megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 22:33:08 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13168
Expires: Tue, 06 Dec 2022 02:12:37 GMT
Date: Mon, 05 Dec 2022 22:33:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2468
Cache-Control: max-age=131958
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:09 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:12:27 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16159
Expires: Tue, 06 Dec 2022 03:02:28 GMT
Date: Mon, 05 Dec 2022 22:33:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 22:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 769
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aCJzhANc9X8W/cKSuKlo6ioDGzTbNj3Qz3lDdohtLq9gnJ9hH2rG1gcQ0QQui02BIWdjIs23AjQ=
x-amz-request-id: 0X1YMKMMDTP5HNWV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 21:48:40 GMT
age: 2669
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e0990f856f9702f9505da2f3bc9f683e
438d4f18133afdc8a0c79508228d50b57dcaab1c
0f24f4c730acbbaf8d5b85b069896e4c541a1a9937b397e127ba7acd3de4848b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 11:25:43 GMT
Expires: Fri, 09 Dec 2022 11:25:42 GMT
Etag: "438d4f18133afdc8a0c79508228d50b57dcaab1c"
Cache-Control: max-age=304952,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77503de84e43fab8-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 1451
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2455
Cache-Control: max-age=126878
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:09 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:47:47 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 637 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash 595e6fdceb89c996f89a09ca60072881
6d69d0bb88cc12017cc2c840ad07556dcfd861e0
a7c958322da5cb7e3a60a3748509be45bfdd20a76c42b8401fd7c1e155473692
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 7de625633c6f4adbd44093de302e9c71
7383666cedfdc04e920533f0c81669d827ee4f24
1e0712074e3ccdf38ba2bd2660ebd708fb613ca91fe06ec2fdf5e8f5a2952dae
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 22:33:09 GMT
expires: Mon, 05 Dec 2022 22:33:09 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash efdb541b708b2e0a6cc075a9c68b07d0
8ce6ae1e31094485d9bc230e39ca7dd970d16efd
d6e864ac41c8de25a27c2b613463eea4767a20091dc91e4a2797dcf814768ce1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6E864AC41C8DE25A27C2B613463EEA4767A20091DC91E4A2797DCF814768CE1"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21283
Expires: Tue, 06 Dec 2022 04:27:52 GMT
Date: Mon, 05 Dec 2022 22:33:09 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 1.9 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
File type assembler source, ASCII text
Hash 1a3a9f35fb4459e20ec293e21e5c5f34
2456b1b32d106592cd0b9a2b6d1689f6c9586166
08d2ea990ddaf211871314c751f1dd3d98c6f253714282955a2f2c12393842b8
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.142.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.142.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: i5LmjqbokOc6JcS+ag/E5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tm5UUyLTjGMRYhKlaZFUA5q6b9o=
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
143.204.42.228200 OK 190 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 143.204.42.228:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 190 kB (190021 bytes)
Hash b4027d5205883b61ee9a80e5960f6ec5
e6666668828cd4238c7f7ec9bdf76ae0c36611e1
dd500908328dd30c6030c047edcef6e68b6af475604cb641a2036622b87867c5
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 190021
date: Mon, 05 Dec 2022 22:33:09 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YWlDRAtduQ1GotyvZf8wAHQNRN7CccqdYCJC0FgMw7kuVG5jF9DtQw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.82.97200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.82.97:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 22:33:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 06-Dec-2022 22:33:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 06-Dec-2022 22:33:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
91.209.70.182200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6bc30151ef82237030725053a4e44b1f
1e6ff56a2637d555d6e83248f62d3555fffc70f0
978b60667ab1f4f181b8ccf51bbe5f0baa91bf241f08677c2cba6e77a84aba08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "978B60667AB1F4F181B8CCF51BBE5F0BAA91BF241F08677C2CBA6E77A84ABA08"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6690
Expires: Tue, 06 Dec 2022 00:24:40 GMT
Date: Mon, 05 Dec 2022 22:33:10 GMT
Connection: keep-alive
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.34200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.34:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 22:33:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 06-Dec-2022 22:33:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 06-Dec-2022 22:33:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP 142.250.74.131:0
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP 142.250.74.131:0
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP 142.250.74.131:0
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP 142.250.74.131:0
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.82.97200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.82.97:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 22:33:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
172.255.6.34200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 172.255.6.34:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 22:33:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/imageads/001.gif
91.209.70.182200 OK 128 kB URL HTTP/2 megaup.net/imageads/001.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 128 kB (127890 bytes)
Hash c48c34e2524c088e733d5082c9c6f866
041d270366d0701312c603b98e2d283495f41e06
bdb917baae41ee4f0d22e572cc741d45eccf5ff3eef41ef0416431a18049df1f
GET /imageads/001.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: image/gif
content-length: 127890
last-modified: Thu, 02 Aug 2018 17:10:58 GMT
vary: Accept-Encoding
etag: "5b633b22-1f392"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP 142.250.74.131:0
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
norakseemlyntr.com/SVVvYk1magwRcCoNJTQcHRMnMX8TZy0JKQgPAS8LGz4fDC4+HEkWJC1oV1B4cGReRD0gMVJRf28mGwM5PCZSU2sgOwkNcG8jUlJjcXteV2N5cxpffG8hHwMqdGRJEjk9OVJTe35lXVV0fG1YVnt8
104.21.96.100204 No Content 0 B URL HTTP/2 norakseemlyntr.com/SVVvYk1magwRcCoNJTQcHRMnMX8TZy0JKQgPAS8LGz4fDC4+HEkWJC1oV1B4cGReRD0gMVJRf28mGwM5PCZSU2sgOwkNcG8jUlJjcXteV2N5cxpffG8hHwMqdGRJEjk9OVJTe35lXVV0fG1YVnt8
IP 104.21.96.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SVVvYk1magwRcCoNJTQcHRMnMX8TZy0JKQgPAS8LGz4fDC4+HEkWJC1oV1B4cGReRD0gMVJRf28mGwM5PCZSU2sgOwkNcG8jUlJjcXteV2N5cxpffG8hHwMqdGRJEjk9OVJTe35lXVV0fG1YVnt8 HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHpQa%2BVimR913Q7FUyMWv3h6woU%2BAp6KMCnViWms%2FH2oxr0GJa7qekAH3%2BPSwUdw8BjQkLt4wzUloajjtKjPULJUTNhpXc1ck80YBBzXyi0LNti6lbkELDbyGYYIKcrAuD9ZChQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503def6c0bb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lameterthenhep.com/U1p2MG4yOBVdUTJnFBYbITZLFVwVf0R2Cj43DFsIN2JERw8qNFhTAjwvElYcPDQCHgA2LlMCKCA4IFgDNw8zfyAkPSJWBjgiN1sGZg0bBTgBEhp8IzsPF3wWYjYyWDdgFjRTFB4tFX8IOxMmejgRNSdyBTQbDAkMBiMndCFiLjNqGSRiNHUGYgkPRzkUMwZhIwI9J34ZHms0ci88Hj4EOhUSAXEgKy0VfD8WbycADRsNPmo5BhI4VA0RHxV8GThpM2E0OAJEVycSDSRWDxU+MFJfYmMgZAo4AkRXPBsZT1IMFhQxcV47KyBXX2ANLgE4HWgkVg8Rdyd0NBVuLGZeBWonAgYDDz5+CgMtO2clNBBPZiodIC5nAgQILnIKMg84eA0CKQ52LBI0N1ksFwgBVA0yHDhSDQYpAmdeAnwcQwE9KktYDSUbOWUoFTk
65.9.44.81200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/U1p2MG4yOBVdUTJnFBYbITZLFVwVf0R2Cj43DFsIN2JERw8qNFhTAjwvElYcPDQCHgA2LlMCKCA4IFgDNw8zfyAkPSJWBjgiN1sGZg0bBTgBEhp8IzsPF3wWYjYyWDdgFjRTFB4tFX8IOxMmejgRNSdyBTQbDAkMBiMndCFiLjNqGSRiNHUGYgkPRzkUMwZhIwI9J34ZHms0ci88Hj4EOhUSAXEgKy0VfD8WbycADRsNPmo5BhI4VA0RHxV8GThpM2E0OAJEVycSDSRWDxU+MFJfYmMgZAo4AkRXPBsZT1IMFhQxcV47KyBXX2ANLgE4HWgkVg8Rdyd0NBVuLGZeBWonAgYDDz5+CgMtO2clNBBPZiodIC5nAgQILnIKMg84eA0CKQ52LBI0N1ksFwgBVA0yHDhSDQYpAmdeAnwcQwE9KktYDSUbOWUoFTk
IP 65.9.44.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash fab78bee019a8a12f7783e1e4c023bc2
e253b845e2d1bb2d02d170a0eafde98e225a64e1
33102f3a76852017f1d8a3e50af205a1f4f84b245df717a0244588dc1b8d0f82
GET /U1p2MG4yOBVdUTJnFBYbITZLFVwVf0R2Cj43DFsIN2JERw8qNFhTAjwvElYcPDQCHgA2LlMCKCA4IFgDNw8zfyAkPSJWBjgiN1sGZg0bBTgBEhp8IzsPF3wWYjYyWDdgFjRTFB4tFX8IOxMmejgRNSdyBTQbDAkMBiMndCFiLjNqGSRiNHUGYgkPRzkUMwZhIwI9J34ZHms0ci88Hj4EOhUSAXEgKy0VfD8WbycADRsNPmo5BhI4VA0RHxV8GThpM2E0OAJEVycSDSRWDxU+MFJfYmMgZAo4AkRXPBsZT1IMFhQxcV47KyBXX2ANLgE4HWgkVg8Rdyd0NBVuLGZeBWonAgYDDz5+CgMtO2clNBBPZiodIC5nAgQILnIKMg84eA0CKQ52LBI0N1ksFwgBVA0yHDhSDQYpAmdeAnwcQwE9KktYDSUbOWUoFTk HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: bg9t4rJJW-ovg2cwqg0k3t-IFLj2O8CPdK1fVVAXdNY3QhXc2g2ElQ==
X-Firefox-Spdy: h2
norakseemlyntr.com/VFdGSWp7aCU6Vwc7IhozZDtwEwcGBSURBjMOdzkdMQAcODwcEmA9AzBqcX9eZWN3bxo9M3t4TCcjJz0fJ2p3bwM6MSl0TCJqd2dZYHl1eERlcTN0W3IjNigNaWZgOR4gO3t4XGNndH5TYW9xfFpl
104.21.96.100204 No Content 0 B URL HTTP/2 norakseemlyntr.com/VFdGSWp7aCU6Vwc7IhozZDtwEwcGBSURBjMOdzkdMQAcODwcEmA9AzBqcX9eZWN3bxo9M3t4TCcjJz0fJ2p3bwM6MSl0TCJqd2dZYHl1eERlcTN0W3IjNigNaWZgOR4gO3t4XGNndH5TYW9xfFpl
IP 104.21.96.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VFdGSWp7aCU6Vwc7IhozZDtwEwcGBSURBjMOdzkdMQAcODwcEmA9AzBqcX9eZWN3bxo9M3t4TCcjJz0fJ2p3bwM6MSl0TCJqd2dZYHl1eERlcTN0W3IjNigNaWZgOR4gO3t4XGNndH5TYW9xfFpl HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8LHH6z4N%2Fdbp%2BdWiFna5EWOJVpz6BjM3AJAHsNYlRpBvjxy3%2Bm8fTtrmRuR1O2ZFmvHgmSHyITzkpOdP3kcbShTUSib%2FhbqiZ5FJFgT%2FNaWL6FqmN4zrfLWaXwhRVHbK0RsJxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503def7c23b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lameterthenhep.com/dnBXZncXEjQLSBdNNUACBBxqQ0UwVWUgExsdLQ0REkhlERYPHnkFGxkFMwAFGR4jSBkTBHJUMRUqZgEPLAoGIzlHSBUlDzsIATAYOyYAVj4gFwEkOh05HjEfEhwFJD0uNi1fGDtCHTU5HTYVNzVGSBMgFCUzLQoRNzE7JCcgSBIlISxVZSQiNz4AMRoBKBJWJj89IBEkIRcaXyEBRTYnHQEoEgohFz4BUhMuISRWIjM5EC8gRhYBHjEgERUNJi4hPF4vHjIfNxoZMhQzNTURMCAgNDU7CTEwImU3GhkyEiBHPBIwMDQ0CQFfNkcUGjMgASUBLi01ETBLMiAhPCwFFTYOIyIYKRUyHzAmNiAuNSYgEUQwNgEfISEXFjAAJCc2JzU1MjsFUkQyACQhJDEDAj0nFw4OFic2BCEbElVlJCUwHxFAHQUfORZKAwU0FhAvJAFTGQY
65.9.44.81200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/dnBXZncXEjQLSBdNNUACBBxqQ0UwVWUgExsdLQ0REkhlERYPHnkFGxkFMwAFGR4jSBkTBHJUMRUqZgEPLAoGIzlHSBUlDzsIATAYOyYAVj4gFwEkOh05HjEfEhwFJD0uNi1fGDtCHTU5HTYVNzVGSBMgFCUzLQoRNzE7JCcgSBIlISxVZSQiNz4AMRoBKBJWJj89IBEkIRcaXyEBRTYnHQEoEgohFz4BUhMuISRWIjM5EC8gRhYBHjEgERUNJi4hPF4vHjIfNxoZMhQzNTURMCAgNDU7CTEwImU3GhkyEiBHPBIwMDQ0CQFfNkcUGjMgASUBLi01ETBLMiAhPCwFFTYOIyIYKRUyHzAmNiAuNSYgEUQwNgEfISEXFjAAJCc2JzU1MjsFUkQyACQhJDEDAj0nFw4OFic2BCEbElVlJCUwHxFAHQUfORZKAwU0FhAvJAFTGQY
IP 65.9.44.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3037), with no line terminators
Hash af53281429af1425a951d56d698ff749
9c45d93e5043001c98942513168c0e4b71096dc5
876c2b8e0d3ce831f2f1062be871cdc1863d3d8767577de21bbde1c3a8584e3e
GET /dnBXZncXEjQLSBdNNUACBBxqQ0UwVWUgExsdLQ0REkhlERYPHnkFGxkFMwAFGR4jSBkTBHJUMRUqZgEPLAoGIzlHSBUlDzsIATAYOyYAVj4gFwEkOh05HjEfEhwFJD0uNi1fGDtCHTU5HTYVNzVGSBMgFCUzLQoRNzE7JCcgSBIlISxVZSQiNz4AMRoBKBJWJj89IBEkIRcaXyEBRTYnHQEoEgohFz4BUhMuISRWIjM5EC8gRhYBHjEgERUNJi4hPF4vHjIfNxoZMhQzNTURMCAgNDU7CTEwImU3GhkyEiBHPBIwMDQ0CQFfNkcUGjMgASUBLi01ETBLMiAhPCwFFTYOIyIYKRUyHzAmNiAuNSYgEUQwNgEfISEXFjAAJCc2JzU1MjsFUkQyACQhJDEDAj0nFw4OFic2BCEbElVlJCUwHxFAHQUfORZKAwU0FhAvJAFTGQY HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: NFSTdEHA4xNjDj-jNigIJoosIrqMKixjtwn6p67UbWGG1OKn-OraLQ==
X-Firefox-Spdy: h2
norakseemlyntr.com/TjFnd2VhDgQEWBxaFwAwCUkeElUIWT9EAXpjIB8/LQItPTx/CUEDDCoMX0BTfQBfURUnVVpFXGhCExYRO0JaRkMnXwEYWGhHWkZLfh9RR0t/FxJKVGhFFxYCcwBBBxE6XVpGU3kBVUBcewlQQ1J5
104.21.96.100204 No Content 0 B URL HTTP/2 norakseemlyntr.com/TjFnd2VhDgQEWBxaFwAwCUkeElUIWT9EAXpjIB8/LQItPTx/CUEDDCoMX0BTfQBfURUnVVpFXGhCExYRO0JaRkMnXwEYWGhHWkZLfh9RR0t/FxJKVGhFFxYCcwBBBxE6XVpGU3kBVUBcewlQQ1J5
IP 104.21.96.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TjFnd2VhDgQEWBxaFwAwCUkeElUIWT9EAXpjIB8/LQItPTx/CUEDDCoMX0BTfQBfURUnVVpFXGhCExYRO0JaRkMnXwEYWGhHWkZLfh9RR0t/FxJKVGhFFxYCcwBBBxE6XVpGU3kBVUBcewlQQ1J5 HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKnx26HxIauzqS700E4%2BKpdHFzjBsIzO584NM9c8BOb2rNgmbxX0SL3aS6jOkJQ1rfePEfGfL0zYvQa%2B7%2Bu367rmRwd0pf7%2B%2BNCHtabQfJPC7nlQgSurzNMslGsIPou0be9VTXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503def6c0db4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lameterthenhep.com/WFpBaTU5OCIECjlnI09AKjZ8TAcef3MvUTU3OwJTPGJzHlQhNG8KWTcvJQ9HNzQ1R1s9LmRbczw4FTtvDR4QJmIiOXMqTTQ+ET4FHA02P1o5GwslbTE1ZFtzDzJxI34bMignch0YCy90MjwvUV4MPSojVAAAGC1zN39zK1cKEwg+XyguAzxBDgoVIH8PCAgdfB4pBiphGX9zK2AKLiAncRIIAy9jfWgHI2MOCxY9bCkCEC9sFxIULn4vHHIwdx48AyFwNgIQJ2QWMyUhZhkAMTleGhMDBFkwGAQkcD4dD1tmGQAxIwRoHgAEBGkYOFFnOWgDJGIvGHkwBgITAwQYMzMQAlIQHQYscA8YMRlQChwnK3Fsaxcebzo8BiNMAC0TBmwZCCIrcjBrAwUECxcCI2cbazIBUQkDMytiNDYGBQULFgZZc34wMgZbKGcwEWMBDxkdURYQ
65.9.44.81200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/WFpBaTU5OCIECjlnI09AKjZ8TAcef3MvUTU3OwJTPGJzHlQhNG8KWTcvJQ9HNzQ1R1s9LmRbczw4FTtvDR4QJmIiOXMqTTQ+ET4FHA02P1o5GwslbTE1ZFtzDzJxI34bMignch0YCy90MjwvUV4MPSojVAAAGC1zN39zK1cKEwg+XyguAzxBDgoVIH8PCAgdfB4pBiphGX9zK2AKLiAncRIIAy9jfWgHI2MOCxY9bCkCEC9sFxIULn4vHHIwdx48AyFwNgIQJ2QWMyUhZhkAMTleGhMDBFkwGAQkcD4dD1tmGQAxIwRoHgAEBGkYOFFnOWgDJGIvGHkwBgITAwQYMzMQAlIQHQYscA8YMRlQChwnK3Fsaxcebzo8BiNMAC0TBmwZCCIrcjBrAwUECxcCI2cbazIBUQkDMytiNDYGBQULFgZZc34wMgZbKGcwEWMBDxkdURYQ
IP 65.9.44.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3036), with no line terminators
Hash 5ed34b390bbef460dc046791861ee6f7
491fc94ff75928795d9fce8a8529bc977f4295b1
e77f73a9e005c5046bf8b6063a8e70adc23d8bf8afe6c930f07ace89bb34ab38
GET /WFpBaTU5OCIECjlnI09AKjZ8TAcef3MvUTU3OwJTPGJzHlQhNG8KWTcvJQ9HNzQ1R1s9LmRbczw4FTtvDR4QJmIiOXMqTTQ+ET4FHA02P1o5GwslbTE1ZFtzDzJxI34bMignch0YCy90MjwvUV4MPSojVAAAGC1zN39zK1cKEwg+XyguAzxBDgoVIH8PCAgdfB4pBiphGX9zK2AKLiAncRIIAy9jfWgHI2MOCxY9bCkCEC9sFxIULn4vHHIwdx48AyFwNgIQJ2QWMyUhZhkAMTleGhMDBFkwGAQkcD4dD1tmGQAxIwRoHgAEBGkYOFFnOWgDJGIvGHkwBgITAwQYMzMQAlIQHQYscA8YMRlQChwnK3Fsaxcebzo8BiNMAC0TBmwZCCIrcjBrAwUECxcCI2cbazIBUQkDMytiNDYGBQULFgZZc34wMgZbKGcwEWMBDxkdURYQ HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1188
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: Su9CTSjslFIRJcQKIwLGiW42dG-4XS7aJyON52_vqbiEPYTgk_cb3A==
X-Firefox-Spdy: h2
norakseemlyntr.com/Z05KemJIcSkJXwMbHE44DRwOGVIXGwhKLFUdHEIkNhYIODQ2fmwOCwNzc05bX3h+XBIOKndLWkE9PhsWEj13S0QOICwVX0E4d0tMV2B4VFBBO3dLRBM+Kx1fVmg6DhYLc3tMVVd8fUNXX3l+QlQ
104.21.96.100204 No Content 0 B URL HTTP/2 norakseemlyntr.com/Z05KemJIcSkJXwMbHE44DRwOGVIXGwhKLFUdHEIkNhYIODQ2fmwOCwNzc05bX3h+XBIOKndLWkE9PhsWEj13S0QOICwVX0E4d0tMV2B4VFBBO3dLRBM+Kx1fVmg6DhYLc3tMVVd8fUNXX3l+QlQ
IP 104.21.96.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Z05KemJIcSkJXwMbHE44DRwOGVIXGwhKLFUdHEIkNhYIODQ2fmwOCwNzc05bX3h+XBIOKndLWkE9PhsWEj13S0QOICwVX0E4d0tMV2B4VFBBO3dLRBM+Kx1fVmg6DhYLc3tMVVd8fUNXX3l+QlQ HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXcKKEYk2TX%2FxSLVXsDLRQVUxaO8zfUlehJv7WeypcLRfgdSZEwIwJJdFcoKgJdLUjGJtTy2htIsThpEyqVYoyuLF2ShN6J%2BTOUrIU%2B9hoGBFKeJJqqfRHij2QvS%2Ff80pz%2B%2BvsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503def7c2eb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lameterthenhep.com/SDR2amcpVhUHWCkJFEwSOlhLT1UOEUQsAyVZDAEBLAxEHQYxWlgJCydBEgwVJ1oCRAktQFNYIQRQMA4pH3EvMigLeVNYJS1lN09VCn8hPEJ6cictUnlWGCA0GGBCWSwJZgcgM3x/OT5WbQYwMz8NTjRZVz51MCMNBk4OXTUAcR4lNC9gFwcUcX80DhYufEIEIgxiAQggCXY4BCZ5fydeQnp2Pz42JmEhPysqYx4vBCYNGQgABRFEKC4yQwYrHhpbFwQ+KX1EAhYsXyAEPnpcHDgfHlsXBD4MZB8kEitYMAEjewVGOCRxAxQtKQByIQIWLFMvAgYPRz44MCwAEgQ9LFcYR14nfSQvVwJeEgA1IHJTWCEpfBIvPXtMGQ5WDlgQPlM+dhwjFQZOQzg9GUAGDgwOARAyUzJnITNBIkcZBBd1XBAmKiIGT10gGAQBLA
65.9.44.81200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/SDR2amcpVhUHWCkJFEwSOlhLT1UOEUQsAyVZDAEBLAxEHQYxWlgJCydBEgwVJ1oCRAktQFNYIQRQMA4pH3EvMigLeVNYJS1lN09VCn8hPEJ6cictUnlWGCA0GGBCWSwJZgcgM3x/OT5WbQYwMz8NTjRZVz51MCMNBk4OXTUAcR4lNC9gFwcUcX80DhYufEIEIgxiAQggCXY4BCZ5fydeQnp2Pz42JmEhPysqYx4vBCYNGQgABRFEKC4yQwYrHhpbFwQ+KX1EAhYsXyAEPnpcHDgfHlsXBD4MZB8kEitYMAEjewVGOCRxAxQtKQByIQIWLFMvAgYPRz44MCwAEgQ9LFcYR14nfSQvVwJeEgA1IHJTWCEpfBIvPXtMGQ5WDlgQPlM+dhwjFQZOQzg9GUAGDgwOARAyUzJnITNBIkcZBBd1XBAmKiIGT10gGAQBLA
IP 65.9.44.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3022), with no line terminators
Hash 67c44aaa073f175c078e0542b59dc95b
fd00c808ae7fbb4716271b7ca3e874482c7134ec
235fffb560f41ea32876e0bdf9c9ff4e04123305623da44e79abc14ffea4cd33
GET /SDR2amcpVhUHWCkJFEwSOlhLT1UOEUQsAyVZDAEBLAxEHQYxWlgJCydBEgwVJ1oCRAktQFNYIQRQMA4pH3EvMigLeVNYJS1lN09VCn8hPEJ6cictUnlWGCA0GGBCWSwJZgcgM3x/OT5WbQYwMz8NTjRZVz51MCMNBk4OXTUAcR4lNC9gFwcUcX80DhYufEIEIgxiAQggCXY4BCZ5fydeQnp2Pz42JmEhPysqYx4vBCYNGQgABRFEKC4yQwYrHhpbFwQ+KX1EAhYsXyAEPnpcHDgfHlsXBD4MZB8kEitYMAEjewVGOCRxAxQtKQByIQIWLFMvAgYPRz44MCwAEgQ9LFcYR14nfSQvVwJeEgA1IHJTWCEpfBIvPXtMGQ5WDlgQPlM+dhwjFQZOQzg9GUAGDgwOARAyUzJnITNBIkcZBBd1XBAmKiIGT10gGAQBLA HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1178
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: fr0ZlXKUXsVAlpDMwQ7Cq9_PuNFAESb3Zkagh4NJJ6BJBlw8yp39QQ==
X-Firefox-Spdy: h2
norakseemlyntr.com/WFNkczB3bAcADQk/DBlRMx1UKmYaNwA7YikGIhsDPAQmIWcQEkIHWTxuXEEFYWJVVUAxN1lAAn4gEBJELSBZQQBoZEIaXj48WUEWLm5UXQh2YlFdAH4mWUIWLCMFFA1pdRQHRDRuVUUHaGFTSgVgZFBFBw
104.21.96.100204 No Content 0 B URL HTTP/2 norakseemlyntr.com/WFNkczB3bAcADQk/DBlRMx1UKmYaNwA7YikGIhsDPAQmIWcQEkIHWTxuXEEFYWJVVUAxN1lAAn4gEBJELSBZQQBoZEIaXj48WUEWLm5UXQh2YlFdAH4mWUIWLCMFFA1pdRQHRDRuVUUHaGFTSgVgZFBFBw
IP 104.21.96.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WFNkczB3bAcADQk/DBlRMx1UKmYaNwA7YikGIhsDPAQmIWcQEkIHWTxuXEEFYWJVVUAxN1lAAn4gEBJELSBZQQBoZEIaXj48WUEWLm5UXQh2YlFdAH4mWUIWLCMFFA1pdRQHRDRuVUUHaGFTSgVgZFBFBw HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRFQWVN3cfykqYYLd2p%2FDCPO8Nf3gvxMo4250Wbe3kg6KOFRq%2FL8Ilco7%2Fb0NPVL1lHAiwlewliEwsbd0iM3gcc%2BXVoYS4kuIRoFRFOs%2Bw73SpPHjMKtX47Q1TT%2BiZ3NQkTh9dc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503def7c2cb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP 142.250.74.131:0
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
norakseemlyntr.com/a09LWlZEcCgpazkifi0FARVuaBQ8JAlsFFgBLQsOJgwvay4uKgoDcB8mL2dhXX56YmBNPyI+a1ppOC43Hzo4Z2dNJiU8OVZpPWdnRXx/dGVaYXp8I1Z+bS4mCih2a3AbOz82a1p5fGpkXHZ+YmFfe3I
104.21.96.100204 No Content 0 B URL HTTP/2 norakseemlyntr.com/a09LWlZEcCgpazkifi0FARVuaBQ8JAlsFFgBLQsOJgwvay4uKgoDcB8mL2dhXX56YmBNPyI+a1ppOC43Hzo4Z2dNJiU8OVZpPWdnRXx/dGVaYXp8I1Z+bS4mCih2a3AbOz82a1p5fGpkXHZ+YmFfe3I
IP 104.21.96.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a09LWlZEcCgpazkifi0FARVuaBQ8JAlsFFgBLQsOJgwvay4uKgoDcB8mL2dhXX56YmBNPyI+a1ppOC43Hzo4Z2dNJiU8OVZpPWdnRXx/dGVaYXp8I1Z+bS4mCih2a3AbOz82a1p5fGpkXHZ+YmFfe3I HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjCQ1MbQTRs%2F59iOYgjCDhEKgQt9r5IPvfH%2BspqVP7MfUiAdLrXBCW%2BCahsF0O1KpS4pMHTHjS8pZpmRcWu5pNtvV0lBHL%2FJia0iHlz3NNjdG12DC1CpX7VT%2BEPS2pfdCsliPpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df01ce1b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lameterthenhep.com/MHltS2ZRGw4mWVFED20TQhVQblR2XF8NAl0UFyAAVEFfPAdJF0MoCl8MCS0UXxcZZQhVDUh5IFY2OB0ifkkJKi1ZSD8uIwAKJzwWRz1eDR9xSjQtKko7NAAzXE0oez8DGi4sKGgXWCEvWjsXBVUAFiwJI0ooFA1DAjsveSBmMy56N1URVSwqZitbCCF9EDgyM3UaOh0ifkg0PgBcTR0TIn0NOiIwUzUuAjR9FQV/KlweVB4lWw87Ji98OF4SPFQBFXgFSEEaHiVDFzoPJHsgJQ4ueyxcLAVhHV8IMUQDKCU0ByAlDi59Pyw5AmE3BAgBVBQvEwJyGl5mBWMdJT8BUygOejICOxovCGkzDgxWeBsFM1VTSCwiMVlNHg4IZlxfDQIDNCovEVxJDjw8WTpeHgpoEzsoL0kBPRIBQz0OLAJJP14dCmEXAgJAWgoCJRYNKRw7L103BHI8VwopOyJdOg
65.9.44.81200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/MHltS2ZRGw4mWVFED20TQhVQblR2XF8NAl0UFyAAVEFfPAdJF0MoCl8MCS0UXxcZZQhVDUh5IFY2OB0ifkkJKi1ZSD8uIwAKJzwWRz1eDR9xSjQtKko7NAAzXE0oez8DGi4sKGgXWCEvWjsXBVUAFiwJI0ooFA1DAjsveSBmMy56N1URVSwqZitbCCF9EDgyM3UaOh0ifkg0PgBcTR0TIn0NOiIwUzUuAjR9FQV/KlweVB4lWw87Ji98OF4SPFQBFXgFSEEaHiVDFzoPJHsgJQ4ueyxcLAVhHV8IMUQDKCU0ByAlDi59Pyw5AmE3BAgBVBQvEwJyGl5mBWMdJT8BUygOejICOxovCGkzDgxWeBsFM1VTSCwiMVlNHg4IZlxfDQIDNCovEVxJDjw8WTpeHgpoEzsoL0kBPRIBQz0OLAJJP14dCmEXAgJAWgoCJRYNKRw7L103BHI8VwopOyJdOg
IP 65.9.44.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash 38f7e6d9bee894c15f95385ffda5d68a
27656aa4a109668a5612182af2844d22701349e4
9585686296cbcdb1f4848257374b19f2ee31645b838e4d0fd8d42c43ed708a0b
GET /MHltS2ZRGw4mWVFED20TQhVQblR2XF8NAl0UFyAAVEFfPAdJF0MoCl8MCS0UXxcZZQhVDUh5IFY2OB0ifkkJKi1ZSD8uIwAKJzwWRz1eDR9xSjQtKko7NAAzXE0oez8DGi4sKGgXWCEvWjsXBVUAFiwJI0ooFA1DAjsveSBmMy56N1URVSwqZitbCCF9EDgyM3UaOh0ifkg0PgBcTR0TIn0NOiIwUzUuAjR9FQV/KlweVB4lWw87Ji98OF4SPFQBFXgFSEEaHiVDFzoPJHsgJQ4ueyxcLAVhHV8IMUQDKCU0ByAlDi59Pyw5AmE3BAgBVBQvEwJyGl5mBWMdJT8BUygOejICOxovCGkzDgxWeBsFM1VTSCwiMVlNHg4IZlxfDQIDNCovEVxJDjw8WTpeHgpoEzsoL0kBPRIBQz0OLAJJP14dCmEXAgJAWgoCJRYNKRw7L103BHI8VwopOyJdOg HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1197
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: IhznB1DqFssRYvKpSekLiTxYpJ0Ho02NxtQjUAqd5eiHZTfAw-3KYQ==
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
104.26.2.107200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 104.26.2.107:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Thu, 22 Dec 2022 09:44:57 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1169273
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZL2l1CAE4PYe16wpToZ2aqkNK6sgQ8r%2FkFfiX160y2ji7LCbZDztvG%2FyQW9KOQ8jmSJ2pQ2L%2FHxVAb6LEXFvG%2BueYEvHZu%2F9dTcOr203iH%2BcJj4ehHDa7jTYuYHrdgNAVw8uZoZ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77503df0ed65b4f3-OSL
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1670279587615
104.26.2.107200 OK 22 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1670279587615
IP 104.26.2.107:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6061), with no line terminators
Hash 2378a4f91fd61a19816991f8cc9ea943
725eda4618858efd051dd8579e4e1f15e0ac4624
59a734eb93794bcb9a899c5f28c1b436eed941bd7eca2ee3de16ef3f9026341d
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1670279587615 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJdRSsmHxAFtNN14faaBJiIBkIBsPduB0JZHTT%2B9VEXblfscNQWuOq2O4jSJb6vB3meOkYvOj3Q8%2FLeCAj8Um1Y%2FmdjJlVDd3yfLrd2Eczw4EhAuyldw4WSwhFTjPXKDZ53vExbR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df01c3fb4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
143.204.55.49200 OK 15 kB URL HTTP/2 cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
IP 143.204.55.49:0
File type Unicode text, UTF-8 text, with very long lines (43435), with no line terminators
Hash 7992564beb8d8c7f661dfb295abd2505
262a7a41e2b966f02049730c087dc94b56457d18
92147ccd54504999d2651cca6e45d41a66fefece750eeb78995d18d2343a5dfc
GET /video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 15029
date: Mon, 05 Dec 2022 10:08:39 GMT
last-modified: Sun, 04 Dec 2022 13:54:31 GMT
etag: "7992564beb8d8c7f661dfb295abd2505"
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Deg-OdvuAgBFlbC405AZU7GDTX8Q8KDI8f6aYBTiIyO_5n2uKmlrZg==
age: 44672
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/sbVhmdUEONwgTfhkxAkh5Wm5VRHlLMhUaLx1lDhY3LBczMwcOfhIPJVBoQBkgAz9bUyQDO1tEZww8BEh1SywWGipQMQgQNwM1BBAoDH4TFHwANxwcLQE5Q0cHWHZWUHNdcBEcLwk3EQZkX2gIAWRfaFdFb119VTdkX2gRHC9bbENGA0hqVg13WX1VN2RfaB-QDZF4ZV0V0Q2hPUHNdPwMWKgJ9VDNzXWlWRXBdaUNHcQsxFBAnAiBDRwdcaFNbcUstW0Q
143.204.42.228200 OK 451 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/sbVhmdUEONwgTfhkxAkh5Wm5VRHlLMhUaLx1lDhY3LBczMwcOfhIPJVBoQBkgAz9bUyQDO1tEZww8BEh1SywWGipQMQgQNwM1BBAoDH4TFHwANxwcLQE5Q0cHWHZWUHNdcBEcLwk3EQZkX2gIAWRfaFdFb119VTdkX2gRHC9bbENGA0hqVg13WX1VN2RfaB-QDZF4ZV0V0Q2hPUHNdPwMWKgJ9VDNzXWlWRXBdaUNHcQsxFBAnAiBDRwdcaFNbcUstW0Q
IP 143.204.42.228:0
File type ASCII text, with very long lines (593), with no line terminators
Hash 8773528db6857fe3365d9c80295a3b34
22e0f1201aea38d57a404c28b267b396844c1f08
9aba135bea9f9d8858b34e0d4d4f67b72321f9a77e22a0e58549045b1d6ffd97
GET /sbVhmdUEONwgTfhkxAkh5Wm5VRHlLMhUaLx1lDhY3LBczMwcOfhIPJVBoQBkgAz9bUyQDO1tEZww8BEh1SywWGipQMQgQNwM1BBAoDH4TFHwANxwcLQE5Q0cHWHZWUHNdcBEcLwk3EQZkX2gIAWRfaFdFb119VTdkX2gRHC9bbENGA0hqVg13WX1VN2RfaB-QDZF4ZV0V0Q2hPUHNdPwMWKgJ9VDNzXWlWRXBdaUNHcQsxFBAnAiBDRwdcaFNbcUstW0Q HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 451
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 60N2Um4lFDK9u_jR9V3sellwaFuE804q_PC6UvvvprMNfxl3c0f-UQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/LdFdNWEYXOCM+eQA+KWV/QG51bnJSPT43KARqJT4KOT1/YXEzB30vAFIjNzx7RHEhOSgTams9KBdqfH4nEDVwbGABNnA1KQ4+ITQnUWULbWhEcn9obgM+IzwpAyRoanYaI2hqdkVnY2hjRxVoanYDPiNuclFkD310RC97bGNHFWhqdgYhaGsHRWd4dnZdcn-9oIRE0JjdjRhF/aHdEZ3xod1FlfT4vBjIrNz5RZQtpdkF5fX4zSWY
143.204.42.228200 OK 191 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/LdFdNWEYXOCM+eQA+KWV/QG51bnJSPT43KARqJT4KOT1/YXEzB30vAFIjNzx7RHEhOSgTams9KBdqfH4nEDVwbGABNnA1KQ4+ITQnUWULbWhEcn9obgM+IzwpAyRoanYaI2hqdkVnY2hjRxVoanYDPiNuclFkD310RC97bGNHFWhqdgYhaGsHRWd4dnZdcn-9oIRE0JjdjRhF/aHdEZ3xod1FlfT4vBjIrNz5RZQtpdkF5fX4zSWY
IP 143.204.42.228:0
File type ASCII text, with no line terminators
Hash 4511ae75251ed6fe536bac29e1b004d5
fa15a9d7d3e7e7a39cbdfc02795828d34684eec6
a5a535f375f7b2d86994da780630616a0ea9cf70f32da3a2ad75001582ea8b2e
GET /LdFdNWEYXOCM+eQA+KWV/QG51bnJSPT43KARqJT4KOT1/YXEzB30vAFIjNzx7RHEhOSgTams9KBdqfH4nEDVwbGABNnA1KQ4+ITQnUWULbWhEcn9obgM+IzwpAyRoanYaI2hqdkVnY2hjRxVoanYDPiNuclFkD310RC97bGNHFWhqdgYhaGsHRWd4dnZdcn-9oIRE0JjdjRhF/aHdEZ3xod1FlfT4vBjIrNz5RZQtpdkF5fX4zSWY HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 191
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4k6eEfvaWQqMqjaZpMyXrJYQBtbsbIS7Z_3PD7J1ynLxuwwKKq6Nsw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/dbTRZUDQOWzc2CxldPW0DWwVoaAJLXio/Wh0JKChiNGEBJFAjfn8kTgkJaXZYDFo+bRIIWjptBUtVPTIJWRItIFsGCTA+URtaNDJRBFV/JVVQWTYqXQFYOHUGKwF3YBFfBHEnXQNQNidHSAZpPkBIBmlhBEMEfGN2SAZpJ10DAm11By8Ra2BMWwB8Y3ZIBm-kiQkgHGGEEWBppeRFfBD41VwZbfGJyXwRoYARcBGh1Bl1SMCJRC1shdQYrBWllGl0SLG0F
143.204.42.228200 OK 590 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/dbTRZUDQOWzc2CxldPW0DWwVoaAJLXio/Wh0JKChiNGEBJFAjfn8kTgkJaXZYDFo+bRIIWjptBUtVPTIJWRItIFsGCTA+URtaNDJRBFV/JVVQWTYqXQFYOHUGKwF3YBFfBHEnXQNQNidHSAZpPkBIBmlhBEMEfGN2SAZpJ10DAm11By8Ra2BMWwB8Y3ZIBm-kiQkgHGGEEWBppeRFfBD41VwZbfGJyXwRoYARcBGh1Bl1SMCJRC1shdQYrBWllGl0SLG0F
IP 143.204.42.228:0
File type ASCII text, with very long lines (834), with no line terminators
Hash adc5145084aab3aaf6520f3a4495f65b
8ce1cd09581a96d8c13a7b7fc97a19147e2e3578
3a6bbb19286d3f8144f2ddcba6e945fcec7c67db3b8d50c9e26620b238ad10e2
GET /dbTRZUDQOWzc2CxldPW0DWwVoaAJLXio/Wh0JKChiNGEBJFAjfn8kTgkJaXZYDFo+bRIIWjptBUtVPTIJWRItIFsGCTA+URtaNDJRBFV/JVVQWTYqXQFYOHUGKwF3YBFfBHEnXQNQNidHSAZpPkBIBmlhBEMEfGN2SAZpJ10DAm11By8Ra2BMWwB8Y3ZIBm-kiQkgHGGEEWBppeRFfBD41VwZbfGJyXwRoYARcBGh1Bl1SMCJRC1shdQYrBWllGl0SLG0F HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 590
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WJ7a1W0tMCjbotOlq6i5LmjuhFuMolMGh7h7wf_Dh71Pdv1MDuPP-A==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/cZ1gxZzQEN18BCxMxVVoMVW0IVgVBMkIIWhdlRBJXFz9oM2JSNkFBQB08DFcSCzlfAAlBPV8ECVZ+UANWWmwXE0QIMwwSWgM9Vw5aAjwXElVaNV4dXQs0UEIGIW0fVxFVaBkQXQk8XhBHQmoBCUBCagFWBEloFFR2QmoBEF0JbgVCByV9A1dMUWwUVHZCag-EVQkJrcFYEUnYBThFVaFYCVww3FFVyVWgAVwRWaABCBlc+WBVRATdJQgYhaQFSGld+RFoF
143.204.42.228200 OK 364 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/cZ1gxZzQEN18BCxMxVVoMVW0IVgVBMkIIWhdlRBJXFz9oM2JSNkFBQB08DFcSCzlfAAlBPV8ECVZ+UANWWmwXE0QIMwwSWgM9Vw5aAjwXElVaNV4dXQs0UEIGIW0fVxFVaBkQXQk8XhBHQmoBCUBCagFWBEloFFR2QmoBEF0JbgVCByV9A1dMUWwUVHZCag-EVQkJrcFYEUnYBThFVaFYCVww3FFVyVWgAVwRWaABCBlc+WBVRATdJQgYhaQFSGld+RFoF
IP 143.204.42.228:0
File type ASCII text, with very long lines (471), with no line terminators
Hash 4f137028969218a4b852499590df67a5
4fe68a8e0be3f32723b6e328f68ffbb1ee4c7e2d
2180ced9cb99b26303ac4b00d759a00aae0d64fa153e20534ebe1b49af6f9a02
GET /cZ1gxZzQEN18BCxMxVVoMVW0IVgVBMkIIWhdlRBJXFz9oM2JSNkFBQB08DFcSCzlfAAlBPV8ECVZ+UANWWmwXE0QIMwwSWgM9Vw5aAjwXElVaNV4dXQs0UEIGIW0fVxFVaBkQXQk8XhBHQmoBCUBCagFWBEloFFR2QmoBEF0JbgVCByV9A1dMUWwUVHZCag-EVQkJrcFYEUnYBThFVaFYCVww3FFVyVWgAVwRWaABCBlc+WBVRATdJQgYhaQFSGld+RFoF HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 364
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U3PqpOx-2wpzdqys6WoeEU_sTwg3E5xPFKTA-mnX7qMmVaD220cM1w==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a5cb85b1ac5aace4ca74b40ebb1b8209
ab60ee9ca56b580e9252d4d8025fa6190808799e
8c651e358cd272e6bf83ea903d5f499d99731fbce2cbb290ba4c369467b97516
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C651E358CD272E6BF83EA903D5F499D99731FBCE2CBB290BA4C369467B97516"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21371
Expires: Tue, 06 Dec 2022 04:29:21 GMT
Date: Mon, 05 Dec 2022 22:33:10 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 280 B IP 172.64.155.188:0
Hash fe81538e07b7c219a0618e8bc273b676
e81a88a41f02c8ed7e7ce9bae321be31c467509b
55ca09955297fe3f54eb5025f0818765fb440ccdbc6586bab872cf51f61f5e08
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:10 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 21:53:51 GMT
Expires: Fri, 09 Dec 2022 21:53:50 GMT
Etag: "e81a88a41f02c8ed7e7ce9bae321be31c467509b"
Cache-Control: max-age=342639,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77503df08c60fab8-OSL
imp9.bidgear.com/rec?t=1&z=6192&uuid=7cb9c9879e894af3a47807cb1ae695c9&p=61&g=NO&token=4a44335432&tbg=1670279590
104.26.2.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=7cb9c9879e894af3a47807cb1ae695c9&p=61&g=NO&token=4a44335432&tbg=1670279590
IP 104.26.2.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=7cb9c9879e894af3a47807cb1ae695c9&p=61&g=NO&token=4a44335432&tbg=1670279590 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zS3rQFqwJ8Bhz55byDwfN7Ia1JEJVPla%2Ba9gfe%2FTY2R5y0jl2S%2Bb3beNTMkiNjcYzknZZRWjl8bi46TfqweK6Q%2FosN4kTtxbXwjuznBxCT6B3f6aJ6Qrq%2BuOIEiTBOMTRgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df11d99b4f3-OSL
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:0
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/fOUVDN0daKi1ReE0sJwpwD3FyA3YfLzBYKUl4E0Y3cCgNXn5jIjBzN30oABEzQyF+B2FVJC1Qeh8gLVR6CGMiUyUEcWVDN1Yufl4pXDMtWiVcLCIRMlh4Llg9UCkvVmILA3YZdxx3cx8wUCsnWDBKYHEHKU1gcQd2CWtzEnR7YHEHMFArdQNiCgdmBXdBc3-cSdHtgcQc1T2BwdnYJcG0Hbhx3c1AiWi4sEnV/d3MGdwl0cwZiC3UlXjVcIyxPYgsDcgdyF3VlQnoI
143.204.42.228200 OK 601 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/fOUVDN0daKi1ReE0sJwpwD3FyA3YfLzBYKUl4E0Y3cCgNXn5jIjBzN30oABEzQyF+B2FVJC1Qeh8gLVR6CGMiUyUEcWVDN1Yufl4pXDMtWiVcLCIRMlh4Llg9UCkvVmILA3YZdxx3cx8wUCsnWDBKYHEHKU1gcQd2CWtzEnR7YHEHMFArdQNiCgdmBXdBc3-cSdHtgcQc1T2BwdnYJcG0Hbhx3c1AiWi4sEnV/d3MGdwl0cwZiC3UlXjVcIyxPYgsDcgdyF3VlQnoI
IP 143.204.42.228:0
File type ASCII text, with very long lines (836), with no line terminators
Hash 46d4667e49cb9fd4817d4dc83731cf15
d6f81e224850620883b9510f44b7e824a7c335f0
f19ff81c4f97cfe674bc1c60b33da16ff27a2b99700e19d99722dc30388e14b2
GET /fOUVDN0daKi1ReE0sJwpwD3FyA3YfLzBYKUl4E0Y3cCgNXn5jIjBzN30oABEzQyF+B2FVJC1Qeh8gLVR6CGMiUyUEcWVDN1Yufl4pXDMtWiVcLCIRMlh4Llg9UCkvVmILA3YZdxx3cx8wUCsnWDBKYHEHKU1gcQd2CWtzEnR7YHEHMFArdQNiCgdmBXdBc3-cSdHtgcQc1T2BwdnYJcG0Hbhx3c1AiWi4sEnV/d3MGdwl0cwZiC3UlXjVcIyxPYgsDcgdyF3VlQnoI HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 601
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7-KkRvfWb35D8wJLq3nCfDgX1zH62Y-ebRClCFl9noXnUfX4oAetuQ==
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
205.185.216.42200 OK 86 kB URL HTTP/2 cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (65020)
Hash 700d1de734b4979c4c3059b613e9d7b1
0a7d2ad10cba258cfc2e0376240852a4ae5f4012
2031fbefbf1b070dcf0ebb746438e628fdd59c7daac6952000ef9056b7294eb6
GET /prebid-video-7.22.0-2022-10-26.gz.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-encoding: gzip
content-length: 86507
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:24:00 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "700d1de734b4979c4c3059b613e9d7b1"
cache-control: max-age=31536000
x-amz-request-id: tx0000000000001178867eb-00635934f6-34c6886a-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670279590.dop016.sk1.t,1670279590.cds238.sk1.hn,1670279590.cds218.sk1.c
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 05 Dec 2022 20:46:55 GMT
expires: Mon, 05 Dec 2022 22:46:55 GMT
cache-control: public, max-age=7200
age: 6375
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d69ff04990cf145fb9c990ef594df3c
620b60961007c43da93fd24ff8bfade06943b926
aa36a39ff7e1724a518c35f6dcd1e9a8ff0526b9a57aecc097cfb7e38cdab728
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6018
Cache-Control: max-age=149165
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:59:15 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 401 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 6f65c3903764f6e908c94940d345c6e1
9194ab5844c7c4e08b074dd1d6e2556519363cde
2f7b4a5889a53a7fddade946a6eabda8674cd7c4e7453a92532e38a6bcc3c782
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 22:33:10 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1610449748%3A1670279590796041&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs1DY_p9f8yZ9OdJB5EyFCEno5DcvrYXvZ3472W4YtQLkyfSsXuHvj2FA-tYLPXIq8AR4yxWQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-vCuaxBiOGy6elfo6begoCA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
set-cookie: __Host-GAPS=1:LJwnUH_1zyIRfD1TN9Nsmpse5zo9Yg:Bztgy8TrLYwAGzB7;Path=/;Expires=Wed, 04-Dec-2024 22:33:10 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lameterthenhep.com/utx?cb=AmytqLO8YdZu&top=megaup.net&tid=761186
65.9.44.81204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?cb=AmytqLO8YdZu&top=megaup.net&tid=761186
IP 65.9.44.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=AmytqLO8YdZu&top=megaup.net&tid=761186 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 22:34:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: _WIS0Kw10RFFkEvEj3rISwme3akdyPcaJdP3GcsgddgY0mvgDU4JxQ==
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1784213995&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&ul=en-us&de=UTF-8&dt=Scarlet.Hollow.Episode.4.Early.Access.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=700250745&gjid=1042781895&cid=43663888.1670279588&tid=UA-108868042-1&_gid=1441915292.1670279588&_r=1>m=2oubu0&z=1637488604
142.250.74.14200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1784213995&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&ul=en-us&de=UTF-8&dt=Scarlet.Hollow.Episode.4.Early.Access.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=700250745&gjid=1042781895&cid=43663888.1670279588&tid=UA-108868042-1&_gid=1441915292.1670279588&_r=1>m=2oubu0&z=1637488604
IP 142.250.74.14:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1784213995&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&ul=en-us&de=UTF-8&dt=Scarlet.Hollow.Episode.4.Early.Access.zip%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=700250745&gjid=1042781895&cid=43663888.1670279588&tid=UA-108868042-1&_gid=1441915292.1670279588&_r=1>m=2oubu0&z=1637488604 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Mon, 05 Dec 2022 22:33:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 71a45d8a5362743aa24608a11f9d5cd8
4cdf403c8dd502021c4751c0e6356edfcb2c4b6f
bacbb522c01bbe210e502ed5c3f7af2ff7cbb24de26d0d0b38e0f213f3af8d24
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BACBB522C01BBE210E502ED5C3F7AF2FF7CBB24DE26D0D0B38E0F213F3AF8D24"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3085
Expires: Mon, 05 Dec 2022 23:24:35 GMT
Date: Mon, 05 Dec 2022 22:33:10 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 71a45d8a5362743aa24608a11f9d5cd8
4cdf403c8dd502021c4751c0e6356edfcb2c4b6f
bacbb522c01bbe210e502ed5c3f7af2ff7cbb24de26d0d0b38e0f213f3af8d24
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BACBB522C01BBE210E502ED5C3F7AF2FF7CBB24DE26D0D0B38E0F213F3AF8D24"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3085
Expires: Mon, 05 Dec 2022 23:24:35 GMT
Date: Mon, 05 Dec 2022 22:33:10 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 71a45d8a5362743aa24608a11f9d5cd8
4cdf403c8dd502021c4751c0e6356edfcb2c4b6f
bacbb522c01bbe210e502ed5c3f7af2ff7cbb24de26d0d0b38e0f213f3af8d24
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BACBB522C01BBE210E502ED5C3F7AF2FF7CBB24DE26D0D0B38E0F213F3AF8D24"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3085
Expires: Mon, 05 Dec 2022 23:24:35 GMT
Date: Mon, 05 Dec 2022 22:33:10 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 71a45d8a5362743aa24608a11f9d5cd8
4cdf403c8dd502021c4751c0e6356edfcb2c4b6f
bacbb522c01bbe210e502ed5c3f7af2ff7cbb24de26d0d0b38e0f213f3af8d24
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BACBB522C01BBE210E502ED5C3F7AF2FF7CBB24DE26D0D0B38E0F213F3AF8D24"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3085
Expires: Mon, 05 Dec 2022 23:24:35 GMT
Date: Mon, 05 Dec 2022 22:33:10 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 71a45d8a5362743aa24608a11f9d5cd8
4cdf403c8dd502021c4751c0e6356edfcb2c4b6f
bacbb522c01bbe210e502ed5c3f7af2ff7cbb24de26d0d0b38e0f213f3af8d24
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BACBB522C01BBE210E502ED5C3F7AF2FF7CBB24DE26D0D0B38E0F213F3AF8D24"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3085
Expires: Mon, 05 Dec 2022 23:24:35 GMT
Date: Mon, 05 Dec 2022 22:33:10 GMT
Connection: keep-alive
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.74200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2791)
Size 127 kB (126620 bytes)
Hash f641dae66d812e803cbfc91d689e2ea8
96372a7ba661528d13bc774536d04ab3e03b82d6
e78b718ac77697fbb92e88ac394141adc4e016830eb04d53279238cbcd65435b
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126620
date: Mon, 05 Dec 2022 22:33:10 GMT
expires: Mon, 05 Dec 2022 22:33:10 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
143.204.42.228200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 143.204.42.228:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _3pu6ItFGmNmymILnn8tn5RMImiNFNfCrh45ezJ5fsuSgvye1gGFKA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lameterthenhep.com/utx?cb=kxAgG2GQbdzR&top=megaup.net&tid=825911
65.9.44.81204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?cb=kxAgG2GQbdzR&top=megaup.net&tid=825911
IP 65.9.44.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=kxAgG2GQbdzR&top=megaup.net&tid=825911 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 22:34:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: gVGSqGf2Gl1uUuwCPDoawC5bmxxvOZvZTa9G5Z1dj4IkYiWYIfNDFA==
X-Firefox-Spdy: h2
lameterthenhep.com/utx?cb=S2XHG5a8kQwS&top=megaup.net&tid=876318
65.9.44.81204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?cb=S2XHG5a8kQwS&top=megaup.net&tid=876318
IP 65.9.44.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=S2XHG5a8kQwS&top=megaup.net&tid=876318 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 22:34:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: Al6TCUDSWsNSh0aVeaGL5QbXgU2WUHEf_AcIkjJUjOimXRMT8uaYsg==
X-Firefox-Spdy: h2
lameterthenhep.com/utx?cb=guFonTDptoPP&top=megaup.net&tid=764141
65.9.44.81204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?cb=guFonTDptoPP&top=megaup.net&tid=764141
IP 65.9.44.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=guFonTDptoPP&top=megaup.net&tid=764141 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:10 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 22:34:10 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: gz1DzU8W7ognVoIA1tHY8jpDEw7ztnty35Yo5TyZfol4JiUvhpAPKQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6018
Cache-Control: max-age=149165
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:10 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:59:15 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
lameterthenhep.com/utx?tid=832633&top=megaup.net&cb=QeK92rx9RZQg
65.9.44.81204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?tid=832633&top=megaup.net&cb=QeK92rx9RZQg
IP 65.9.44.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=QeK92rx9RZQg HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 22:34:11 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: aBgi-nyhQ4n4d4m1L4MDA1UkVhCX1XAgNOTIGqgap_aDaHhz-V1Jxw==
X-Firefox-Spdy: h2
megaup.net/sw.js?TWQ2NTUWRg4GB3tXBRcZb0YaF1N5AA8ABCgAGwYFfV0bAQ16AhsNU3tRGw0EL11XAgIoVQNWU29IFFdRKAIBBQZ0SVRWUH1JAgRQf0lUVFB%2ESQ4BUHlSVFAMdAYDVxdhRkVCF2FGWEFdKBNZR1kpExhXQDceFBkXfFQYABdhAldZRihIUFRZPgEaU1QhF1No
91.209.70.182200 OK 30 kB URL HTTP/2 megaup.net/sw.js?TWQ2NTUWRg4GB3tXBRcZb0YaF1N5AA8ABCgAGwYFfV0bAQ16AhsNU3tRGw0EL11XAgIoVQNWU29IFFdRKAIBBQZ0SVRWUH1JAgRQf0lUVFB%2ESQ4BUHlSVFAMdAYDVxdhRkVCF2FGWEFdKBNZR1kpExhXQDceFBkXfFQYABdhAldZRihIUFRZPgEaU1QhF1No
IP 91.209.70.182:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e78bb2982c63ddadbcdd29e5f06110d1
ae36db6e2d18a5c561989a6bd26fa76994097e63
0ea2c633f9fcfe11444c318605e348185c4e7f41b36545c686048979aa753481
GET /sw.js?TWQ2NTUWRg4GB3tXBRcZb0YaF1N5AA8ABCgAGwYFfV0bAQ16AhsNU3tRGw0EL11XAgIoVQNWU29IFFdRKAIBBQZ0SVRWUH1JAgRQf0lUVFB%2ESQ4BUHlSVFAMdAYDVxdhRkVCF2FGWEFdKBNZR1kpExhXQDceFBkXfFQYABdhAldZRihIUFRZPgEaU1QhF1No HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93; _ga=GA1.2.43663888.1670279588; _gid=GA1.2.1441915292.1670279588; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
213.239.209.209200 OK 583 kB URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 213.239.209.209:0
ASN #24940 Hetzner Online GmbH
Size 583 kB (582767 bytes)
Hash 1c07495c0e0443d236ecca7b8822b7f7
24925723f01520f79b326dc0b2ad74dd053f6672
d80aa1989f2e4a9066ac3be0d56987a13b3254b5d6c144c541f5dcab515850af
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1670279587833
34.200.59.30200 OK 89 B URL HTTP/2 api.purpleads.io/x/init?ts=1670279587833
IP 34.200.59.30:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0d87ef7e4d600d371efb20b85aad5249
c1ffdba7ff82c34dde36160a00417c2669dd8d3c
0922db680b6951385301ea921f64357700c286ed20d1a16beaf95ee8486d1b43
OPTIONS /x/init?ts=1670279587833 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 3261f86e-76b7-4039-87bb-93fcf7062e33
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 12 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
Hash 4ec76af6e60eaa8fe27e9ccff3254170
593e454698fdf9e16b464f1245c2ab5415ef1461
4c177dba96ca01998a3b429147abb90ee57f6d5d10d8a48d6c578c7c8fd5e030
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: lXEY89MlAsHHtW6DNYN4WgIuXWM5nHrfKW1pgG4yr6VZ5aDPPkCggAOsFxeFXI4qmU3G+8mgz571MePCEIyCtg==
date: Mon, 05 Dec 2022 22:33:10 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-7.22.0-2022-10-26.js
205.185.216.42200 OK 110 kB URL HTTP/2 cdn.psdn.xyz/prebid-7.22.0-2022-10-26.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (64899)
Size 110 kB (110489 bytes)
Hash 57c01fea38b0b55be8f8695b6c4988ff
4032cfd77db4cefcc38aedac4b9bbf9f4c51639e
b9f42206a1196365d65749aa3bececd05e35895c8608e7553d358132987191f9
GET /prebid-7.22.0-2022-10-26.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-encoding: gzip
content-length: 110489
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:07:08 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "57c01fea38b0b55be8f8695b6c4988ff"
cache-control: max-age=31536000
x-amz-request-id: tx00000000000010ab6e820-006359394f-34c5ae65-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670279591.dop016.sk1.t,1670279591.cds238.sk1.hn,1670279591.cds204.sk1.c
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&ts=1670279588100
34.200.59.30200 OK 1.8 kB URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&ts=1670279588100
IP 34.200.59.30:0
File type gzip compressed data, from Unix\012- data
Hash c97260a027017b39346f0cd312f26990
7ff085126d50fd04b85813fd21be58396206978b
ee311d19b0af9bf5d4072d362a03429cd02ce3c7506c92deca9dfe5ee63be88c
OPTIONS /x/b/?idx=0&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&ts=1670279588100 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 0c054374-a4d3-424d-9628-baad9d2b36d3
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20366
Expires: Tue, 06 Dec 2022 04:12:37 GMT
Date: Mon, 05 Dec 2022 22:33:11 GMT
Connection: keep-alive
pogothere.xyz/asd100.bin
172.64.173.27200 OK 103 kB IP 172.64.173.27:0
Size 103 kB (102903 bytes)
Hash 31b9f3edde28aa2a5ef3a3bd43ad710b
2a19d7d4499db0e2594ec6e2c617b33e3e9427da
805ef9fbc145cc0f2617a0342e1a759b9f7efe2b4f3036deeb8d360921074949
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMYts%2FJdyTlYUIl3VQF8ujySAr1R6aLrYP2E2D5975iB1H95nCKdr1iYvaSxytcXn4X%2F5Z0tt%2BWkHaGA2GaE1jdVmNd4mSqvbY4FBWAngctcA7TuC%2BgEQ7%2FYyAxDBuc5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df31b9d7314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18bbcbf84b00d3bc602830478ff1bd7f
1f25392db4cf3693259202b24e898f21093b8bf9
cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5790
x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvoEoUoAMFsxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WBNaNTgYQaDVlJqu2u341xYy_6zmr5LqmCD2BPjGPGgmAG20WNHyKw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
age: 2779
etag: "1f25392db4cf3693259202b24e898f21093b8bf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9838b65dde746487c806ee9739f8b222
1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hTx-BIZT_THNG5yNlQDL6LCM5lBs8ezZK8-5FMFiarpRfhmBu6pbTQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:51 GMT
age: 2840
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?ts=1670279588248
34.200.59.30200 OK 9.6 kB URL HTTP/2 api.purpleads.io/x/v/?ts=1670279588248
IP 34.200.59.30:0
Hash 05d6a80ebdc79726a5f7918e6da5f36e
ee569e52bafdaab33e598fa47a2eac1cbaf7a156
3f8e18aa306b9781c5aff6ddb5847c4b966f51a01c6fefaddfb9c7327f8b36cc
GET /x/v/?ts=1670279588248 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.0.23
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFhc251L1NjYXJsZXQuSG9sbG93LkVwaXNvZGUuNC5FYXJseS5BY2Nlc3Muemlw
Authorization: Bearer 3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 4ad0ef61-1144-436f-926d-dcfcccf24983
etag: W/"56f-Qj7mVAFKnEUOTPkIZz0WU3IF2Xo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 608271b2522dc7e726dd2ad4af7ffe02
8182a51b3060e7b6ffaf840c1c2ef50ab06abd10
dde60941a5eec5a314d4c7c7303188769ae810d9f84ba9ae9f088d0d107f59a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8424
x-amzn-requestid: 52481098-a257-4529-b85a-094d2bf39871
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuYEdKIAMFc9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-2b1f26e951823d4f1cd2507d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cq7s5taxMAwOO4vq776dk4842DfboBgSx5FnNfK2Ilcn8evZYaTfGQ==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "8182a51b3060e7b6ffaf840c1c2ef50ab06abd10"
content-type: image/jpeg
age: 2779
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-704191492%3A1670279590852360&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvaaVL-rq2_KN1yp5AHPQsNw0FBHaZzJGt4z17YGqTDB1pYAPTbPxchMACquGup2EsikVugRg
142.250.74.109403 Forbidden 9.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-704191492%3A1670279590852360&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvaaVL-rq2_KN1yp5AHPQsNw0FBHaZzJGt4z17YGqTDB1pYAPTbPxchMACquGup2EsikVugRg
IP 142.250.74.109:0
Hash 4892de53f001de88b670265fb94983f1
1b3f3c8b29170bf0a467465e7136a387629b570d
abdd9e3f2c65d3b2eac1737a6b21b60500108a9c8549d3d407be7507f0abe692
GET /v3/signin/identifier?dsh=S-704191492%3A1670279590852360&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvaaVL-rq2_KN1yp5AHPQsNw0FBHaZzJGt4z17YGqTDB1pYAPTbPxchMACquGup2EsikVugRg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 22:33:10 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-0G2MRSYWQDfLC2Ahz7tgCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: d80a0dd7-01ec-4801-a5b5-6a1b01eb1944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csTMSHsyoAMF6BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6581-177e519d6dbd1875555b0961;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:41:21 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KmaWXiNE4GPEU9-X5rhVcEsUak4C9m-mjdTCdFUFCPFj8f2uGwCvcQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
age: 2779
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a3c9679236e68e323a0f63bdba404745
c378193fe82679178d947e5b02a5f3c1d052313d
f09384df5ffcae048ae1a647747e51318c2ceb1caf7e418966e494d5ed358f8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:34 GMT
Expires: Sun, 11 Dec 2022 12:04:33 GMT
Etag: "c378193fe82679178d947e5b02a5f3c1d052313d"
Cache-Control: max-age=480081,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77503df51ebffab8-OSL
ntheworldw.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 382
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1058520
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9RjZQu9c62%2BRFGVDF89FBoffsxEus6EOzoYh4Xh0WrO%2B1t%2F04UbYXqrN%2BejQwhpF34Bjs3lvLXG%2Byn92BHsfJK1E19PomiGwJXBDzzPy4SqIV7AEvCyaXZDLhoK%2B%2FAJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77503df6bc4ab511-OSL
Content-Encoding: br
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93; _ga=GA1.2.43663888.1670279588; _gid=GA1.2.1441915292.1670279588; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 27 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 2c281011ad3d9faa7d29ef5505453133
8c0f10d4c63dcd51722723740af081ce5fe83849
a2130108be4e2b97a6e8288707b1ec4c5df63eefc3d94feafa189f142978e43d
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 05 Jan 2023 22:33:11 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 103105
vary: Accept-Encoding
server: cloudflare
cf-ray: 77503df6ae270af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 45a560af2d1a64d1f4bd1133e109612f
636beffd6cba7a6a53c7e742f9853524072a6d69
8af93f3cefa029d0b8f944881704f9b1dcf040b1b6d26bbb8dfd9ae0ef8b1f83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AF93F3CEFA029D0B8F944881704F9B1DCF040B1B6D26BBB8DFD9AE0EF8B1F83"
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19689
Expires: Tue, 06 Dec 2022 04:01:20 GMT
Date: Mon, 05 Dec 2022 22:33:11 GMT
Connection: keep-alive
lameterthenhep.com/multi?cs=b010ZHlbfEVVSl5%2FQFxMWnVNV0o&abt=0&red=1&sm=76&k=download%20file%20scarlet%20hollow%20episode%20early%20access&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1554302464812358&agec=1670279590&fs=1&mbkb=104.71204188481676&ref=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_WEWv=1670279588465&crc=1
65.9.44.81200 OK 1.6 kB URL HTTP/2 lameterthenhep.com/multi?cs=b010ZHlbfEVVSl5%2FQFxMWnVNV0o&abt=0&red=1&sm=76&k=download%20file%20scarlet%20hollow%20episode%20early%20access&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1554302464812358&agec=1670279590&fs=1&mbkb=104.71204188481676&ref=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_WEWv=1670279588465&crc=1
IP 65.9.44.81:0
File type ASCII text, with very long lines (3238), with no line terminators
Hash 645d6e4076c54bc8a33406d362c83e4d
dfb756b744e2cb0ed337f5a1f43f6e3602ecb2b7
ac5296b158bf1b50540b6c74ed6d76091aed41ca585de7ace172c454b4a8c027
GET /multi?cs=b010ZHlbfEVVSl5%2FQFxMWnVNV0o&abt=0&red=1&sm=76&k=download%20file%20scarlet%20hollow%20episode%20early%20access&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&u=1554302464812358&agec=1670279590&fs=1&mbkb=104.71204188481676&ref=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_WEWv=1670279588465&crc=1 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1582
date: Mon, 05 Dec 2022 22:33:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=b7616a50-d64f-4ca7-907c-cd6f280ed4a0
csu=1554302464812358
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: acq9Gxq5CCO6yS7ACAnxMsTYuQRPmimPQF907SM8vy-LbK_YPGNkcQ==
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 29 B IP 104.18.2.114:0
Hash 46ddbf77eeba8efb2f6edad75ac7d924
d412bd7ef9d25b4bdf6dba811bfcead79f2f8195
414fa86ea455a17b1d23d9bdf0c99d9b0332be7eeae2638cb00a72bc23ff7d63
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1934
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77503df6e8e60b4d-OSL
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 126 kB IP 172.64.173.27:0
Size 126 kB (125576 bytes)
Hash 444de362576b4bf688aefb7f2bf2c73a
8938eb70526d52c32a0e1eb41ee5a3819213669b
e52f6089f28b041e8ad3ebb23c94126537c44aa7d35373caebc231fce264826e
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzYtNTzgpo1IDLXrS6X2GI1tKtBdSDcEppkCqN%2FPfgP8UeBZu8TdlTmJztytPl%2BystXVUErtfi0VjrfI4SRA5UHw4O4GjGJ0BSgrodzx%2Bm6gHVp8%2BYQ4pL6VfgwN6O49"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df32bb37314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a3c9679236e68e323a0f63bdba404745
c378193fe82679178d947e5b02a5f3c1d052313d
f09384df5ffcae048ae1a647747e51318c2ceb1caf7e418966e494d5ed358f8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:34 GMT
Expires: Sun, 11 Dec 2022 12:04:33 GMT
Etag: "c378193fe82679178d947e5b02a5f3c1d052313d"
Cache-Control: max-age=480081,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77503df70e080b51-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 332921147ce2c4900737e94a727245e5
5541913d80e07db785708a394e9e0fed212227da
6a03c7de26b10f1761aaaba9f3af5568ec45e7c986a5e90b8f667af953a870fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1821
Cache-Control: max-age=101419
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:11 GMT
Etag: "638d53b5-1d7"
Expires: Wed, 07 Dec 2022 02:43:30 GMT
Last-Modified: Mon, 05 Dec 2022 02:13:09 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1031
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 05 Dec 2022 22:33:11 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a76195c327e24a6bbde147e87dd13e87
1bf2c34ddbb4ae77191c4042e508e1e20f4aabfb
710f409e159083f2c2df90b250fd12a36875c3fbbd9b53a93bdbe1a7c115293c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "710F409E159083F2C2DF90B250FD12A36875C3FBBD9B53A93BDBE1A7C115293C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3230
Expires: Mon, 05 Dec 2022 23:27:01 GMT
Date: Mon, 05 Dec 2022 22:33:11 GMT
Connection: keep-alive
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 463
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:11 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eeda3604908166775b47b9e4d9944b36
6702a1c3fcf5f79a8c142c7f4dea561eee59f3a4
95246d818d8868920fb8922acac422f78286362814ed6c4ad75451c74abdf165
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1886
Cache-Control: max-age=101861
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:33:11 GMT
Etag: "638d552e-1d7"
Expires: Wed, 07 Dec 2022 02:50:52 GMT
Last-Modified: Mon, 05 Dec 2022 02:19:26 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0abbbebf263beef0c5113a3ef633367e
40725a5d55caaf2d6d486a6d426e7a85bca5c680
f6e3815bb917523aec6618369dd5e59f8a4d23df95a76d4a5731b13d08d392bd
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1014
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:11 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
AN-X-Request-Uuid: a40ad1ad-50fd-42cf-9b47-57ecdd335c8c
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMKfjuZwGOAFAAUgBEKfjuZwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 22:33:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2315958646241662853; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 22:33:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
213.227.153.222204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP 213.227.153.222:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 541
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 92464220e27c2ad896e9e146d126c874
fed2f080d6c64a88ce0dc536e739878efbfa5c0a
a0dd715e70b1feaa45841ba05bff7713c6af00d876b653f20f57a6e04945faa2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 07:45:25 GMT
Expires: Sat, 10 Dec 2022 07:45:24 GMT
Etag: "fed2f080d6c64a88ce0dc536e739878efbfa5c0a"
Cache-Control: max-age=378132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77503df6dfc4fab8-OSL
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77503df81c2cb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 732da84d0f02b079717f6196a91b0cbf
4aa26ee061153de217cd0098217e5f0b9a19e48c
80a09e5996432d95c843d9cdedc5e2ce3a2b7d42936674b76524af0f54de7142
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140959
Date: Mon, 05 Dec 2022 22:33:11 GMT
Etag: "638deb8b-1d7"
Expires: Wed, 07 Dec 2022 13:42:30 GMT
Last-Modified: Mon, 05 Dec 2022 13:00:59 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tMpmc4Gzl6P6KuwoShX50XFhABb3WhWqIbfwJP424PuDHWXfUiO8TQ==
Age: 2491
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 47b385abd0350f2068c3e97294ba7933
44a4d7270f6948106cf3c910ecf99742b89dad5a
95c99aa47761b292309183cec1c3351e778da912c61e96156ebdaca881eb8e51
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 22:33:11 GMT
Last-Modified: Mon, 05 Dec 2022 22:02:34 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: glT6X72zlTzOY34Pe-EsduohGjHLfKEAOPlrg2XowmK1idz5RdHBwQ==
Age: 1837
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&tmax=3000
35.158.19.152200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&tmax=3000
IP 35.158.19.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 522
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.6074513200451116&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip
185.172.90.252200 OK 63 B URL HTTP/2 pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.6074513200451116&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip
IP 185.172.90.252:0
ASN #49981 WorldStream B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash e42fa16b70b901e3ebd7bdcdbe9a700b
347d67a79ec376313ce3ed24e47545d0f243d09b
1bd2cc7014a81b95de8cd39a139d2053216fb7a5bee9bddce9e9344361799b04
GET /hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.6074513200451116&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Content-Type: text/plain
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/json
access-control-allow-credentials: true
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires: Mon, 05 Dec 2022 22:33:11 GMT
content-length: 63
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, no-cache
x-sid: AMS-928
X-Firefox-Spdy: h2
lameterthenhep.com/floater?cs=eEcwWDVOfgNvAk51A2oBT38CagY&abt=0&red=1&sm=83&k=download%20file%20scarlet%20hollow%20episode%20early%20access&v=0.8.15.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1554302464812358&agec=1670279590&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=104.71204188481676&ref=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_INgr=1670279588464&crc=1
65.9.44.81200 OK 5.1 kB URL HTTP/2 lameterthenhep.com/floater?cs=eEcwWDVOfgNvAk51A2oBT38CagY&abt=0&red=1&sm=83&k=download%20file%20scarlet%20hollow%20episode%20early%20access&v=0.8.15.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1554302464812358&agec=1670279590&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=104.71204188481676&ref=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_INgr=1670279588464&crc=1
IP 65.9.44.81:0
File type ASCII text, with very long lines (7695), with no line terminators
Hash 511104b738866cf72a6c37960cc03896
f69f92a6dc91fa89f0caf65a9b43547ea355ee1f
52bd9e44b5bfe0d74c83ecfb6facaf4db59bb51c47cccafde7a1220f008af817
GET /floater?cs=eEcwWDVOfgNvAk51A2oBT38CagY&abt=0&red=1&sm=83&k=download%20file%20scarlet%20hollow%20episode%20early%20access&v=0.8.15.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&u=1554302464812358&agec=1670279590&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=104.71204188481676&ref=https%3A%2F%2Fmegaup.net%2F1asnu%2FScarlet.Hollow.Episode.4.Early.Access.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_INgr=1670279588464&crc=1 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 5100
date: Mon, 05 Dec 2022 22:33:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=bcde5c4c-ce87-4134-9966-b53bc1355feb
csu=1554302464812358
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6be22242aae4af4e7e7512e5e8fcb512.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: GetNg85ViIqsF-v6V2WFaVge7izJJHxrUjZhUkBIoMnNeVot6GKRBQ==
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
3.224.217.10200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 3.224.217.10:0
File type JSON data\012- , ASCII text
Hash 3f71fb8e338a14ef71acf829040ce4f6
0871d3e6fcfdcb93f5feb1e83c8f4f637e0012cb
974664c61cd5094dacc739e763c6955c162406f71cddbfe1e11de16c02f536c8
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1048
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://megaup.net
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Mon, 05 Dec 2022 22:33:11 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1058520
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4UhjsMTUK6D3tGcpUK1cUwAK99k843Y5u9s7cIwFJyzQOBfCgr%2FtQvhC%2FqmzNJCPUU4%2FXSoeJCScrPXetg8Mmr%2BPilQ9C%2Bc5dwLfuNyULzB80a9YSyZbNmtwDakAZ4E"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77503df98f3bb511-OSL
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1156
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 05 Dec 2022 22:33:11 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2052
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 22:33:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77503df9ab240b4d-OSL
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.8.169304 Not Modified 0 B IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Mon, 05 Dec 2022 22:33:11 GMT
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1141119
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NeJPIWKSajQfa0Bj7E2TOmVvlaKBUt4C1zFpdLW6xGeR7VC2q0dmdagJTO46z4spQmH2lSRosRg%2FBn1L3%2B%2FcCkqgRyfU8uSZcCKvzXTpj3YhTr65g5Do7qTiIQX%2Fe6I"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77503df9d9acfabc-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0242539154ad5577482c101495485973
c003cb834ab389a553c9b859b6cf8786d7bb0496
532ad07db92ef70173355bd7c7ca4fefd644821793196a7dbb58801351504248
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "532AD07DB92EF70173355BD7C7CA4FEFD644821793196A7DBB58801351504248"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6558
Expires: Tue, 06 Dec 2022 00:22:30 GMT
Date: Mon, 05 Dec 2022 22:33:12 GMT
Connection: keep-alive
ntheworldw.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 353
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
3.224.217.10200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP 3.224.217.10:0
File type JSON data\012- , ASCII text
Hash 10ff15ce3cc0cb514515373b08528dc4
5ca7925378c81623f1b908a72c5019d99de3d7ef
e17d68b5a1bc4dc6d86c906d5267938bbd89445eecc9db9e397e82a08b14d9cd
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1037
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://megaup.net
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 36f509e5ddf41cb82fb51951eb10cb25
ade7c32bb37e35ec39b566c17d3e00def039ca64
4f768c26dab8e60b5e17bcc6ef647d7da95b4d98b1fdd92d0b4b174e8652198f
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 857
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
AN-X-Request-Uuid: 44eaae57-aadd-40ab-a770-91d73375136d
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMKjjuZwGOAFAAUgBEKjjuZwGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 22:33:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1309278509663161921; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 22:33:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ntheworldw.buzz/
52.20.131.174200 OK 0 B IP 52.20.131.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 348
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
tpdvfsquunur.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 tpdvfsquunur.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tpdvfsquunur.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:12 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
api.purpleads.io/x/v/?demand=unifiedPb&ts=1670279589301
34.200.59.30200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?demand=unifiedPb&ts=1670279589301
IP 34.200.59.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v/?demand=unifiedPb&ts=1670279589301 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:12 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: c1a9eea4-ef6f-4fb2-9f9e-2c4cd1851392
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 130 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash b6a33d7a01f9e904a98e14cecb5ba636
d0469fbae64fedf4cb42f314267a2e561395c337
b91addb2e4b2280b7c8edef09f068f77ac767762204abfd765492a13da764618
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Length: 1961
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 22:33:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
api.purpleads.io/x/b/?idx=1&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&demand=unifiedPb&ts=1670279589232
34.200.59.30200 OK 122 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&demand=unifiedPb&ts=1670279589232
IP 34.200.59.30:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6281b48319f37353afa091c98d2eb959
4ed3cb7749c9e8eaf444c499185ded78e9310180
bff16e76640f2f68d89f3eb8992524dee9404b49357e0b027bdaa4b28d6ab5fd
GET /x/b/?idx=1&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&demand=unifiedPb&ts=1670279589232 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.3.2
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFhc251L1NjYXJsZXQuSG9sbG93LkVwaXNvZGUuNC5FYXJseS5BY2Nlc3Muemlw
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:12 GMT
content-type: application/json; charset=utf-8
content-length: 122
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 4ff83a75-5dcc-4f34-9e42-c9349a3b3ee0
etag: W/"7a-TtPLd0nJ6Or0RMSZGF3teOkxAYA"
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d2ac700f4345b8a632a29fa9fd8dceee
4a5924b0a38471ee69b22e6f801641d56062311b
ca893ca35eb16dceef8e0754927fb6579daa6b41d30ddf264b8b80b81832f9fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA893CA35EB16DCEEF8E0754927FB6579DAA6B41D30DDF264B8B80B81832F9FE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16354
Expires: Tue, 06 Dec 2022 03:05:46 GMT
Date: Mon, 05 Dec 2022 22:33:12 GMT
Connection: keep-alive
ntheworldw.buzz/R09Cam8cbXpZXXF8cUhDZW1uSAlzK3tfXiIrb1lfd3ZvXldwKW9SCXF6b1JeJXYjXVgifncJCWVjYAgLIil1Wlx%2BYiAJCndidlsKdWIgCwp1YnpeCnN5IA9Wfi13CE1rbTEdTWttLB4HIjgtGAMjOGwIGj01YEZNdn9sX01rKSMGHCJjJAsDNCpuDA4rPCc3
52.20.131.174200 OK 13 kB URL HTTP/2 ntheworldw.buzz/R09Cam8cbXpZXXF8cUhDZW1uSAlzK3tfXiIrb1lfd3ZvXldwKW9SCXF6b1JeJXYjXVgifncJCWVjYAgLIil1Wlx%2BYiAJCndidlsKdWIgCwp1YnpeCnN5IA9Wfi13CE1rbTEdTWttLB4HIjgtGAMjOGwIGj01YEZNdn9sX01rKSMGHCJjJAsDNCpuDA4rPCc3
IP 52.20.131.174:0
File type ASCII text, with very long lines (33861), with no line terminators
Hash 53d4abcd3275fc7e597aafc8c79fabab
e4f568e8c2af9a3c157dfcc68e43e2321268eaa2
9a79209bfebc89d5db8f48a8eb18f8fc3b718fe1df7fd19ce9e0d72444612333
GET /R09Cam8cbXpZXXF8cUhDZW1uSAlzK3tfXiIrb1lfd3ZvXldwKW9SCXF6b1JeJXYjXVgifncJCWVjYAgLIil1Wlx%2BYiAJCndidlsKdWIgCwp1YnpeCnN5IA9Wfi13CE1rbTEdTWttLB4HIjgtGAMjOGwIGj01YEZNdn9sX01rKSMGHCJjJAsDNCpuDA4rPCc3 HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 7bb2392857a5151fed5eed2b38b9a3ee=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-kUAorVGZThKCbdReRD/5nQblhHU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc5c3b63f06cc0b63a75d28961c0bc5b
0276b49e1d0bc604e0c8c5f27011197bc316eeb8
b6992f87f478ef0c2325dfc1b1c63244a1048a6e4355e51fbdd50ddef6a21f61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6992F87F478EF0C2325DFC1B1C63244A1048A6E4355E51FBDD50DDEF6A21F61"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8211
Expires: Tue, 06 Dec 2022 00:50:05 GMT
Date: Mon, 05 Dec 2022 22:33:14 GMT
Connection: keep-alive
imgdelnw.com/ie?v=4&c=C5xG-PKDyu0usd_JpD-ufsgFX8q-RGmnn1PmeEaUAb5fJStthe92MDwgwHjyYp9BooltM1BfS5umvds-OdO6t8tB5Q9n_va1MxTVmilxhFTUmOE_02BDoX-Crwv6oKGDl6HHvkNxQOlk9a0PLiwMoL_uouGKNgPvQiZsswXDZrIZisXWeXpjrdNdZ2wnUmwFi6Uys31ZFDvIwCxn2lWMDczTIitinuD709BCkiITBTKpis8PqCW6P4u5Q88yZRDbNynyG9Vq-0H4BopYY8YjKDEG_iSPeemLLP2kiyz_zRrqFqGY74ybeZTvM0sTe36E_K33fWGpmTFsIq1MoTj0YwzqRsbzIZ73h5dE70n_KvMbdduXpNeAOlMcVncDmY3Pw7nrpti83pkjhJWeuHPjoWBWUERjE8v_NhwesRJa8c4=&v1=79&v2=70395
157.90.94.146301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=C5xG-PKDyu0usd_JpD-ufsgFX8q-RGmnn1PmeEaUAb5fJStthe92MDwgwHjyYp9BooltM1BfS5umvds-OdO6t8tB5Q9n_va1MxTVmilxhFTUmOE_02BDoX-Crwv6oKGDl6HHvkNxQOlk9a0PLiwMoL_uouGKNgPvQiZsswXDZrIZisXWeXpjrdNdZ2wnUmwFi6Uys31ZFDvIwCxn2lWMDczTIitinuD709BCkiITBTKpis8PqCW6P4u5Q88yZRDbNynyG9Vq-0H4BopYY8YjKDEG_iSPeemLLP2kiyz_zRrqFqGY74ybeZTvM0sTe36E_K33fWGpmTFsIq1MoTj0YwzqRsbzIZ73h5dE70n_KvMbdduXpNeAOlMcVncDmY3Pw7nrpti83pkjhJWeuHPjoWBWUERjE8v_NhwesRJa8c4=&v1=79&v2=70395
IP 157.90.94.146:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=C5xG-PKDyu0usd_JpD-ufsgFX8q-RGmnn1PmeEaUAb5fJStthe92MDwgwHjyYp9BooltM1BfS5umvds-OdO6t8tB5Q9n_va1MxTVmilxhFTUmOE_02BDoX-Crwv6oKGDl6HHvkNxQOlk9a0PLiwMoL_uouGKNgPvQiZsswXDZrIZisXWeXpjrdNdZ2wnUmwFi6Uys31ZFDvIwCxn2lWMDczTIitinuD709BCkiITBTKpis8PqCW6P4u5Q88yZRDbNynyG9Vq-0H4BopYY8YjKDEG_iSPeemLLP2kiyz_zRrqFqGY74ybeZTvM0sTe36E_K33fWGpmTFsIq1MoTj0YwzqRsbzIZ73h5dE70n_KvMbdduXpNeAOlMcVncDmY3Pw7nrpti83pkjhJWeuHPjoWBWUERjE8v_NhwesRJa8c4=&v1=79&v2=70395 HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Mon, 05 Dec 2022 22:33:13 GMT
content-length: 0
location: https://img.vmmcdn.com/get/11103762/230376_icon.png
x-app-id: 13
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aa73532fb2ec26218b9fb408b6bab276
b765e2ee25f8ec2d39350b5f8112ddd1f27b152c
8a4aecba52f977c49d3ce819780553753e3361a73b44a5276fcb3d7d80ad297f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8A4AECBA52F977C49D3CE819780553753E3361A73B44A5276FCB3D7D80AD297F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7931
Expires: Tue, 06 Dec 2022 00:45:25 GMT
Date: Mon, 05 Dec 2022 22:33:14 GMT
Connection: keep-alive
img.vmmcdn.com/get/11103762/230376_icon.png
46.4.121.113200 OK 79 kB URL HTTP/2 img.vmmcdn.com/get/11103762/230376_icon.png
IP 46.4.121.113:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 90201193c59a434af87f0a11a30e19ab
cfece720f6553dbd9b78bb446a67f7ee9869be44
6f55f84338ea8b5ffa3314cb2fca1884ae1b3f78041ea3f9ac297ebf76b71739
GET /get/11103762/230376_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.1
date: Mon, 05 Dec 2022 22:33:14 GMT
content-type: image/png
content-length: 78953
last-modified: Mon, 05 Dec 2022 12:03:22 GMT
cache-control: public, max-age=604800
etag: "638dde0a-13469"
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 103 kB IP 172.64.173.27:0
Size 103 kB (102959 bytes)
Hash 11c879d768831a3cdb42b3d3cc8f424f
d15ea87505d03dc1b4dec9f77957521014a5c379
d0989d32051ecdb2a362cee668dd7d287431a71addf9b795723970f3b906af4f
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgfWtJTlnDpBurtKi4ouRabxPNDbv3QhoAZZBZxlkLxdsFm8RJp5kJQ5Bfk9xXjDH4D0Cd%2BqNVeUIkEj4JBcn4Taa9hxJ4goAA3YH0uAmx%2FwGChMYmDBUp8gdmy5rBtx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df31bab7314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
2.18.172.187200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 2.18.172.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 06 Dec 2022 22:33:17 GMT
Date: Mon, 05 Dec 2022 22:33:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
2.18.172.23200 OK 8.2 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP 2.18.172.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash afdbbbf58678a5d787afe7dd1b697eca
1e39091e0ab41dbb8c8d85e0f49d9c4fba5b3148
f6b03b8bf1594d80e14c4795932c701728f5b3debd15f47f4d605b84f72ac162
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=132596
expires: Wed, 07 Dec 2022 11:23:11 GMT
date: Mon, 05 Dec 2022 22:33:15 GMT
content-length: 8209
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 278 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 659f01ba6f82722266fdb59da503b5b1
dcdd33e38d295ad43328f72b3cdf8f196e4e39cc
62139074159b654b914c0284e45bc8570dd34e013ad21efaa8892cedd086bfd1
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
eb2.3lift.com/sync?
76.223.111.18200 OK 37 B IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:15 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 4e50c58d-8a8a-447f-8756-658e791a41ab
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: c6105294-224a-454b-bc1b-38fd3b185a41
Set-Cookie: uuid2=7261090485292729748; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 22:33:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 18204ad7-9581-4775-81a5-83087d73738a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 8176494e-b4e6-489f-ae68-387a8da12b7e
Set-Cookie: uuid2=5705814504548667055; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 22:33:16 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: aeb64683-03cb-4f9b-8379-c249eb565f6a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 971851e5-ba45-44aa-b946-851916e7b098
Set-Cookie: uuid2=3105817245907024974; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 22:33:16 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 22:33:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: d275c36e-869f-4adb-93fa-f5f82cc0c1aa
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93; _ga=GA1.2.43663888.1670279588; _gid=GA1.2.1441915292.1670279588; _gat_gtag_UA_108868042_1=1; a=keTlKuiiN4e8wpkNlcoNbw1GOynZarI2; token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAY45xqAFjjnGogAGBAcAAIHm9Y3fb8iLo-MGAgpHb2Ldn46yl9vvq12GDp76AmAYhwQAghReMR9q3thyxhJebxtOBrdCdeU66gl2itW3LwNkVc7U
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:16 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1236
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 05 Dec 2022 22:33:11 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: text/plain
set-cookie: csu=945455609537832@1@1670279591; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUMfB6OGi18IeiliJd3yndRvvHsfbWro2xG6Drx7L9%2Bo8Mfo8tSbPOla3jtBqSR%2FtpDfvkJv%2BJRutkQr8OU7EkBGKQpU3anyUSRCXjyHsPc47MG8ZdvPE9tBwOC8jhWX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df3dc997314-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&demand=unifiedPb&ts=1670279589232
34.200.59.30200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&demand=unifiedPb&ts=1670279589232
IP 34.200.59.30:0
OPTIONS /x/b/?idx=1&pid=30079a5a92d9445bbdd8803169bdd78d&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=4acc4605-26ab-4844-aa8c-39127bd3addd&demand=unifiedPb&ts=1670279589232 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:12 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 70bc7454-1d9b-4ce4-8531-1ab0d289b9d9
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
IP 91.209.70.182:0
GET /1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=luk3qtdcsc9or0job7irt9uu93; expires=Tue, 06-Dec-2022 22:33:09 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
societingna.info/dW9xTXEOTQI6LgAdHW9LVwcFOQEGVV5iHBAIEDgBWwEUOV4GGF8nAldDUz4cE01LfF1XGxAqLhwLU3dTTVxDe0JGTV1vAgANLiQVR01LbxdBC0h4QBALXH5BRVZceUlCCVx1F0NaXHVAF1YQekYQXkQuF1cS
54.162.51.18200 OK 0 B URL HTTP/2 societingna.info/dW9xTXEOTQI6LgAdHW9LVwcFOQEGVV5iHBAIEDgBWwEUOV4GGF8nAldDUz4cE01LfF1XGxAqLhwLU3dTTVxDe0JGTV1vAgANLiQVR01LbxdBC0h4QBALXH5BRVZceUlCCVx1F0NaXHVAF1YQekYQXkQuF1cS
IP 54.162.51.18:0
Analyzer Verdict Alert fortinet Malware
GET /dW9xTXEOTQI6LgAdHW9LVwcFOQEGVV5iHBAIEDgBWwEUOV4GGF8nAldDUz4cE01LfF1XGxAqLhwLU3dTTVxDe0JGTV1vAgANLiQVR01LbxdBC0h4QBALXH5BRVZceUlCCVx1F0NaXHVAF1YQekYQXkQuF1cS HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: faf75b910caf589c0ef98d5a5ab0c65e=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0f4-7Y2Q+0+DuMCD0zG/ni6/9zJLa3A"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EOYuVXdk7AcyZmobg1p3tcUiaPhAhZGlOFx5XXg1DG1KFZK4cv8f50630LJiQ4CHKR%2FR%2F%2FeWIqk3%2FynVWlPHZWKjrHfifzzvUnBesHecz3Q7asBJhDwL20lNULlBp3N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df32bbf7314-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1205
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 05 Dec 2022 22:33:11 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
104.16.159.17200 OK 0 B URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP 104.16.159.17:0
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Mon, 05 Dec 2022 22:31:13 GMT
cf-cache-status: HIT
expires: Mon, 05 Dec 2022 22:48:11 GMT
server: cloudflare
cf-ray: 77503df32e68b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1asnu/Scarlet.Hollow.Episode.4.Early.Access.zip
Connection: keep-alive
Cookie: filehosting=luk3qtdcsc9or0job7irt9uu93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:33:09 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.173.27200 OK 0 B IP 172.64.173.27:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 22:33:10 GMT
content-type: text/plain
set-cookie: csu=1554302464812358@1@1670279590; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPzF%2Fep2ofEx%2FK4rKxe0xEEI9XUrcb1Qo6i%2B8sMsBQgmzje%2F5dns78r1zV2WIY%2Fi7CpfPOfk%2B3yrwP1k8uxK74WzPVScvvv6UowFwgor12BZ8ne8zloQxKm1usrXAtll"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77503df31bae7314-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2