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&ts=1680009484579
IP 34.196.72.114:0
OPTIONS /x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&ts=1680009484579 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:44 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 91d479ef-4265-4840-bc9e-b9ebcad8b2df
x-api-version: 0.46.10
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:43 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 28 Apr 2023 13:17:43 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 312100
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027ab3936b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&ts=1680009484579
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&ts=1680009484579
IP 34.196.72.114:0
GET /x/b/?idx=0&pid=50e0cb79bb1e4331b309bc106ad81092&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=7035b2e6-e61b-4250-849c-96640619c737&ts=1680009484579 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.11
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzE3NnZ5L3NjMjIzMDctRExUV09TSC5wYXJ0MDEucmFy
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:44 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 458f3c87-678a-4e69-a5dd-22e214d4527e
x-api-version: 0.46.10
set-cookie: pa-user-id=d5825d87-e881-4b7e-aca6-5a4368d284b9; Domain=.purpleads.io; Path=/
pa-user-id: d5825d87-e881-4b7e-aca6-5a4368d284b9
etag: W/"c0d-eDwyJHPGw0DrExzjBP8eKM3MfT0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Mar 2023 13:17:42 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TSSzSk18YMJ4X2HhqzWsNJXlC_GNCfLc_AiINWaZdzAyOkvxVj8RV1itcLfFHgHnhba9dl0w
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-NWKX1ktfLs9SPrSj48rPWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:uNYJz__b3zP8eiYGrO5UmTjgz3C2ZQ:PAgHM2fc-8LPP45o; Expires=Thu, 27-Mar-2025 13:17:42 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
148.251.152.47200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 148.251.152.47:0
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/176vy/sc22307-DLTWOSH.part01.rar
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/176vy/sc22307-DLTWOSH.part01.rar
IP 91.209.70.182:0
GET /176vy/sc22307-DLTWOSH.part01.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6; expires=Wed, 29-Mar-2023 13:17:41 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js?dkxoNGstblAHWUB%2EWxZHVG5EFg1Of1tXW0IuRQIORi5FAA8UfEUNX057RVJdEykNVw4VLwtXDlRgSlFTFXgOUg4TYV5VXUdhXANYRGEJV1gTYVADWU55DQFfRioOA0labhtDSVpuHFwOHi0aXR8PJAFYD1guHU4RVGBKBVtYeUoYDRcgG1FHEC0ERw5aKglYGBMR
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/sw.js?dkxoNGstblAHWUB%2EWxZHVG5EFg1Of1tXW0IuRQIORi5FAA8UfEUNX057RVJdEykNVw4VLwtXDlRgSlFTFXgOUg4TYV5VXUdhXANYRGEJV1gTYVADWU55DQFfRioOA0labhtDSVpuHFwOHi0aXR8PJAFYD1guHU4RVGBKBVtYeUoYDRcgG1FHEC0ERw5aKglYGBMR
IP 91.209.70.182:0
GET /sw.js?dkxoNGstblAHWUB%2EWxZHVG5EFg1Of1tXW0IuRQIORi5FAA8UfEUNX057RVJdEykNVw4VLwtXDlRgSlFTFXgOUg4TYV5VXUdhXANYRGEJV1gTYVADWU55DQFfRioOA0labhtDSVpuHFwOHi0aXR8PJAFYD1guHU4RVGBKBVtYeUoYDRcgG1FHEC0ERw5aKglYGBMR HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6; _ga=GA1.2.1542905183.1680009483; _gid=GA1.2.2083835059.1680009483; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:42 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
cdn.prplads.com/prebid-2023-03-22.js
104.26.3.51200 OK 0 B URL HTTP/2 cdn.prplads.com/prebid-2023-03-22.js
IP 104.26.3.51:0
GET /prebid-2023-03-22.js HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:43 GMT
content-type: application/javascript
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=375127
etag: W/"99f3c3ccaab6ea63fe6fdc9617e04981"
last-modified: Wed, 22 Mar 2023 16:08:32 GMT
x-amz-id-2: tfIde3Z15D2eLP//UJilb9u8uhCt0yPvOj1j2aVDRqen5Y9+IRpaxx2/c6GWQPnFpjKeKpG02Ro=
x-amz-request-id: WEEHEZZ3GQGXCX9S
cf-cache-status: HIT
age: 86712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Vwowj8bi2%2B6UUJR11mE3Ow0sumwTN4m0i%2BIBPolBMhOM%2B4gFDhVN3GZNvuxBL%2FMQcKnvUMjl260rgp5SIEt5aVuMl5b1mqkbY9KiYZekjWRRGtouKMVn5gDpJa0nC570A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af027a99bddb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/176vy/sc22307-DLTWOSH.part01.rar
Connection: keep-alive
Cookie: filehosting=qmo2klfqeam734v0ri6oscqtq6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 13:17:41 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
theharityhild.buzz/N0lNMHBMaz5HL0I7IRJKFSE5RABEc2IfHVIuLEUAGScoRF9EPmNaAxVlb0MdUWt3AVwVOiBGUg1reR5DFWVvRBFQFiRUUg1rdQNCAXp%2BElwVOjhSL14tfxJKFS91A0NUeXlSXQEsfVJdAy0vAF0OfXUHXVF%2FKFUVVCwuUxNULG9N
54.162.51.18502 Bad Gateway 0 B URL HTTP/2 theharityhild.buzz/N0lNMHBMaz5HL0I7IRJKFSE5RABEc2IfHVIuLEUAGScoRF9EPmNaAxVlb0MdUWt3AVwVOiBGUg1reR5DFWVvRBFQFiRUUg1rdQNCAXp%2BElwVOjhSL14tfxJKFS91A0NUeXlSXQEsfVJdAy0vAF0OfXUHXVF%2FKFUVVCwuUxNULG9N
IP 54.162.51.18:0
GET /N0lNMHBMaz5HL0I7IRJKFSE5RABEc2IfHVIuLEUAGScoRF9EPmNaAxVlb0MdUWt3AVwVOiBGUg1reR5DFWVvRBFQFiRUUg1rdQNCAXp%2BElwVOjhSL14tfxJKFS91A0NUeXlSXQEsfVJdAy0vAF0OfXUHXVF%2FKFUVVCwuUxNULG9N HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: 289ab39e9a2b4ee692cd626a071df816=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1680009483095
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/init?ts=1680009483095
IP 34.196.72.114:0
OPTIONS /x/init?ts=1680009483095 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 13:17:42 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: f943f257-7d44-4e56-a676-cbd763ea6bbb
x-api-version: 0.46.10
X-Firefox-Spdy: h2