megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 30 Nov 2022 18:45:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5567
Expires: Wed, 30 Nov 2022 20:18:32 GMT
Date: Wed, 30 Nov 2022 18:45:45 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5645
Cache-Control: max-age=148779
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:45 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 12:05:24 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 18:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1564
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5811
Expires: Wed, 30 Nov 2022 20:22:36 GMT
Date: Wed, 30 Nov 2022 18:45:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sBqT+A6Z7dtpg6XV24aDRZYxHLWJOactcZtWKIq71nT6/UUh4DlZPVC5gPRcKd+WAKzMwm8V2/A=
x-amz-request-id: EY2A4TCESXTPYK80
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 18:45:20 GMT
age: 25
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 18:08:56 GMT
cache-control: public,max-age=3600
age: 2209
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash e1fafedd1b88b2a7c58f1cbfbe322f7e
7b5b262a0293472a8dc7511a15f45e4a961de18e
357e261bd94bf837ef26a633dbe0ddbea470c6f0118e170127e769a90072d733
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:45:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 23:25:47 GMT
Expires: Mon, 05 Dec 2022 23:25:46 GMT
Etag: "7b5b262a0293472a8dc7511a15f45e4a961de18e"
Cache-Control: max-age=448200,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7725bdededa5b4ee-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5625
Cache-Control: max-age=143691
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:45 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:40:36 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/images/loading_small.gif
200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
File type ASCII text, with very long lines (1921)
Hash 164b5504e260823dfc0553aeb3595219
a25f33fa22561c04bac1ca73d9f4e84ca3f6ebec
bd3b8796a62fd88f14bcf602ba68567878be514f3fde163ac281f5a17e5ef17e
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 18:45:46 GMT
expires: Wed, 30 Nov 2022 18:45:46 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
200 OK 8.1 kB URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (8746)
Hash b6f5133d57a2190e53f895ce3de3846d
1054f589010a4742c171bf3dc7184ca75f5e080e
8d7d0b93e5b873dec7c1bfc94a2da6be2966ab2ee429de1f5ac2bd8356088ee5
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP
File type Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Hash 99ac81a158028ac2023fb3350d2497e7
f08c12c91ab29282a616c3ba8e533f49b5b433ca
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
200 OK 21 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4FdBEvAZBT3/75oH4kmvpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MbO0MBFdOvLFI88+INwBj2D+BPg=
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
200 OK 190 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 190 kB (189471 bytes)
Hash a9a5eeb7c4038c268edc9248522ea2c8
67696afc627300b6903381121f400b79f0337355
36a1c196d997cb9da2e596d3e40ad7ebbce52a68dc4208417aaf1aaf69ee804e
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 189471
date: Wed, 30 Nov 2022 18:45:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u0lJhI4Hev1rUBjm6vgfNPUe6jeGh-vMAywE1RMm3uXibiDpNvh43w==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
200 OK 5.7 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash 6b097cbffad5cad0fa87488eb6a148c2
4d69130d5929a62bf07776429b254e7d03def337
4972944d3fedff8fb3f93c69f56c231aa63e3d0820e2cb5591c50fa8aa892fd8
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 18:45:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 01-Dec-2022 18:45:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Thu, 01-Dec-2022 18:45:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 45abdea873f7e2719b5a8087be25fe14
37e70f148c5ee889b98922063f93c3c00d7d3307
41730c95379a8f18ae1209d93ca1ed45b1d5f69365c4776e866ae4808d9f633a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41730C95379A8F18AE1209D93CA1ED45B1D5F69365C4776E866AE4808D9F633A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Thu, 01 Dec 2022 00:45:33 GMT
Date: Wed, 30 Nov 2022 18:45:46 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/css/responsive.css
200 OK 1.6 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
File type assembler source, ASCII text
Hash ebb8af0031f35d4dc5dbebc24566d4f4
ae96025282d1a8314b2d319d66f9b113e6b355c0
753ac75008d883b3e61ea788a2ea985f3e8d9a20a182e35f968a7e5e1fcc3b05
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 18:45:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 01-Dec-2022 18:45:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Thu, 01-Dec-2022 18:45:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1p5/fsZd0bzMYFo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/fsZd0bzMYFo
IP
Hash 0dd82052927159257fe1ae7e7d235c6f
e3b243c2347741038ce6bc9d94ba26c6fec49e9e
841ce12135915409e74975f135c95bf1902ee55b17dc07f1dd9843ad86d1973e
POST /s/gts1p5/fsZd0bzMYFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/fsZd0bzMYFo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/fsZd0bzMYFo
IP
Hash 0dd82052927159257fe1ae7e7d235c6f
e3b243c2347741038ce6bc9d94ba26c6fec49e9e
841ce12135915409e74975f135c95bf1902ee55b17dc07f1dd9843ad86d1973e
POST /s/gts1p5/fsZd0bzMYFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/fsZd0bzMYFo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/fsZd0bzMYFo
IP
Hash 0dd82052927159257fe1ae7e7d235c6f
e3b243c2347741038ce6bc9d94ba26c6fec49e9e
841ce12135915409e74975f135c95bf1902ee55b17dc07f1dd9843ad86d1973e
POST /s/gts1p5/fsZd0bzMYFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 18:45:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
200 OK 636 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP
File type ASCII text, with CRLF line terminators
Hash e37a9facef6b6778bf656f993602db6d
773672d6776d51f954259f28fe1ee3ad2191d12a
9348be54e0d74abc01e3d63383b1b9b3d54d1f975f57e3aca1411066195374d9
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash f25070f05d5ea492d53ca9a3be75a9cf
b2ba24ca2de65a567deb4a8fe4be81fe83cb193b
84e126c7afce3d468af20a7e82c82b2a7b6753aaa41f72936cb91884bfae2fcc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4243
Cache-Control: max-age=127218
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:46 GMT
Etag: "6386e239-116"
Expires: Fri, 02 Dec 2022 06:06:04 GMT
Last-Modified: Wed, 30 Nov 2022 04:55:21 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
nessendencec.com/TmhWakkvCjUHdi9VNEw8PARrT3sITWQsLSMFLAEvKlBkHSg3BngJJSEdMgw7IQYiRCcrHHNYDxwlATt4AC4QOQp/HAUIIhsmAzslIypnPwwKLzUyDSUyNDp5CDIEWj4MMAceAR8AFFsPGAxhIw8DMAcSACI7ISsADCAyDgsYHAIICy0qAVstPSkTIBwbLBsnHAwmFyMfejgVLyojPzE8Gh8CJiAPflgFIA8MMgEsOjw/FwITGDAHLgApKTczGxw/FDg+Iz8XGhsZEQwpGB8LEzp5GCoUHRspKQMFDws/HBAYHwsTICUpIxcdC34pPzMYDAUQIBwpRRM4ECAmFCg+HwIEWgwJDAErCxs6JS8sDDoBKB8DWAMNcC8tASR6GA8DLBAfLgAoGBhYF1sbGjAFJBwPBCYnLQ8lPygIHAMeWxgaOQEdCGgCJQUnPlUkEhkiByQcCAoZNCU4LBsg
200 OK 1.2 kB URL HTTP/2 nessendencec.com/TmhWakkvCjUHdi9VNEw8PARrT3sITWQsLSMFLAEvKlBkHSg3BngJJSEdMgw7IQYiRCcrHHNYDxwlATt4AC4QOQp/HAUIIhsmAzslIypnPwwKLzUyDSUyNDp5CDIEWj4MMAceAR8AFFsPGAxhIw8DMAcSACI7ISsADCAyDgsYHAIICy0qAVstPSkTIBwbLBsnHAwmFyMfejgVLyojPzE8Gh8CJiAPflgFIA8MMgEsOjw/FwITGDAHLgApKTczGxw/FDg+Iz8XGhsZEQwpGB8LEzp5GCoUHRspKQMFDws/HBAYHwsTICUpIxcdC34pPzMYDAUQIBwpRRM4ECAmFCg+HwIEWgwJDAErCxs6JS8sDDoBKB8DWAMNcC8tASR6GA8DLBAfLgAoGBhYF1sbGjAFJBwPBCYnLQ8lPygIHAMeWxgaOQEdCGgCJQUnPlUkEhkiByQcCAoZNCU4LBsg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash 0fa22236d2af741e0fada55fe3d9b4b6
947a0967c8747f6a360e6927e2112f28c5c4eb93
75f2341c03279b9e28de0d3a51126aa260f80e2e04cfbeb7729aa9c6971caa67
GET /TmhWakkvCjUHdi9VNEw8PARrT3sITWQsLSMFLAEvKlBkHSg3BngJJSEdMgw7IQYiRCcrHHNYDxwlATt4AC4QOQp/HAUIIhsmAzslIypnPwwKLzUyDSUyNDp5CDIEWj4MMAceAR8AFFsPGAxhIw8DMAcSACI7ISsADCAyDgsYHAIICy0qAVstPSkTIBwbLBsnHAwmFyMfejgVLyojPzE8Gh8CJiAPflgFIA8MMgEsOjw/FwITGDAHLgApKTczGxw/FDg+Iz8XGhsZEQwpGB8LEzp5GCoUHRspKQMFDws/HBAYHwsTICUpIxcdC34pPzMYDAUQIBwpRRM4ECAmFCg+HwIEWgwJDAErCxs6JS8sDDoBKB8DWAMNcC8tASR6GA8DLBAfLgAoGBhYF1sbGjAFJBwPBCYnLQ8lPygIHAMeWxgaOQEdCGgCJQUnPlUkEhkiByQcCAoZNCU4LBsg HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1196
date: Wed, 30 Nov 2022 18:45:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kctG6NId04xe4VrCuwMOqEko9AO2ZQaYCjTQm_6votCScW1RAHvg9A==
X-Firefox-Spdy: h2
nessendencec.com/WUk3TGM4K1QhXDh0VWoWKyUKaVEfbAUKBzQkTScFPXEFOwIgJxkvDzY8UyoRNidDYg08PRJ+JT8EWyQzAHpfHi0gDHEeUwAxfH1WGwtaClAPHEAZLjM+egoIEyV0KykbE088UBANWAgBan1eCDs1OnUJNhQaczQaDHgCKSwKDHIeMQhwfh0hHwgEeBYbMVgcAR4iYAsyYXh+DggLEV0dFgsiR3wBDg9jFDIbJm00MgsRczsEHwhEFAI3cXkIIT04UX0pEAFwJBIMDVgUAjdxYgk1ITxSfDkVKn99Wgw+dgkBHjlmAws9OFE0JhYPBT8sDCJQBAc3ZA4HOwgLWAciACtgGAcoHGN4IjgBAhgwGAdYKggDAnYmVzQMZX02FzNTCzA3G0cqUgMediJXbxFcJ0UzOlgiE2QMVnU2G3F0DlJueHY5KG0C
200 OK 1.2 kB URL HTTP/2 nessendencec.com/WUk3TGM4K1QhXDh0VWoWKyUKaVEfbAUKBzQkTScFPXEFOwIgJxkvDzY8UyoRNidDYg08PRJ+JT8EWyQzAHpfHi0gDHEeUwAxfH1WGwtaClAPHEAZLjM+egoIEyV0KykbE088UBANWAgBan1eCDs1OnUJNhQaczQaDHgCKSwKDHIeMQhwfh0hHwgEeBYbMVgcAR4iYAsyYXh+DggLEV0dFgsiR3wBDg9jFDIbJm00MgsRczsEHwhEFAI3cXkIIT04UX0pEAFwJBIMDVgUAjdxYgk1ITxSfDkVKn99Wgw+dgkBHjlmAws9OFE0JhYPBT8sDCJQBAc3ZA4HOwgLWAciACtgGAcoHGN4IjgBAhgwGAdYKggDAnYmVzQMZX02FzNTCzA3G0cqUgMediJXbxFcJ0UzOlgiE2QMVnU2G3F0DlJueHY5KG0C
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3029), with no line terminators
Hash e5f22a010a382e2e409982cc6f408ae4
53dd439e9fc3354d31497addc91e4783f65cfeb5
0a1afd1f8ff32e6122640a3f7fff22b02140964336f230160f66d7d0cd5e67c9
GET /WUk3TGM4K1QhXDh0VWoWKyUKaVEfbAUKBzQkTScFPXEFOwIgJxkvDzY8UyoRNidDYg08PRJ+JT8EWyQzAHpfHi0gDHEeUwAxfH1WGwtaClAPHEAZLjM+egoIEyV0KykbE088UBANWAgBan1eCDs1OnUJNhQaczQaDHgCKSwKDHIeMQhwfh0hHwgEeBYbMVgcAR4iYAsyYXh+DggLEV0dFgsiR3wBDg9jFDIbJm00MgsRczsEHwhEFAI3cXkIIT04UX0pEAFwJBIMDVgUAjdxYgk1ITxSfDkVKn99Wgw+dgkBHjlmAws9OFE0JhYPBT8sDCJQBAc3ZA4HOwgLWAciACtgGAcoHGN4IjgBAhgwGAdYKggDAnYmVzQMZX02FzNTCzA3G0cqUgMediJXbxFcJ0UzOlgiE2QMVnU2G3F0DlJueHY5KG0C HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Wed, 30 Nov 2022 18:45:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9hkqxCB_4E-ob4XZFQIihwdic77OhgM-g-3Koki-fWEbWOC5b44CBg==
X-Firefox-Spdy: h2
nessendencec.com/WlFzTTU7MxAgCjtsEWtAKD1OaAccdEELUTc8CSZTPmlBOlQjP10uWTUkFytHNT8HY1s/JVZ/cykcHx9kOQQXH3ogZSsocANoPQhNLRM0D10ICSoYZTMcFgZgECEyJVYvCBR8WwsCGwxWMwA/BEJjOhclBTcJNwNBDCg5LntoYDIUYxcmPiZNIBcwDFISOAQdfyMyEgdZDzg8Ol5qAh0EWR8ZAyt6Iz4qBgRuYBcYeBgTQD1SDBkmDlMZMioGYwNmOTp/MxA0HBBoEzEafBsLNAt3OwA5NWwgHxoMcgs/NA5eHwg7G3YYAxcgbBs9Cw9bHDs+f3wbCzBgfBIIFAhjAwQ1NH0dA0YbfQ8SPjdgCR01fE0DOxd8dDcHFBxtAxIpFWMeNUIcDBM5IiVtCSlCHEIfFSkKYzw1CxxdOAQya18pPh09CAg3Gh1sbWEcPw
200 OK 1.2 kB URL HTTP/2 nessendencec.com/WlFzTTU7MxAgCjtsEWtAKD1OaAccdEELUTc8CSZTPmlBOlQjP10uWTUkFytHNT8HY1s/JVZ/cykcHx9kOQQXH3ogZSsocANoPQhNLRM0D10ICSoYZTMcFgZgECEyJVYvCBR8WwsCGwxWMwA/BEJjOhclBTcJNwNBDCg5LntoYDIUYxcmPiZNIBcwDFISOAQdfyMyEgdZDzg8Ol5qAh0EWR8ZAyt6Iz4qBgRuYBcYeBgTQD1SDBkmDlMZMioGYwNmOTp/MxA0HBBoEzEafBsLNAt3OwA5NWwgHxoMcgs/NA5eHwg7G3YYAxcgbBs9Cw9bHDs+f3wbCzBgfBIIFAhjAwQ1NH0dA0YbfQ8SPjdgCR01fE0DOxd8dDcHFBxtAxIpFWMeNUIcDBM5IiVtCSlCHEIfFSkKYzw1CxxdOAQya18pPh09CAg3Gh1sbWEcPw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash 7ffdb11ba52d304ac28130d721df7200
35327d77ee575783f067d6b7b11b7a281150ef06
48211cae37a15e7ce8b96e1af6bcc17d4522e9230b46953a1181a2d82aeca5e4
GET /WlFzTTU7MxAgCjtsEWtAKD1OaAccdEELUTc8CSZTPmlBOlQjP10uWTUkFytHNT8HY1s/JVZ/cykcHx9kOQQXH3ogZSsocANoPQhNLRM0D10ICSoYZTMcFgZgECEyJVYvCBR8WwsCGwxWMwA/BEJjOhclBTcJNwNBDCg5LntoYDIUYxcmPiZNIBcwDFISOAQdfyMyEgdZDzg8Ol5qAh0EWR8ZAyt6Iz4qBgRuYBcYeBgTQD1SDBkmDlMZMioGYwNmOTp/MxA0HBBoEzEafBsLNAt3OwA5NWwgHxoMcgs/NA5eHwg7G3YYAxcgbBs9Cw9bHDs+f3wbCzBgfBIIFAhjAwQ1NH0dA0YbfQ8SPjdgCR01fE0DOxd8dDcHFBxtAxIpFWMeNUIcDBM5IiVtCSlCHEIfFSkKYzw1CxxdOAQya18pPh09CAg3Gh1sbWEcPw HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Wed, 30 Nov 2022 18:45:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8vMPm0PiDcCrhE3mSak-joYQTVbSA2P3evHif60W8Nf71_IZ9gCn4w==
X-Firefox-Spdy: h2
nessendencec.com/Z0tCNGQGKSFZWwZ2IBIRFSd/EVYhbnByAAomOF8CA3NwQwUeJWxXCAg+JlIWCCU2GgoCP2cGIh0dcgUnNHklBC0OPDZiHSogCFo+NhIKQBwCJwBMLh0OKXYNAzwDZg8qGytbKTcsMV8tNHspdQoifg13XTERcEcRLCwbQwcgGjd2DjU8IQZULQY7DUFVDSQEUA0bEQQDMRgTAi80JBJ9Nz59DXYmHwQBelYlHyUHLx4oB3oJDzwGYlVSLRVQUTADegIvHh4PeyAIMyBYFAkCOG4RMCYmDAcKHRtXClMKIFgUCQQrRwg/JgxbBzYnDG48V30kYhweLSUZJhIcL1dBVQ0Mc1EFDSxMHQEgGFo+IC93YyAmJAtnJS8oLAwhAh0qWQI/AXRjIz0kIXwXKBsoDAorGiFCBS8KDGMzA38gfBAoAix2HkEhMVsKF3YBZgAOLAxBBxQnLVsO
200 OK 1.2 kB URL HTTP/2 nessendencec.com/Z0tCNGQGKSFZWwZ2IBIRFSd/EVYhbnByAAomOF8CA3NwQwUeJWxXCAg+JlIWCCU2GgoCP2cGIh0dcgUnNHklBC0OPDZiHSogCFo+NhIKQBwCJwBMLh0OKXYNAzwDZg8qGytbKTcsMV8tNHspdQoifg13XTERcEcRLCwbQwcgGjd2DjU8IQZULQY7DUFVDSQEUA0bEQQDMRgTAi80JBJ9Nz59DXYmHwQBelYlHyUHLx4oB3oJDzwGYlVSLRVQUTADegIvHh4PeyAIMyBYFAkCOG4RMCYmDAcKHRtXClMKIFgUCQQrRwg/JgxbBzYnDG48V30kYhweLSUZJhIcL1dBVQ0Mc1EFDSxMHQEgGFo+IC93YyAmJAtnJS8oLAwhAh0qWQI/AXRjIz0kIXwXKBsoDAorGiFCBS8KDGMzA38gfBAoAix2HkEhMVsKF3YBZgAOLAxBBxQnLVsO
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3043), with no line terminators
Hash ebd6dbb913788af6d2add09c574be3b7
4ce195f945d66aca6580c7079c0bf6644cb8a89e
f6fcfe2ea662dbaf8034863385285595eda394eeabe70c356e6c6b2da109a7f5
GET /Z0tCNGQGKSFZWwZ2IBIRFSd/EVYhbnByAAomOF8CA3NwQwUeJWxXCAg+JlIWCCU2GgoCP2cGIh0dcgUnNHklBC0OPDZiHSogCFo+NhIKQBwCJwBMLh0OKXYNAzwDZg8qGytbKTcsMV8tNHspdQoifg13XTERcEcRLCwbQwcgGjd2DjU8IQZULQY7DUFVDSQEUA0bEQQDMRgTAi80JBJ9Nz59DXYmHwQBelYlHyUHLx4oB3oJDzwGYlVSLRVQUTADegIvHh4PeyAIMyBYFAkCOG4RMCYmDAcKHRtXClMKIFgUCQQrRwg/JgxbBzYnDG48V30kYhweLSUZJhIcL1dBVQ0Mc1EFDSxMHQEgGFo+IC93YyAmJAtnJS8oLAwhAh0qWQI/AXRjIz0kIXwXKBsoDAorGiFCBS8KDGMzA38gfBAoAix2HkEhMVsKF3YBZgAOLAxBBxQnLVsO HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Wed, 30 Nov 2022 18:45:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xUZumhhD_RKVsxmBLWcphlLTFKb2NPhE8X91zk-fCYb2Qj2PMQiywA==
X-Firefox-Spdy: h2
nessendencec.com/ZDBKVlIFUik7bQUNKHAnFlx3c2AiFXgQNgldMD00AAh4ITMdXmQ1PgtFLjAgC14+eDwBRG9kFBBiDAwZMQA9OB03YXs1KCUVeBAeCQV6Mj8qShM4Yw1gDj1qLVoYJB1WeTwXKlB4CzwLIGkeYioBWgAhAg1bJTMFPkMaL2IVfRIyYy9jJWc2Vno7HAYtXyg4Og15IDlqLgMhPBggUzofOFxbBD86DXkzIictYzklGx4ILRwKKgQMDj4VaidvOgJ3PT4bHgAlHSshBS44Z1R/DmNgAl4YODcKAXIPBTF5LjhnVHkZG2sBXggsNzZ2OjI/PUkQDjoMaht7OlZWJAc5NHgQc2Aich0yZD5dAGY0VgkiMBEpSgECNQ5pHQcfPWgyZwgKQCMwGjJKLxEfFXwZByQqYwduMVdXHDAKNloQERwVfR0iZUJaOTk8FA07ZzEjeAcHKCMHPjRkEg
200 OK 1.2 kB URL HTTP/2 nessendencec.com/ZDBKVlIFUik7bQUNKHAnFlx3c2AiFXgQNgldMD00AAh4ITMdXmQ1PgtFLjAgC14+eDwBRG9kFBBiDAwZMQA9OB03YXs1KCUVeBAeCQV6Mj8qShM4Yw1gDj1qLVoYJB1WeTwXKlB4CzwLIGkeYioBWgAhAg1bJTMFPkMaL2IVfRIyYy9jJWc2Vno7HAYtXyg4Og15IDlqLgMhPBggUzofOFxbBD86DXkzIictYzklGx4ILRwKKgQMDj4VaidvOgJ3PT4bHgAlHSshBS44Z1R/DmNgAl4YODcKAXIPBTF5LjhnVHkZG2sBXggsNzZ2OjI/PUkQDjoMaht7OlZWJAc5NHgQc2Aich0yZD5dAGY0VgkiMBEpSgECNQ5pHQcfPWgyZwgKQCMwGjJKLxEfFXwZByQqYwduMVdXHDAKNloQERwVfR0iZUJaOTk8FA07ZzEjeAcHKCMHPjRkEg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Hash 93a53eb4cb614a98cce5a739a6b5789c
de5a3f2f917b96971bd6ab0448f9ad28a29bc25d
12ee16cc6f71c1b8c021ce05e71c54dbb0d55473064920d805f8b341af9dccf7
GET /ZDBKVlIFUik7bQUNKHAnFlx3c2AiFXgQNgldMD00AAh4ITMdXmQ1PgtFLjAgC14+eDwBRG9kFBBiDAwZMQA9OB03YXs1KCUVeBAeCQV6Mj8qShM4Yw1gDj1qLVoYJB1WeTwXKlB4CzwLIGkeYioBWgAhAg1bJTMFPkMaL2IVfRIyYy9jJWc2Vno7HAYtXyg4Og15IDlqLgMhPBggUzofOFxbBD86DXkzIictYzklGx4ILRwKKgQMDj4VaidvOgJ3PT4bHgAlHSshBS44Z1R/DmNgAl4YODcKAXIPBTF5LjhnVHkZG2sBXggsNzZ2OjI/PUkQDjoMaht7OlZWJAc5NHgQc2Aich0yZD5dAGY0VgkiMBEpSgECNQ5pHQcfPWgyZwgKQCMwGjJKLxEfFXwZByQqYwduMVdXHDAKNloQERwVfR0iZUJaOTk8FA07ZzEjeAcHKCMHPjRkEg HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1196
date: Wed, 30 Nov 2022 18:45:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RIeFzaUbT32Y56k6faEVKe1gI-nZ9T7m7TGwA4DL3B0r7MwMmWfNBg==
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
200 OK 4.0 kB URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
File type ASCII text, with very long lines (1288)
Hash eaf1f318e3173613a064eac452479b0e
fc5f90aabdd2ba8f557fb78a1dcb305b0999cd93
903c6c878eed6afc742c9055d362b5a6eb619baa202e169f33427505df2ef9fc
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
200 OK 4.3 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP
File type troff or preprocessor input, ASCII text, with very long lines (305), with CRLF line terminators
Hash 9443ddd68641b463c52a7e8a6ba2925b
46f344749226eb2df7fde1c9af687e063a264afd
b8976223711db602915f34704c514ed227c1d638eda0714233b50471ca987e97
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ffortyimagist.com/ZzVmRVBICgU2bTFeMAoeVwwLIRhTegMSBlRQAQt1VXcEKxpfdFVxdhNcAnhpUwxec2RBRQ8hbVYNQDYkBkETNm1WEw8rNggIQDNtVhtWa2JJB0AwbVYTEjUxAAhXYyATQQp4YVEDX31jVAxScGFQBg
204 No Content 0 B URL HTTP/2 ffortyimagist.com/ZzVmRVBICgU2bTFeMAoeVwwLIRhTegMSBlRQAQt1VXcEKxpfdFVxdhNcAnhpUwxec2RBRQ8hbVYNQDYkBkETNm1WEw8rNggIQDNtVhtWa2JJB0AwbVYTEjUxAAhXYyATQQp4YVEDX31jVAxScGFQBg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZzVmRVBICgU2bTFeMAoeVwwLIRhTegMSBlRQAQt1VXcEKxpfdFVxdhNcAnhpUwxec2RBRQ8hbVYNQDYkBkETNm1WEw8rNggIQDNtVhtWa2JJB0AwbVYTEjUxAAhXYyATQQp4YVEDX31jVAxScGFQBg HTTP/1.1
Host: ffortyimagist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gwu3lj%2FLCSt6xKG8cAUwtR0ZfgQYizZm13p0oS9sTqwPCB40PYmnYYTF%2FyiML%2Boq9BJC3PqzTxFdxu1hAwqOMBzA3zLZq%2BcCWOCvnLtLTiPxIM5RuGkZzeXne%2FQ7XJ4LFPcKdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bdf58addb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
200 OK 9.0 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
File type ASCII text, with CRLF line terminators
Hash c2d8ea64c71a200e2d461edd9d2fe42d
4e799bc45727e18d8ae079a81d6a68d49e71b696
0109e1d9d5ca5c73aa20c6054c6ef8f55149faa92e696ab5d14ba753b8228f13
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/imageads/002.gif
200 OK 555 kB URL HTTP/2 megaup.net/imageads/002.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 555 kB (555149 bytes)
Hash 8a70ab05c8c1fd1c3c1875bbe8ce60b9
92af48218bf59fdf36200b2e5204cf7d48848555
c2a8314101ccc5f25126aba15737982c2037c444f3bcd5afa5ccbe4643c40039
GET /imageads/002.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: image/gif
content-length: 555149
last-modified: Mon, 29 Mar 2021 20:01:44 GMT
vary: Accept-Encoding
etag: "60623228-8788d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
200 OK 3.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP
File type assembler source, ASCII text, with CRLF line terminators
Hash 39f75e058b0ed002fc475232f45a93f0
8ef86552b3d1aeb260a7603915dec049da363978
6b71e51f798a06b773a3e73771659cc3860ff156f857c82eb36182475596c7f1
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ffortyimagist.com/QkdJT2JteCo8XxR3BwsGLBUlKzomABgiNHQkHAEgIHQTNjNyd287CyZ6fnlTc39/aRIrI3R+RDEzKDsXMXp4aQssISZyRDR6eGFRdml6fkxzYTxyU2QzOS4Ff3ZvPxY2K3R+VHR+cXxRe3N8flZ0
204 No Content 0 B URL HTTP/2 ffortyimagist.com/QkdJT2JteCo8XxR3BwsGLBUlKzomABgiNHQkHAEgIHQTNjNyd287CyZ6fnlTc39/aRIrI3R+RDEzKDsXMXp4aQssISZyRDR6eGFRdml6fkxzYTxyU2QzOS4Ff3ZvPxY2K3R+VHR+cXxRe3N8flZ0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /QkdJT2JteCo8XxR3BwsGLBUlKzomABgiNHQkHAEgIHQTNjNyd287CyZ6fnlTc39/aRIrI3R+RDEzKDsXMXp4aQssISZyRDR6eGFRdml6fkxzYTxyU2QzOS4Ff3ZvPxY2K3R+VHR+cXxRe3N8flZ0 HTTP/1.1
Host: ffortyimagist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0CoI6%2FfTUSgoSUtzPWeXFRU2dSpKsQ6HFz02zM%2F82p%2BOASj%2FkjtyzwyraAJD60gKDE65qP5xYrg5IKfbbi293h5ElNfHXR%2FbXGmA484O9a4Zh%2BtgjC0kvavSQMljjx6MUyChg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bdf5fb6db50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/fsZd0bzMYFo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/fsZd0bzMYFo
IP
Hash 0dd82052927159257fe1ae7e7d235c6f
e3b243c2347741038ce6bc9d94ba26c6fec49e9e
841ce12135915409e74975f135c95bf1902ee55b17dc07f1dd9843ad86d1973e
POST /s/gts1p5/fsZd0bzMYFo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.bidgear.com/media/img/b15.png
200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Thu, 22 Dec 2022 09:44:57 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 723629
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6apYSk%2F%2FAWV7z5M%2B2rHUSzJeHXPfG3YVz5HgkKmIoEp6vARINEF4m0wWJ7TlprAGiJKZRNcz1iN3KBxmjSZY2qDP7yKMHvGv4y6Ziv5RHm2gJFNu2lVzRHHnJy6%2BYwoYt098BqL%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725bdf74b7bb4f1-OSL
X-Firefox-Spdy: h2
cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
200 OK 15 kB URL HTTP/2 cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
IP
File type Unicode text, UTF-8 text, with very long lines (43290), with no line terminators
Hash 7fc0d255881423d2a1fac4caa027bd71
ef65f30cc165b3359e9abae7dcabe14e624a4efc
053acf5077e8aeab1e2277c5f00d9d7936064ca2b1b77e35e25148ea32f07502
GET /video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 14935
last-modified: Wed, 23 Nov 2022 14:06:42 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 08:03:55 GMT
etag: "7fc0d255881423d2a1fac4caa027bd71"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gRiriJ71CLCQKV7MycAZ0Irq3X_vLa9Kaoo4-A6DahnRCG3gDNBOqA==
age: 38511
X-Firefox-Spdy: h2
cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
200 OK 14 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP
File type Unicode text, UTF-8 text, with very long lines (55480), with no line terminators
Hash a3bfc94d9e4a8dd2d5b78ad5fa404ae5
e217a54a2287525807532aef1ad9aaff2bba5be1
a2abcf9d6141c7aa9c628e99def49a14b3532ec215015822cdb348cb82da186c
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 13848
last-modified: Thu, 24 Nov 2022 08:42:09 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 01:22:53 GMT
etag: "a3bfc94d9e4a8dd2d5b78ad5fa404ae5"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q1hP5wnONUHcT2eG1xyf2kmfgr1PnYFxMpzcxHz2jYWE4Kgfv8A-Eg==
age: 62574
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/sMlRQcUdROz4XeEY9NExwBGBhRXYUPiMeKUJpAhcuYg1nQShAciQLIw9kdh0mXDNtVyJcN21AYVMwMkxzFCAgHiwPJycaJlUiOwk0SnIlEHpfOyoYK141dUMBB3pgVHUCfCcYKVY7JwJiAGQ+BWIAZGFBaQJxYzNiAGQnGCkEYHVCBRdmYAlxBnFjM2IAZC-IHYgEVYUFyHGR5VHUCMzUSLF1xYjd1AmVgQXYCZXVDd1Q9IhQhXSx1QwEDZGVfdxQhbUA
200 OK 593 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/sMlRQcUdROz4XeEY9NExwBGBhRXYUPiMeKUJpAhcuYg1nQShAciQLIw9kdh0mXDNtVyJcN21AYVMwMkxzFCAgHiwPJycaJlUiOwk0SnIlEHpfOyoYK141dUMBB3pgVHUCfCcYKVY7JwJiAGQ+BWIAZGFBaQJxYzNiAGQnGCkEYHVCBRdmYAlxBnFjM2IAZC-IHYgEVYUFyHGR5VHUCMzUSLF1xYjd1AmVgQXYCZXVDd1Q9IhQhXSx1QwEDZGVfdxQhbUA
IP
File type ASCII text, with very long lines (821), with no line terminators
Hash 34daf05838a4fea3342d9921aba1b065
03a1e98e908ebd7cae3bac631f58bd1f401a5768
8e464ac9b0ce944f5c8751be0731943b5a0426e1dc59a7ef4e1bf2b3bf3b6cd2
GET /sMlRQcUdROz4XeEY9NExwBGBhRXYUPiMeKUJpAhcuYg1nQShAciQLIw9kdh0mXDNtVyJcN21AYVMwMkxzFCAgHiwPJycaJlUiOwk0SnIlEHpfOyoYK141dUMBB3pgVHUCfCcYKVY7JwJiAGQ+BWIAZGFBaQJxYzNiAGQnGCkEYHVCBRdmYAlxBnFjM2IAZC-IHYgEVYUFyHGR5VHUCMzUSLF1xYjd1AmVgQXYCZXVDd1Q9IhQhXSx1QwEDZGVfdxQhbUA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nessendencec.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 593
date: Wed, 30 Nov 2022 18:45:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rE8O80TNxRLyerEyPyYcaSFiHX2GJQ74dnicdMQLdX75EO3pH0MhVg==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/RMWQ1NFFSC1tSbkUNUQlmB1UEDGcXDkZbP0FZR0wBXQtHQhB1FVd7IFMXQxIlSwAIBHddBVtTbBcBW1dsAEJUUDMMUBNAIV4PCEcmWgVSQjpJF00SJFBZWFsrWAhZVXQDIgAaYRRWBRwmWApRWyZCQQcEP0VBBwRgAUoFEWJzQQcEJlgKAwB0AiYQBmFJUg-ERYnNBBwQjR0EGdWABURsEeBRWBVM0Ug9aEWN3VgUFYQFVBQV0A1RTXSNUAlpMdAMiBARkH1QTQWwA
200 OK 595 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/RMWQ1NFFSC1tSbkUNUQlmB1UEDGcXDkZbP0FZR0wBXQtHQhB1FVd7IFMXQxIlSwAIBHddBVtTbBcBW1dsAEJUUDMMUBNAIV4PCEcmWgVSQjpJF00SJFBZWFsrWAhZVXQDIgAaYRRWBRwmWApRWyZCQQcEP0VBBwRgAUoFEWJzQQcEJlgKAwB0AiYQBmFJUg-ERYnNBBwQjR0EGdWABURsEeBRWBVM0Ug9aEWN3VgUFYQFVBQV0A1RTXSNUAlpMdAMiBARkH1QTQWwA
IP
File type ASCII text, with very long lines (832), with no line terminators
Hash b56a6d4b860e282489ed2c7124fb8481
b0a65e8f25eab76d4e1da9d741268cf97e67069d
ca07263ca3ff4047c1cfe204dc826c25eb8bbfdded846ceb65ce834e0c78c44a
GET /RMWQ1NFFSC1tSbkUNUQlmB1UEDGcXDkZbP0FZR0wBXQtHQhB1FVd7IFMXQxIlSwAIBHddBVtTbBcBW1dsAEJUUDMMUBNAIV4PCEcmWgVSQjpJF00SJFBZWFsrWAhZVXQDIgAaYRRWBRwmWApRWyZCQQcEP0VBBwRgAUoFEWJzQQcEJlgKAwB0AiYQBmFJUg-ERYnNBBwQjR0EGdWABURsEeBRWBVM0Ug9aEWN3VgUFYQFVBQV0A1RTXSNUAlpMdAMiBARkH1QTQWwA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nessendencec.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 595
date: Wed, 30 Nov 2022 18:45:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W3eLz2UbzqcrCR_We6NUC1Xbq7LkRuEel4jjHo_X8PgoPEG9fEyuow==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/fMlhPY3hRNyEFR0YxK15BBmF3VUwUMjwMFkJlCgJBZxp3IDoDb34iDXlsBEUMSDxyU15eOSEERRQ9IQBFA34uBxoPbGkWGQ81IBkRXjQuRkp0bWFTXQBoZxQRXDwgFAsXan8NDBdqf1JIHGhqUDoXan8UEVxue0ZLcH19UwAEbGpQOhdqfxEOF2sOUkgHdn-9KXQBoKAYbWTdqUT4AaH5TSANofkZKAj4mER1UNzdGSnRpf1ZWAn46Xkk
200 OK 192 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/fMlhPY3hRNyEFR0YxK15BBmF3VUwUMjwMFkJlCgJBZxp3IDoDb34iDXlsBEUMSDxyU15eOSEERRQ9IQBFA34uBxoPbGkWGQ81IBkRXjQuRkp0bWFTXQBoZxQRXDwgFAsXan8NDBdqf1JIHGhqUDoXan8UEVxue0ZLcH19UwAEbGpQOhdqfxEOF2sOUkgHdn-9KXQBoKAYbWTdqUT4AaH5TSANofkZKAj4mER1UNzdGSnRpf1ZWAn46Xkk
IP
File type ASCII text, with no line terminators
Hash c13643dd5dd37ad88990411e0b61cccb
1e5922e2293523f96a4d968b46783037ae5f9b8f
1b4f48ae15440b7ddf955e2b00924c470c4492ab897f71191a1e632db696095e
GET /fMlhPY3hRNyEFR0YxK15BBmF3VUwUMjwMFkJlCgJBZxp3IDoDb34iDXlsBEUMSDxyU15eOSEERRQ9IQBFA34uBxoPbGkWGQ81IBkRXjQuRkp0bWFTXQBoZxQRXDwgFAsXan8NDBdqf1JIHGhqUDoXan8UEVxue0ZLcH19UwAEbGpQOhdqfxEOF2sOUkgHdn-9KXQBoKAYbWTdqUT4AaH5TSANofkZKAj4mER1UNzdGSnRpf1ZWAn46Xkk HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nessendencec.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 192
date: Wed, 30 Nov 2022 18:45:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QCf1UHCWQ9qIWTV5N4SsJ3TLzkPLJXUINsCgPkbikzoHsTdp2p6Avw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/zV01CS2g0IiwtVyMkJnZQYHtxelBxJzEkBidwARkMPioMPgskIS0kAnE5OC9VZ2suKgYwcGQuBjRwc20JMy9/f04jPS0gVSQ6KSoPISY6OBBxOCN2BTg3KycENmhwDV15fWd5WH86KyUMODoxblpnIzZuWmd8cmVYcn4AblpnOislXmNocQlNZX06fVxyfg-BuWmc/NG5bFnxyfkZnZGd5WDAoISAHcn8EeVhmfXJ6WGZocHsOPj8nLQcvaHANWWd4bHtOInBz
200 OK 455 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/zV01CS2g0IiwtVyMkJnZQYHtxelBxJzEkBidwARkMPioMPgskIS0kAnE5OC9VZ2suKgYwcGQuBjRwc20JMy9/f04jPS0gVSQ6KSoPISY6OBBxOCN2BTg3KycENmhwDV15fWd5WH86KyUMODoxblpnIzZuWmd8cmVYcn4AblpnOislXmNocQlNZX06fVxyfg-BuWmc/NG5bFnxyfkZnZGd5WDAoISAHcn8EeVhmfXJ6WGZocHsOPj8nLQcvaHANWWd4bHtOInBz
IP
File type ASCII text, with very long lines (593), with no line terminators
Hash 1cf2b42fa0a4757a0f9b9f18e3d95ff7
496ccfc03c7e7746297900e678bf0bdd82f22bce
fc3c9d59ad3de9361cf914833c305ccd0481f552df146242c4f2a5a387c9e290
GET /zV01CS2g0IiwtVyMkJnZQYHtxelBxJzEkBidwARkMPioMPgskIS0kAnE5OC9VZ2suKgYwcGQuBjRwc20JMy9/f04jPS0gVSQ6KSoPISY6OBBxOCN2BTg3KycENmhwDV15fWd5WH86KyUMODoxblpnIzZuWmd8cmVYcn4AblpnOislXmNocQlNZX06fVxyfg-BuWmc/NG5bFnxyfkZnZGd5WDAoISAHcn8EeVhmfXJ6WGZocHsOPj8nLQcvaHANWWd4bHtOInBz HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nessendencec.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 455
date: Wed, 30 Nov 2022 18:45:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IupHtRg4C7Z6ylTN3ua9XG2XiL3YwggZ0CZxlODrlnfu7AT1pelmdw==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/tRFZKU0wnOSQ1czA/Lm50dmNzYn1iPDk8IjRrO2IvAx4HAjYDYT4xejJwPikoeWZsPy0qMXd1KSo1d2JqJTIobnhiIjo8J3kjJDcpIj8kNihiIytuISssIz8gJXN4FXlqZm9hfGwhIz0oKyE5dn50OD52fnRnen18YWUIdn50ISM9enBzeRFpdmYyZXhhZQ-h2fnQkPHZ/BWd6ZmJ0f29hfCMzKTgjYWQMYXx1ZnpifHVzeGMqLSQvNSM8c3gVfXRjZGNqMWt7
200 OK 368 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/tRFZKU0wnOSQ1czA/Lm50dmNzYn1iPDk8IjRrO2IvAx4HAjYDYT4xejJwPikoeWZsPy0qMXd1KSo1d2JqJTIobnhiIjo8J3kjJDcpIj8kNihiIytuISssIz8gJXN4FXlqZm9hfGwhIz0oKyE5dn50OD52fnRnen18YWUIdn50ISM9enBzeRFpdmYyZXhhZQ-h2fnQkPHZ/BWd6ZmJ0f29hfCMzKTgjYWQMYXx1ZnpifHVzeGMqLSQvNSM8c3gVfXRjZGNqMWt7
IP
File type ASCII text, with very long lines (470), with no line terminators
Hash 20d6cf171516ab360dda8af4875e05ed
e493f016a6ff1af749c523628c96b1b89b260dfe
f2898559acc28efd5be920995e712271845e9c73b3b6956bd6e47d5aa50e46ab
GET /tRFZKU0wnOSQ1czA/Lm50dmNzYn1iPDk8IjRrO2IvAx4HAjYDYT4xejJwPikoeWZsPy0qMXd1KSo1d2JqJTIobnhiIjo8J3kjJDcpIj8kNihiIytuISssIz8gJXN4FXlqZm9hfGwhIz0oKyE5dn50OD52fnRnen18YWUIdn50ISM9enBzeRFpdmYyZXhhZQ-h2fnQkPHZ/BWd6ZmJ0f29hfCMzKTgjYWQMYXx1ZnpifHVzeGMqLSQvNSM8c3gVfXRjZGNqMWt7 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nessendencec.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 368
date: Wed, 30 Nov 2022 18:45:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XJ-08o0O9RybjEWGG-6eMTNLtScr1WY_ynMtpsil9OnEo6Mst5gB2Q==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=05a35a397c3e48be8dec0ff7056b7800&p=61&g=NO&token=4a44335432&tbg=1669833946
200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=05a35a397c3e48be8dec0ff7056b7800&p=61&g=NO&token=4a44335432&tbg=1669833946
IP
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=05a35a397c3e48be8dec0ff7056b7800&p=61&g=NO&token=4a44335432&tbg=1669833946 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvoFN1keZFGgxhFxKETeTPcw74LIYGnN%2FAy%2BktzRWF1GXHxMfBerlHrSqCzqNFHQP1UVy%2FXbJlQhNvPLBUjoMvbTq3LXqqXpr5HVAt00%2Fik1mmKo9lg59NZfl1xoRnPOW1s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bdf74b82b4f1-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 281 B IP
Hash edab2c2365c3a6276fca8fcd44a7d505
24c147248cbb34efeac51e1fe6764954c54fb0a7
8c248d1d937e7e8e854cec588e30f184644ec5ccd1f666c8aec267d4fa5b8649
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:45:46 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 09:53:48 GMT
Expires: Tue, 06 Dec 2022 09:53:47 GMT
Etag: "24c147248cbb34efeac51e1fe6764954c54fb0a7"
Cache-Control: max-age=485880,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7725bdf6db07b4ee-OSL
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
200 OK 749 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 178b407485891046a4ca83322d277ae0
ba33fe202beee8ad40ed636c05f69d2d85fc89fc
9e0ad955f46e7f3613880082725e04ea637e917f486cfba609b87d6db1398351
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a67f152254e0a2cfaf6ba5e5e51d9ae4
6ddc5ee596d0469d4d5f0bbcd1918677019337b4
d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 16:46:55 GMT
expires: Wed, 30 Nov 2022 18:46:55 GMT
cache-control: public, max-age=7200
age: 7131
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a67f152254e0a2cfaf6ba5e5e51d9ae4
6ddc5ee596d0469d4d5f0bbcd1918677019337b4
d786acd565665c5d7c3c43e1ec737a20f8ed2a2467bff7758cc9cbb199e602d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a9f744933a415ea7e05e727fbbde4cfc
16e7f114fdfec98d2e5bcffd0db2007d0f4968cd
960e82bcbdee2640a54d5783df661ad072e3e55255b3fb8a4df774443e7100a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "960E82BCBDEE2640A54D5783DF661AD072E3E55255B3FB8A4DF774443E7100A3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2121
Expires: Wed, 30 Nov 2022 19:21:07 GMT
Date: Wed, 30 Nov 2022 18:45:46 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 393 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash 3af7ab424e0cf9bb74045118f17e22aa
2d89417fe1af28f9fce4526e9d39371836ffeb6e
9af0a5fa4df1d680293e100dd686312dabf6c62bce8d1be0cb4b1670c2675f85
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 18:45:47 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1174700378%3A1669833947002655&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu7ujxjV4A5nx8XY2KsbFjrT0sZdMiusL7ItP3bah27eZ6oRCDEguobcUDYX-OqF6Ko_QhK
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-hI7TxVYXNXjKheyS58Yruw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:QymaaqRfLVImXpSwG_ke_MlfCZWDsw:oAJUaFgb87vRD0Vt;Path=/;Expires=Fri, 29-Nov-2024 18:45:46 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP
File type ASCII text, with very long lines (2791)
Size 127 kB (126620 bytes)
Hash f641dae66d812e803cbfc91d689e2ea8
96372a7ba661528d13bc774536d04ab3e03b82d6
e78b718ac77697fbb92e88ac394141adc4e016830eb04d53279238cbcd65435b
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126620
date: Wed, 30 Nov 2022 18:45:46 GMT
expires: Wed, 30 Nov 2022 18:45:46 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
200 OK 3.9 kB URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
Hash c8774f5d5765300a3f10deada9890491
2e65c0f07a6df1b80911f9cc305030f95756c84b
9180361dca1fdbc1faf84aa19dc5158c92f258197195883787df5e70d3c8180b
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 40ce48359a1c3a5f1a0347a5e1aa6cbe
50e7a1e47058334ce76d640feca3cfd616e69c18
f72a564ba72dccd6b3b12d077276ed88cf244d8439c1980eecefef9c2948baec
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F72A564BA72DCCD6B3B12D077276ED88CF244D8439C1980EECEFEF9C2948BAEC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10109
Expires: Wed, 30 Nov 2022 21:34:16 GMT
Date: Wed, 30 Nov 2022 18:45:47 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 40ce48359a1c3a5f1a0347a5e1aa6cbe
50e7a1e47058334ce76d640feca3cfd616e69c18
f72a564ba72dccd6b3b12d077276ed88cf244d8439c1980eecefef9c2948baec
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F72A564BA72DCCD6B3B12D077276ED88CF244D8439C1980EECEFEF9C2948BAEC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10109
Expires: Wed, 30 Nov 2022 21:34:16 GMT
Date: Wed, 30 Nov 2022 18:45:47 GMT
Connection: keep-alive
nessendencec.com/utx?cb=4gRXx5INVrBS&top=megaup.net&tid=761186
204 No Content 0 B URL HTTP/2 nessendencec.com/utx?cb=4gRXx5INVrBS&top=megaup.net&tid=761186
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=4gRXx5INVrBS&top=megaup.net&tid=761186 HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:46 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 30 Nov 2022 18:46:46 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: szSf1GRsYB269ab5sUH79x_XirUspqxdK6UySqp7KsbLOwaBKh9uqg==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 40ce48359a1c3a5f1a0347a5e1aa6cbe
50e7a1e47058334ce76d640feca3cfd616e69c18
f72a564ba72dccd6b3b12d077276ed88cf244d8439c1980eecefef9c2948baec
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F72A564BA72DCCD6B3B12D077276ED88CF244D8439C1980EECEFEF9C2948BAEC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10109
Expires: Wed, 30 Nov 2022 21:34:16 GMT
Date: Wed, 30 Nov 2022 18:45:47 GMT
Connection: keep-alive
nessendencec.com/utx?cb=tLHAvXi8ENON&top=megaup.net&tid=825911
204 No Content 0 B URL HTTP/2 nessendencec.com/utx?cb=tLHAvXi8ENON&top=megaup.net&tid=825911
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=tLHAvXi8ENON&top=megaup.net&tid=825911 HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:46 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 30 Nov 2022 18:46:46 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UUryh0ZIV92_GAB20Q7_hRPCBYBxZdWSJYmCVUXT4fzS9l0OKAXtCw==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 390 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash c252f36c1b502fa1910ce708fd19d817
ad5fa682fae41ddb83bef9d034264e3f1daca7e5
d4eeafa0778b22ae8e96e824aaf2537ddfa158c7cc37fcee3b657332fbc34100
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 18:45:47 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1224770919%3A1669833947046912&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtb_4vw9zPG3sp5GkYLj_iyEP0onPCofvvDjNAEt0NByfLPvXyxbB7MjoLoZbtyp9-yTpKw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-zu2Ywphv6xD3QAKK9G7lQg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:lEk6sppHNYJ0AfAwlomV0dmrq4KZ1w:zpLapBsolnqvLLuH;Path=/;Expires=Fri, 29-Nov-2024 18:45:47 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
200 OK 86 kB URL HTTP/2 cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
IP
File type ASCII text, with very long lines (65020)
Hash 700d1de734b4979c4c3059b613e9d7b1
0a7d2ad10cba258cfc2e0376240852a4ae5f4012
2031fbefbf1b070dcf0ebb746438e628fdd59c7daac6952000ef9056b7294eb6
GET /prebid-video-7.22.0-2022-10-26.gz.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-encoding: gzip
content-length: 86507
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:24:00 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "700d1de734b4979c4c3059b613e9d7b1"
cache-control: max-age=31536000
x-amz-request-id: tx0000000000001178867eb-00635934f6-34c6886a-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1669833947.dop219.sk1.t,1669833947.cds257.sk1.hn,1669833947.cds218.sk1.c
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Wed, 30 Nov 2022 18:45:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2iMtoh5-VyIylFbA58qriNwrZiITOe-ffIcGMJC8ZHnk8qIOVZSrFQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 9c70aeb1d5dc937cb0f0668addc0d185
b14b223e8bd64f17784185266edf0b52d9a1e6c5
1257c74d178fb6425525857d02bdf15acf116fa7cf25521c7dd5e10b6269ab54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3634
Cache-Control: max-age=93487
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:47 GMT
Etag: "638660d8-1d7"
Expires: Thu, 01 Dec 2022 20:43:54 GMT
Last-Modified: Tue, 29 Nov 2022 19:43:20 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
nessendencec.com/utx?cb=YSsLqTf3PL5s&top=megaup.net&tid=876318
204 No Content 0 B URL HTTP/2 nessendencec.com/utx?cb=YSsLqTf3PL5s&top=megaup.net&tid=876318
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=YSsLqTf3PL5s&top=megaup.net&tid=876318 HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:47 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 30 Nov 2022 18:46:47 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T6K7s84Gqg43V_phkz7W4TBeu8_-UlbRpauKUjStKqf1jL75FD6J5w==
X-Firefox-Spdy: h2
nessendencec.com/utx?cb=7quw85QGYtF3&top=megaup.net&tid=764141
204 No Content 0 B URL HTTP/2 nessendencec.com/utx?cb=7quw85QGYtF3&top=megaup.net&tid=764141
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=7quw85QGYtF3&top=megaup.net&tid=764141 HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:47 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 30 Nov 2022 18:46:47 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nD0p06nmJ34NzAbRud2dkHGNRWmYGD31USBcP9zqe1WGgKEVcVVeUw==
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/426775/300x250?region=eu-central-1
200 OK 142 kB URL HTTP/2 static.a-ads.com/a-ads-banners/426775/300x250?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 142 kB (141876 bytes)
Hash 8de00277bd123893a9dfdd7687b18a0c
1803cc3f0a3f6b208ccbd62893b868ed37929bef
a45b505ec4e1586986beac60e64de2dcbfc9bc899fd423530cce60a841f9bf76
GET /a-ads-banners/426775/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: image/png
content-length: 141876
x-amz-id-2: 6CMwk+g3zmVlQyh2PmCLKFwO356CByDmAzmQ0OyDDD/rBMKbUX4ppTWnqyVQ0kMrk4Y0WyPktxE=
x-amz-request-id: R5QYPTH39Q5NNS46
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Nov 2022 17:14:48 GMT
etag: "8de00277bd123893a9dfdd7687b18a0c"
cache-control: max-age=315360000
x-amz-version-id: 9pDOriT7.HD053YWpNvIIUQy3YF8oKT1
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 103 kB IP
Size 103 kB (102745 bytes)
Hash e8d3fd2de4c7c13e3f148258d2ca09a2
5266fb12839c3fdfe6a9ffd128038d47b9c960c5
bd59db55250e1e87cd0a508ed3d732395d0bdff366d637cbd148919149f413f8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4598
last-modified: Wed, 30 Nov 2022 17:29:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfT7NM0cPo%2BSUGHks%2BSeghub5aiAfjoTK1B2ZYCM%2B%2BuHs%2BZKlrC0p6fWCOuvhWAGG5r3BkR1bmb4mXwyY46SwaeKnhXOXjBj9pz%2B%2F0okM8mXe%2F5HZm73s4oQaJ0ELVof"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725bdf9589171f2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5889
Expires: Wed, 30 Nov 2022 20:23:56 GMT
Date: Wed, 30 Nov 2022 18:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5889
Expires: Wed, 30 Nov 2022 20:23:56 GMT
Date: Wed, 30 Nov 2022 18:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5889
Expires: Wed, 30 Nov 2022 20:23:56 GMT
Date: Wed, 30 Nov 2022 18:45:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d5f422fbb8174cafc054de1f2ad82ed5
3e42739b776c89471c7286f352cb2f90a9cda021
aee043a97232a741f15ad69be980ff91c703102e33d398913179c052cb18292d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7LVxajVjJ1N2W-jxCmKpYHg1rS1MbrRnAVc15QmM0iH94CH1yJnR0w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:53:01 GMT
age: 49966
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png
200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c269b8c-3d4d-44ba-8e91-4a2a42d194b9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 502d7eed-f24a-49e8-b14e-759778b717ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbWQSFNnIAMFpxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63879d9b-5eb88e757ff3eeaa26dd7de2;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 18:14:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hrGJk_aF0hgdEXNUAqj74wYkXby2ptGRqWKFi4sxlvs_QN9WhC6vOw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:23:04 GMT
age: 1363
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 74268
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 75763
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 37 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30464)
Hash d02bc12ef1efee7b1c2dc670d2cde8d9
c730801ab91a5763a5aba93de78e57d5333604cd
c213400047ee7c0a5fa0dc844aecb8b588a79decfda3a40492f4606a0c9b42e3
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 3H2lTnUDatu38llRTanWxCLlMRm51kBouL1M1PsJo3fiXllnhZ89wpP1Lh1Jc17ZrabZbGk52raVTnh40TdJCA==
date: Wed, 30 Nov 2022 18:45:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 74936
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
nessendencec.com/multi?cs=SDVnS0x5BFN8fHsAU3l8fQxTc3s&abt=0&red=1&sm=76&k=download%20file%20pokemon%20scarlet%20part1&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=129.36610608020698&ref=https%3A%2F%2Fmegaup.net%2F1aa9m%2FPokemon_Scarlet_(XCI)(US).part1_(2).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_OSsh=1669833945968&crc=1
200 OK 1.6 kB URL HTTP/2 nessendencec.com/multi?cs=SDVnS0x5BFN8fHsAU3l8fQxTc3s&abt=0&red=1&sm=76&k=download%20file%20pokemon%20scarlet%20part1&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=129.36610608020698&ref=https%3A%2F%2Fmegaup.net%2F1aa9m%2FPokemon_Scarlet_(XCI)(US).part1_(2).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_OSsh=1669833945968&crc=1
IP
File type ASCII text, with very long lines (3266), with no line terminators
Hash d8cb046310ee30d66a0f69de6cefe39f
b21350ce97790ace826d2e3aa1c77afa1b983982
6f811ac0b81cc270bfa67d13508a5cf90c4a51ca099fe10361dcaad7c76a6a5a
GET /multi?cs=SDVnS0x5BFN8fHsAU3l8fQxTc3s&abt=0&red=1&sm=76&k=download%20file%20pokemon%20scarlet%20part1&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=129.36610608020698&ref=https%3A%2F%2Fmegaup.net%2F1aa9m%2FPokemon_Scarlet_(XCI)(US).part1_(2).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_OSsh=1669833945968&crc=1 HTTP/1.1
Host: nessendencec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1595
date: Wed, 30 Nov 2022 18:45:47 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=25f1bb29-9f50-449d-bddb-e9f546c6463d
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k5uaDQht1yLVLVDOhEuQFYdX7C5UUnzPtmQKcnFQADDdNouPfTNdMw==
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1669833945574
200 OK 68 B URL HTTP/2 api.purpleads.io/x/init?ts=1669833945574
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f28248b8cdef8ef9e4181ef6e9b11742
3e6e5226ddedd8a23980cbec45ddc657e7714f65
587259314084a04755f0dfb2d0f0e9f07bdf03a575352e366e308d2e19cfc70a
OPTIONS /x/init?ts=1669833945574 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: a2d02b49-c052-4d95-8459-d2f2b9ae7a3b
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c2b8f0e2059033eea7ad978d8200cbd
f1d6c7051ec1089d425b55cdad9562fdafda9586
ba141fa3ab0b35cd81ff5802835d83e337f591b81943f41dd01073f39816b0ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA141FA3AB0B35CD81FF5802835D83E337F591B81943F41DD01073F39816B0AD"
Last-Modified: Tue, 29 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9425
Expires: Wed, 30 Nov 2022 21:22:52 GMT
Date: Wed, 30 Nov 2022 18:45:47 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4; _ga=GA1.2.1254959078.1669833946; _gid=GA1.2.335105231.1669833946; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ntheworldw.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 390
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
6.adsco.re/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725bdfda88cfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
200 OK 62 B IP
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:45:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
ntheworldw.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 349
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fa825e2c024fb946380526045ea0f652
328c42d7815f8eaa3cb0c5a469d4188c1fd25df9
6dd455e2abec9bdbe14707451351ef18fc43d1bd92d6fe21d3a8cadb4866645e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6DD455E2ABEC9BDBE14707451351EF18FC43D1BD92D6FE21D3A8CADB4866645E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1039
Expires: Wed, 30 Nov 2022 19:03:07 GMT
Date: Wed, 30 Nov 2022 18:45:48 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 280 B IP
Hash 8c48eb6eb381455c34c6880cd17488ca
5b376141334eec8b943e0cb1bfce75f4b3490f72
c2f401aabd4d6422b0723ae6696621f76dec8253fea2f90a1aabbefd349b7a25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5517
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:48 GMT
Last-Modified: Wed, 30 Nov 2022 17:13:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
cdn.psdn.xyz/prebid-7.22.0-2022-10-26.js
200 OK 110 kB URL HTTP/2 cdn.psdn.xyz/prebid-7.22.0-2022-10-26.js
IP
File type ASCII text, with very long lines (64899)
Size 110 kB (110489 bytes)
Hash 57c01fea38b0b55be8f8695b6c4988ff
4032cfd77db4cefcc38aedac4b9bbf9f4c51639e
b9f42206a1196365d65749aa3bececd05e35895c8608e7553d358132987191f9
GET /prebid-7.22.0-2022-10-26.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:48 GMT
content-encoding: gzip
content-length: 110489
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:07:08 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "57c01fea38b0b55be8f8695b6c4988ff"
cache-control: max-age=31536000
x-amz-request-id: tx00000000000010ab6e820-006359394f-34c5ae65-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1669833948.dop219.sk1.t,1669833948.cds257.sk1.hn,1669833948.cds204.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 891cd50342a3c735696c4a88e30ca462
04891bf2ea21186803f48ffd8d0da5f2a0dd7567
7879f390ce2926cba8bd50bf2dafe3adeaf41216d6c6e7a2fb6d325dc98876bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7879F390CE2926CBA8BD50BF2DAFE3ADEAF41216D6C6E7A2FB6D325DC98876BC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Wed, 30 Nov 2022 21:36:25 GMT
Date: Wed, 30 Nov 2022 18:45:48 GMT
Connection: keep-alive
megaup.net/sw.js?N3VXV3ZsV29kRAFGZHVaFVd7dRADEW5iR1IRemRGB0x6Y04AE3pvEAFAem9HVUw2YEFSRGI0EBVZdW5FAk02YRVWWDM1Tw9YY2FDVVhvYkZSWG9jFQ4RNTFFVBRlZFQbVyQgVBtXOSMeUgI4JRpTAnk1A00PdXtUBkV5YlQbEzY7BVJZMTYaRBB7MRdbBjIK
200 OK 43 kB URL HTTP/2 megaup.net/sw.js?N3VXV3ZsV29kRAFGZHVaFVd7dRADEW5iR1IRemRGB0x6Y04AE3pvEAFAem9HVUw2YEFSRGI0EBVZdW5FAk02YRVWWDM1Tw9YY2FDVVhvYkZSWG9jFQ4RNTFFVBRlZFQbVyQgVBtXOSMeUgI4JRpTAnk1A00PdXtUBkV5YlQbEzY7BVJZMTYaRBB7MRdbBjIK
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash d6ee011558c59d14fa0a45be5b921863
eab81789db73e4855dece8f7a02ca12f81007169
b0d3d37a91e96334a3bea5452c31f65639a1ecd0cdbadfffe23193d864489bb4
GET /sw.js?N3VXV3ZsV29kRAFGZHVaFVd7dRADEW5iR1IRemRGB0x6Y04AE3pvEAFAem9HVUw2YEFSRGI0EBVZdW5FAk02YRVWWDM1Tw9YY2FDVVhvYkZSWG9jFQ4RNTFFVBRlZFQbVyQgVBtXOSMeUgI4JRpTAnk1A00PdXtUBkV5YlQbEzY7BVJZMTYaRBB7MRdbBjIK HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4; _ga=GA1.2.1254959078.1669833946; _gid=GA1.2.335105231.1669833946; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b282631373e013a3b32fe88b8cdaf483
0154a42e6a93fb44bfa23c5186d63489efb02cc1
30a2ad480893aaf49abe9846b3a8527b46466de1a93ecac9cfe89a4049348e29
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 857
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
AN-X-Request-Uuid: 4a246ec6-b438-4de6-af20-0e93eaca9761
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
mp.4dex.io/prebid
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2043
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:48 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7725be000900b50b-OSL
X-Firefox-Spdy: h2
ntheworldw.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 364
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
304 Not Modified 0 B URL HTTP/2 script.4dex.io/localstore.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 30 Nov 2022 18:45:48 GMT
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 612877
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkGwS1ZKdSbbdOpKlNFrD2S3pgxuO7DEzwXZpt6wUHTpXvA3iek%2BWzwU64ghcuwc9WQeBreEgHuoORvb5DCY0iRKCMABKGf0mh3PrJUKxff0VEc9fgj7DceVQP7kOsK4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725be00ba01b50b-OSL
X-Firefox-Spdy: h2
ha1u35zgmi2m.n4.adsco.re/
200 OK 0 B URL HTTP/1.1 ha1u35zgmi2m.n4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ha1u35zgmi2m.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:45:48 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1018
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Wed, 30 Nov 2022 18:45:47 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 386112810bd47911b9bce6f507fd2897
32b6e758238182947d192dcb6a1eb8ee5123e507
0afa2e80fe18247ecda1a0aa171b797e2b20a7dcf2aa5372dafc233cde321994
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1011
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:48 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
AN-X-Request-Uuid: d5bfd4c9-42c4-4e56-a38c-73ba2ced9789
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
mp.4dex.io/prebid
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1990
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:48 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7725be00ca1ab50b-OSL
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
304 Not Modified 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 30 Nov 2022 18:45:48 GMT
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
etag: "c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 695476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qhm2fqj4MwWiTR92%2BSzZwBjbphQvpEt4RHpJ5FeEmPonmFPuzOmapXzX0HiKdDDlx8dUEISrCb4IE3ECrI9f8BO8HOJhozNTvu1HY87dbX7aucJPraEUq2i%2BqCU0iaYr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725be00f929b50c-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash b1dff4c8ca090f2210c9148d2932b265
7c3f266d98371f366352dc0f8eddc409b517527f
c3bd399d691109ef3e410c772c6f83325b2e54b53ddd20af6c2bb2aacbd86d6b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:45:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 19:45:29 GMT
Expires: Tue, 06 Dec 2022 19:45:28 GMT
Etag: "7c3f266d98371f366352dc0f8eddc409b517527f"
Cache-Control: max-age=521379,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7725bdffb838b4ee-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash 86a5af7394d66e08c4abb8004b9c8dea
6388100a7a103fc7b17efffa42c40583a5add9b4
a8ef4d064a487e61ee119c01e1cfbabdf76ddd11c30f43e0e74d3bff28585c65
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5454
Cache-Control: max-age=119022
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:48 GMT
Etag: "6386bd7c-1d7"
Expires: Fri, 02 Dec 2022 03:49:30 GMT
Last-Modified: Wed, 30 Nov 2022 02:18:36 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 539
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8cd308bd86e1dd57367486278ffc745b
c3816eb2feaef7a97370829326663566054fecb9
374b5529cf7c6fd39a25edd3a6beade34bf560c324d5b03154cd2d0172d6f491
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 18:45:48 GMT
Etag: "6387679f-1d7"
Last-Modified: Wed, 30 Nov 2022 17:12:08 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DGQUDqIIOVG-b6zhlEgtQmTTXIYzSy38pw_6i0kzpV3yXAYnu4lwzw==
Age: 5620
ocsp.digicert.com/
200 OK 471 B IP
Hash 6ccd2c54aa62e5ed7721db3dc9a15d0a
0b7c4aacd9a6e4e337de58b2313e24507853759b
c2532f2fc4ac1a784f2e57bfe036afbe311a90d017c59dd77714334b9308afd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5643
Cache-Control: max-age=118880
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 18:45:48 GMT
Etag: "6386bc31-1d7"
Expires: Fri, 02 Dec 2022 03:47:08 GMT
Last-Modified: Wed, 30 Nov 2022 02:13:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 462
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 18:45:48 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
adsco.re/p
200 OK 134 B IP
File type ASCII text, with no line terminators
Hash 56ad2a7fef8b15e4da951a3148d25746
78b9d47131352b117b059389d39eae2cd0d61182
c1c48d2916143cc7feb7549fb89fe18bed4b661cc3c33e44725c1fd748cff67a
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Length: 1966
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:45:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.sectigo.com/
200 OK 472 B IP
Hash b1dff4c8ca090f2210c9148d2932b265
7c3f266d98371f366352dc0f8eddc409b517527f
c3bd399d691109ef3e410c772c6f83325b2e54b53ddd20af6c2bb2aacbd86d6b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:45:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 19:45:29 GMT
Expires: Tue, 06 Dec 2022 19:45:28 GMT
Etag: "7c3f266d98371f366352dc0f8eddc409b517527f"
Cache-Control: max-age=521379,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7725be00ebd8b521-OSL
megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
200 OK 54 kB URL HTTP/2 megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58554), with CRLF, LF line terminators
Hash 0713ba8ac89df0bb3481cd668c6c0f88
dfea4af90d28079e823ed25bc9ef92a0730e9d71
740317f30d33ed09d0e235364c3cf26cc1dd64a0f401e2f7219d2d6d62b54474
GET /1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4; expires=Thu, 01-Dec-2022 18:45:45 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 443ed6fb0876c524f42911456b472654
c3a55edaed521d5c162314a5149bf01b5e5bc2fe
c9f3a9c41a43b21c41b728a4836ebbc830baff1ae45b76c8effe8703e99297d5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 18:45:48 GMT
Last-Modified: Wed, 30 Nov 2022 17:10:57 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iY0DbzTkEx61_47r7W8wWBvX4-SdGBAlfR7D55NcaKE-X-LtCK1bwA==
Age: 5691
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8dfe856036a437abdce50f384c37a8a5
8533fecd65bd29891af164e18d25355242cd430f
7d06cd442b977549f8d72ae7467b38d1925e5090212ea7f3f6fdcb85fbd54999
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D06CD442B977549F8D72AE7467B38D1925E5090212EA7F3F6FDCB85FBD54999"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5748
Expires: Wed, 30 Nov 2022 20:21:36 GMT
Date: Wed, 30 Nov 2022 18:45:48 GMT
Connection: keep-alive
engine.4dsply.com/verify?sig=BAYAY4ek3AFjh6TcgAGBAcAAIDSHIoBVndrMEZgjqFWzzcMuUif5z4EreOz3dtvg1pEkwQAgkKpYdz1H-xP9RX2zpqGq_FqFEV79FYu52rJyhoMrLSQ
200 OK 17 B URL HTTP/2 engine.4dsply.com/verify?sig=BAYAY4ek3AFjh6TcgAGBAcAAIDSHIoBVndrMEZgjqFWzzcMuUif5z4EreOz3dtvg1pEkwQAgkKpYdz1H-xP9RX2zpqGq_FqFEV79FYu52rJyhoMrLSQ
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f9bf086d73f8b7cc483324aedb224ed0
be03b282679354a90df7b59b4c92da6e8caeaccc
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
GET /verify?sig=BAYAY4ek3AFjh6TcgAGBAcAAIDSHIoBVndrMEZgjqFWzzcMuUif5z4EreOz3dtvg1pEkwQAgkKpYdz1H-xP9RX2zpqGq_FqFEV79FYu52rJyhoMrLSQ HTTP/1.1
Host: engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:48 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
x-adscore-status: bot
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725be0269c1b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2F1aa9m%2FPokemon_Scarlet_(XCI)(US).part1_(2).rar&tmax=3000
200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2F1aa9m%2FPokemon_Scarlet_(XCI)(US).part1_(2).rar&tmax=3000
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2F1aa9m%2FPokemon_Scarlet_(XCI)(US).part1_(2).rar&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 513
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:48 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP
File type JSON data\012- , ASCII text
Hash bbf821674a4cec5233e70975ffd52566
1aa17b7f8ae939afa3270426fef75d0abf45dc6f
0b06b1af645986063b8b92e37712557b7749e286432eed1502d97f8e5e2b5b33
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1037
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:48 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://megaup.net
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?demand=unifiedPb&ts=1669833947286
200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?demand=unifiedPb&ts=1669833947286
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v/?demand=unifiedPb&ts=1669833947286 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:48 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 7f12a46d-f310-4df1-9a2b-a681e4765bfd
X-Firefox-Spdy: h2
ha1u35zgmi2m.s4.adsco.re/
200 OK 0 B URL HTTP/1.1 ha1u35zgmi2m.s4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ha1u35zgmi2m.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 18:45:48 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
api.purpleads.io/x/b/?idx=1&pid=39165bb70ed44c59b2b2420d5446d078&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=04825041-5778-41e4-8755-941e69b7e0e2&demand=unifiedPb&ts=1669833947493
200 OK 122 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=39165bb70ed44c59b2b2420d5446d078&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=04825041-5778-41e4-8755-941e69b7e0e2&demand=unifiedPb&ts=1669833947493
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 60a50d4725fc5e2dbaec94e0e03f82d6
f138e80b1eb7646f74536483822e8a11d45a2e38
085a9a5a09154636bca48a57fa439c58d7383a1581be883a7a481cd14dbe5f71
OPTIONS /x/b/?idx=1&pid=39165bb70ed44c59b2b2420d5446d078&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=04825041-5778-41e4-8755-941e69b7e0e2&demand=unifiedPb&ts=1669833947493 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:48 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: bd2bd842-e32f-4878-a25e-d0b3337a9316
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6f590216ae2bf5ac86421178004fbebf
bd5fac2e9ef5143c6ad3eb4aa774593c54150422
6403084e14ecb98221c6fd8f1465a3be209417e61f5c701b61128c2f55d30d89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6403084E14ECB98221C6FD8F1465A3BE209417E61F5C701B61128C2F55D30D89"
Last-Modified: Tue, 29 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5451
Expires: Wed, 30 Nov 2022 20:16:41 GMT
Date: Wed, 30 Nov 2022 18:45:50 GMT
Connection: keep-alive
socketbuild.com/winnotice?sid=H4sIAAAAAAAC%2F1RTTYgcRRSuifEQPCl6EHIYwYOCzHZPz8z2GCQYk0gwZpcksjehuqp79zk9VU1V9%2FTsnhYF2ZOMeDB6qv32DzX%2B5OBRlF4vsiBkLrKie%2FHkyT8IHmUmY0YfVL2f7x2%2Beu%2Brt7eLE%2Bah4MfLr%2BoNSlO%2B0G549WdWSEld2vq1m3Xfa3jn6iukOq1z9eHkMoPnfa%2Fd8J6tvxyLnl5oer7n%2BZ5fv0wmTvRwYYqCsttdv9H1Gq1mw2%2B3MDQOtqjB8hrk4IQ9BpLjh9e%2BuwMSFVT%2Fi4ux7eU6e%2B5Sv0h5rg0G8uA11VO6VOjPw8TUkKiDWTe0HTN26xS0Opixhh7sTlgjojGr%2FeAjUgczaogGe%2FfZRSlihUg%2BgnJQIU4rEK8g9FsgeZcBQuLaElR%2F%2F5o2JV%2B%2Fj%2FIJOman7%2F0FKsfs9M%2BPQ%2FU%2Fu5DSsH5Dp0VOWlkMEwcaVqDVCllxiHyDgcpDiPxNkPyeLdy7CtXfXbKpBkk3fT1RBUoqpPEI3DIUk0MMRVJDkdXQl8d13u4mnreYREkQhC0hRBAI0Q47si2DVph4KMSE3gh5NoJIRxBmE5nZRI9GMMU7IFuh4A6UOWR2P2y2u76PWByd%2F%2FWDiX0ITsf1ti9aURjEi4Evw4R7Lc%2FvhLybLMZh0A6abUR0dP7pv7%2Fc%2BmXtD6TEEPOjr39nU4NVDqpwO8qQg4mP2Mx2jMyPzj%2FoWnOwksHmDAPpUMYMpWUoOUNJDGXOUA7cnkxt07p9mdoi8me%2BOfOB29H5qtvT%2BWqs2HZ2wh6d7uZP8Tp68XE98UQzTLqtoBm2ut0olK3FoBN2pPBlGLdCCUv%2FToDsKXBbwwaN2RM%2F%2FYZsIhv5HiJ%2BCJseQtBT4MVZ8NKBrzlsKAepP7da9OI8KiiVDaH7yPIzyNdr2%2BkJe3JKpXNr63%2FTFcYhMw5v0LcMq%2BnWznVdst3rurTszlKWU582%2BERCN3Kexw99%2FEq8Xmojr1y0o49eFBNgEt6%2BGdv8KleS1Kpln1wgKWNzWRsRs6%2Bu2JU4Wi7s2oXCqCK7uvzS5Sv9zMTWklYVON299D4EjdmZd3%2Bcfo6zn74AMhVM4dAvHmwLpCuIbBM2m9esZjDpPI8yhrJwO6YZzYsTPaTztYNHDvY%2FeTSPt%2B03sOSQW%2FYPAAAA%2F%2F8BAAD%2F%2FwD0oD%2BGBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1669833947&pid=91283&sub2=icon&auid=51c4b83e731d8fa040168a9f7e835325&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
307 Temporary Redirect 0 B URL HTTP/1.1 socketbuild.com/winnotice?sid=H4sIAAAAAAAC%2F1RTTYgcRRSuifEQPCl6EHIYwYOCzHZPz8z2GCQYk0gwZpcksjehuqp79zk9VU1V9%2FTsnhYF2ZOMeDB6qv32DzX%2B5OBRlF4vsiBkLrKie%2FHkyT8IHmUmY0YfVL2f7x2%2Beu%2Brt7eLE%2Bah4MfLr%2BoNSlO%2B0G549WdWSEld2vq1m3Xfa3jn6iukOq1z9eHkMoPnfa%2Fd8J6tvxyLnl5oer7n%2BZ5fv0wmTvRwYYqCsttdv9H1Gq1mw2%2B3MDQOtqjB8hrk4IQ9BpLjh9e%2BuwMSFVT%2Fi4ux7eU6e%2B5Sv0h5rg0G8uA11VO6VOjPw8TUkKiDWTe0HTN26xS0Opixhh7sTlgjojGr%2FeAjUgczaogGe%2FfZRSlihUg%2BgnJQIU4rEK8g9FsgeZcBQuLaElR%2F%2F5o2JV%2B%2Fj%2FIJOman7%2F0FKsfs9M%2BPQ%2FU%2Fu5DSsH5Dp0VOWlkMEwcaVqDVCllxiHyDgcpDiPxNkPyeLdy7CtXfXbKpBkk3fT1RBUoqpPEI3DIUk0MMRVJDkdXQl8d13u4mnreYREkQhC0hRBAI0Q47si2DVph4KMSE3gh5NoJIRxBmE5nZRI9GMMU7IFuh4A6UOWR2P2y2u76PWByd%2F%2FWDiX0ITsf1ti9aURjEi4Evw4R7Lc%2FvhLybLMZh0A6abUR0dP7pv7%2Fc%2BmXtD6TEEPOjr39nU4NVDqpwO8qQg4mP2Mx2jMyPzj%2FoWnOwksHmDAPpUMYMpWUoOUNJDGXOUA7cnkxt07p9mdoi8me%2BOfOB29H5qtvT%2BWqs2HZ2wh6d7uZP8Tp68XE98UQzTLqtoBm2ut0olK3FoBN2pPBlGLdCCUv%2FToDsKXBbwwaN2RM%2F%2FYZsIhv5HiJ%2BCJseQtBT4MVZ8NKBrzlsKAepP7da9OI8KiiVDaH7yPIzyNdr2%2BkJe3JKpXNr63%2FTFcYhMw5v0LcMq%2BnWznVdst3rurTszlKWU582%2BERCN3Kexw99%2FEq8Xmojr1y0o49eFBNgEt6%2BGdv8KleS1Kpln1wgKWNzWRsRs6%2Bu2JU4Wi7s2oXCqCK7uvzS5Sv9zMTWklYVON299D4EjdmZd3%2Bcfo6zn74AMhVM4dAvHmwLpCuIbBM2m9esZjDpPI8yhrJwO6YZzYsTPaTztYNHDvY%2FeTSPt%2B03sOSQW%2FYPAAAA%2F%2F8BAAD%2F%2FwD0oD%2BGBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1669833947&pid=91283&sub2=icon&auid=51c4b83e731d8fa040168a9f7e835325&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTTYgcRRSuifEQPCl6EHIYwYOCzHZPz8z2GCQYk0gwZpcksjehuqp79zk9VU1V9%2FTsnhYF2ZOMeDB6qv32DzX%2B5OBRlF4vsiBkLrKie%2FHkyT8IHmUmY0YfVL2f7x2%2Beu%2Brt7eLE%2Bah4MfLr%2BoNSlO%2B0G549WdWSEld2vq1m3Xfa3jn6iukOq1z9eHkMoPnfa%2Fd8J6tvxyLnl5oer7n%2BZ5fv0wmTvRwYYqCsttdv9H1Gq1mw2%2B3MDQOtqjB8hrk4IQ9BpLjh9e%2BuwMSFVT%2Fi4ux7eU6e%2B5Sv0h5rg0G8uA11VO6VOjPw8TUkKiDWTe0HTN26xS0Opixhh7sTlgjojGr%2FeAjUgczaogGe%2FfZRSlihUg%2BgnJQIU4rEK8g9FsgeZcBQuLaElR%2F%2F5o2JV%2B%2Fj%2FIJOman7%2F0FKsfs9M%2BPQ%2FU%2Fu5DSsH5Dp0VOWlkMEwcaVqDVCllxiHyDgcpDiPxNkPyeLdy7CtXfXbKpBkk3fT1RBUoqpPEI3DIUk0MMRVJDkdXQl8d13u4mnreYREkQhC0hRBAI0Q47si2DVph4KMSE3gh5NoJIRxBmE5nZRI9GMMU7IFuh4A6UOWR2P2y2u76PWByd%2F%2FWDiX0ITsf1ti9aURjEi4Evw4R7Lc%2FvhLybLMZh0A6abUR0dP7pv7%2Fc%2BmXtD6TEEPOjr39nU4NVDqpwO8qQg4mP2Mx2jMyPzj%2FoWnOwksHmDAPpUMYMpWUoOUNJDGXOUA7cnkxt07p9mdoi8me%2BOfOB29H5qtvT%2BWqs2HZ2wh6d7uZP8Tp68XE98UQzTLqtoBm2ut0olK3FoBN2pPBlGLdCCUv%2FToDsKXBbwwaN2RM%2F%2FYZsIhv5HiJ%2BCJseQtBT4MVZ8NKBrzlsKAepP7da9OI8KiiVDaH7yPIzyNdr2%2BkJe3JKpXNr63%2FTFcYhMw5v0LcMq%2BnWznVdst3rurTszlKWU582%2BERCN3Kexw99%2FEq8Xmojr1y0o49eFBNgEt6%2BGdv8KleS1Kpln1wgKWNzWRsRs6%2Bu2JU4Wi7s2oXCqCK7uvzS5Sv9zMTWklYVON299D4EjdmZd3%2Bcfo6zn74AMhVM4dAvHmwLpCuIbBM2m9esZjDpPI8yhrJwO6YZzYsTPaTztYNHDvY%2FeTSPt%2B03sOSQW%2FYPAAAA%2F%2F8BAAD%2F%2FwD0oD%2BGBAAA&ap=${AUCTION_PRICE}&l=3577992&sub3=1669833947&pid=91283&sub2=icon&auid=51c4b83e731d8fa040168a9f7e835325&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: socketbuild.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Wed, 30 Nov 2022 18:45:50 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c112c851f2a5af54fe1792f498f05616
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 878b09fbfc6e211b9563cb6e2159ace0
b90946d8d69b02f60b75b42f1ef048311b374855
633a08f91314ecd2fd983dc5415400b0d768befb25f65fcd531df4e95cdaafcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "633A08F91314ECD2FD983DC5415400B0D768BEFB25F65FCD531DF4E95CDAAFCB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16202
Expires: Wed, 30 Nov 2022 23:15:52 GMT
Date: Wed, 30 Nov 2022 18:45:50 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:50 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Fri, 02 Dec 2022 18:45:50 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
200 OK 8.2 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash 0e33f99abe5481bbd5bf89cd3d7c6a46
a6f131e56ba1c3d54bc2ccac4b66d10739c5d505
9d467a6556bbfaee731e09e4942663422bc0a2955ae4caeea62cf1827ae87747
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Fri, 02 Dec 2022 18:45:51 GMT
date: Wed, 30 Nov 2022 18:45:51 GMT
content-length: 8209
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 18:45:51 GMT
Age: 50013
X-Served-By: cache-lga13626-LGA, cache-bma1679-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 158263
X-Timer: S1669833952.612118,VS0,VE0
Vary: Accept-Encoding
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: db5446c2-bf7e-439d-8573-c28f3563c291
Set-Cookie: uuid2=8999589930980501248; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 28-Feb-2023 18:45:51 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
b1h-euc1.zemanta.com/usersync/prebid
200 OK 26 B URL HTTP/1.1 b1h-euc1.zemanta.com/usersync/prebid
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /usersync/prebid HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 26
Connection: keep-alive
Date: Wed, 30 Nov 2022 18:45:51 GMT
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 8ea2068f-0529-4737-aad2-3fba5332f6fe
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 40be7826-fc12-4a2b-8214-276959a7160c
Set-Cookie: uuid2=4748608041004121665; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 28-Feb-2023 18:45:51 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 43558ce3-61fd-4d52-b9dd-ff024ef22f2c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eb2.3lift.com/sync?
200 OK 37 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:51 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4; _ga=GA1.2.1254959078.1669833946; _gid=GA1.2.335105231.1669833946; _gat_gtag_UA_108868042_1=1; a=hqeggzoeQSRfJGURx1uF0bTyyxi6TgSo; token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAY4ek3AFjh6TcgAGBAcAAIDSHIoBVndrMEZgjqFWzzcMuUif5z4EreOz3dtvg1pEkwQAgkKpYdz1H-xP9RX2zpqGq_FqFEV79FYu52rJyhoMrLSQ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:52 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 8e6cb56e-1a66-4508-b32d-ab1769d3edd9
Set-Cookie: uuid2=9207251106073429900; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 28-Feb-2023 18:45:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 90e1f5b1-d8c5-4b6a-83b2-340e5bf83ba5
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: fe410dec-8520-40c8-82ef-3c058bb4b5c5
Set-Cookie: uuid2=7720297456552885616; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 28-Feb-2023 18:45:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 18:45:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9bbe2159-b58c-4947-8346-80a0bf20e170
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&ip=91.90.42.154&pl=k0gMvFr2qzQEl5WZEWQy4me5c2yZL3khfeZi5pJIaw9MFmTWVnARBkzNNx136EwsaRzz6_egjpV2xh1gf5MaVmbqGF0Wu4rv2TE_In6MaK4IglJG9xdlkP1nraKtK_FFTRHyNB65H0_zAADmI81AeJavOz8wlnlK3NyVPKqxBKfmebcIVZGOYkQNvmXzWNecNC0leZ7REjpfI6CqEjkXtd4cOe-3wUHIVuKvlU6YSrb5n__Y6Dxxio-_oTH5vqo06b6rxEs-WOKd9229kRGOlbUQXkdPDjznZb93QOCyMK7uM7kYT5N4T29qO0gQ-8SY3-rSAUdbZIjDnGvPDWu89BFWSCVcMo0D5_6GpMHrqEvyHg66jJ7QkZU43cWz7uyf1gyqnNos-8fAGfT9V0N8TMyEQCSXy2R7zmx1S58ZXj89l0HBx8kkQy5g_MV4-8fiDKYByY6OCaPL_vHKrW4DqgAGsuWQHWPWT6MsFzPmLs_j132NYLAT3eCv_saabjfm1dcWA3Lm8PlUpVIkPGl6bo3VhtPlDZQU9D05V2SR34Yv0bi_9PzpMdXvsIo2UyQcioEMQaFd2k_cGUvuwbjGo7MellUVz12wEkH38wiVbJNWajqltUkq-cy_ksAr8Dp53ZEW2kHFGs_yd-GgQd3sP7mVm_wapyklXO4iRfNe9gwzXv6ruSTrTbPGPL9ZFa1BMqJ2Zj-ATgMZCmoBc2pyeAHl4OLGXREswKQ1cEtypXzRQd5JqoQGr7MAk3fuUpfT3OpVjj9L1bzw03fnUeWLQK-25B1PWghtc0T0lr_hjXPsglnf2xx5_mc-9pYcaHgNt8CpCxq_BfV74jBVnAgDJcnHn7edPYvCIljMYZdTelOPPSPp9M4fV-j6ytU1BvywPUWjXMmlujqvNKgKFi2yhtziTy8fbNzBcj9gAjCpf8fylKrEa0Bkgfg6fNssH7nVWtBMeP5yQSl9bFwf27o77IJepx_3yIfBYOswg0r9hpOfdPBeyWy1UFSRCwA1w9-3HpbZrFu2-9R7SMtlWpcwiKxhicM4hOuOEqRYHUylxwYq&rd=p1bGGuUK2wf6KbdBHbdnQCkKDmcPsISbM8jljqxlsrSZ2NhVB0Um1K4yMvqWq4Mu9lLDY30DXlocEaYb_gk9lHlSAd8TlsT38YMxL_j15t7w_oAQH5t4CaSknPXxTDcfFyM2RLNfcxYC2VQwhTQHtUE=
302 Found 108 B URL HTTP/2 hypermusk.com/dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&ip=91.90.42.154&pl=k0gMvFr2qzQEl5WZEWQy4me5c2yZL3khfeZi5pJIaw9MFmTWVnARBkzNNx136EwsaRzz6_egjpV2xh1gf5MaVmbqGF0Wu4rv2TE_In6MaK4IglJG9xdlkP1nraKtK_FFTRHyNB65H0_zAADmI81AeJavOz8wlnlK3NyVPKqxBKfmebcIVZGOYkQNvmXzWNecNC0leZ7REjpfI6CqEjkXtd4cOe-3wUHIVuKvlU6YSrb5n__Y6Dxxio-_oTH5vqo06b6rxEs-WOKd9229kRGOlbUQXkdPDjznZb93QOCyMK7uM7kYT5N4T29qO0gQ-8SY3-rSAUdbZIjDnGvPDWu89BFWSCVcMo0D5_6GpMHrqEvyHg66jJ7QkZU43cWz7uyf1gyqnNos-8fAGfT9V0N8TMyEQCSXy2R7zmx1S58ZXj89l0HBx8kkQy5g_MV4-8fiDKYByY6OCaPL_vHKrW4DqgAGsuWQHWPWT6MsFzPmLs_j132NYLAT3eCv_saabjfm1dcWA3Lm8PlUpVIkPGl6bo3VhtPlDZQU9D05V2SR34Yv0bi_9PzpMdXvsIo2UyQcioEMQaFd2k_cGUvuwbjGo7MellUVz12wEkH38wiVbJNWajqltUkq-cy_ksAr8Dp53ZEW2kHFGs_yd-GgQd3sP7mVm_wapyklXO4iRfNe9gwzXv6ruSTrTbPGPL9ZFa1BMqJ2Zj-ATgMZCmoBc2pyeAHl4OLGXREswKQ1cEtypXzRQd5JqoQGr7MAk3fuUpfT3OpVjj9L1bzw03fnUeWLQK-25B1PWghtc0T0lr_hjXPsglnf2xx5_mc-9pYcaHgNt8CpCxq_BfV74jBVnAgDJcnHn7edPYvCIljMYZdTelOPPSPp9M4fV-j6ytU1BvywPUWjXMmlujqvNKgKFi2yhtziTy8fbNzBcj9gAjCpf8fylKrEa0Bkgfg6fNssH7nVWtBMeP5yQSl9bFwf27o77IJepx_3yIfBYOswg0r9hpOfdPBeyWy1UFSRCwA1w9-3HpbZrFu2-9R7SMtlWpcwiKxhicM4hOuOEqRYHUylxwYq&rd=p1bGGuUK2wf6KbdBHbdnQCkKDmcPsISbM8jljqxlsrSZ2NhVB0Um1K4yMvqWq4Mu9lLDY30DXlocEaYb_gk9lHlSAd8TlsT38YMxL_j15t7w_oAQH5t4CaSknPXxTDcfFyM2RLNfcxYC2VQwhTQHtUE=
IP
File type HTML document, ASCII text
Hash 022a95cacd9f3720430e1eb4fe87c905
d83c5db5fc6dbdc5893f3f500476188192467a45
6a5340804ff6302bc8a5761fbefccbc3624b9e6307a4d80a95c8a9b9eee68a4e
GET /dsp-stats/impression/1795175?var=825911&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0&ip=91.90.42.154&pl=k0gMvFr2qzQEl5WZEWQy4me5c2yZL3khfeZi5pJIaw9MFmTWVnARBkzNNx136EwsaRzz6_egjpV2xh1gf5MaVmbqGF0Wu4rv2TE_In6MaK4IglJG9xdlkP1nraKtK_FFTRHyNB65H0_zAADmI81AeJavOz8wlnlK3NyVPKqxBKfmebcIVZGOYkQNvmXzWNecNC0leZ7REjpfI6CqEjkXtd4cOe-3wUHIVuKvlU6YSrb5n__Y6Dxxio-_oTH5vqo06b6rxEs-WOKd9229kRGOlbUQXkdPDjznZb93QOCyMK7uM7kYT5N4T29qO0gQ-8SY3-rSAUdbZIjDnGvPDWu89BFWSCVcMo0D5_6GpMHrqEvyHg66jJ7QkZU43cWz7uyf1gyqnNos-8fAGfT9V0N8TMyEQCSXy2R7zmx1S58ZXj89l0HBx8kkQy5g_MV4-8fiDKYByY6OCaPL_vHKrW4DqgAGsuWQHWPWT6MsFzPmLs_j132NYLAT3eCv_saabjfm1dcWA3Lm8PlUpVIkPGl6bo3VhtPlDZQU9D05V2SR34Yv0bi_9PzpMdXvsIo2UyQcioEMQaFd2k_cGUvuwbjGo7MellUVz12wEkH38wiVbJNWajqltUkq-cy_ksAr8Dp53ZEW2kHFGs_yd-GgQd3sP7mVm_wapyklXO4iRfNe9gwzXv6ruSTrTbPGPL9ZFa1BMqJ2Zj-ATgMZCmoBc2pyeAHl4OLGXREswKQ1cEtypXzRQd5JqoQGr7MAk3fuUpfT3OpVjj9L1bzw03fnUeWLQK-25B1PWghtc0T0lr_hjXPsglnf2xx5_mc-9pYcaHgNt8CpCxq_BfV74jBVnAgDJcnHn7edPYvCIljMYZdTelOPPSPp9M4fV-j6ytU1BvywPUWjXMmlujqvNKgKFi2yhtziTy8fbNzBcj9gAjCpf8fylKrEa0Bkgfg6fNssH7nVWtBMeP5yQSl9bFwf27o77IJepx_3yIfBYOswg0r9hpOfdPBeyWy1UFSRCwA1w9-3HpbZrFu2-9R7SMtlWpcwiKxhicM4hOuOEqRYHUylxwYq&rd=p1bGGuUK2wf6KbdBHbdnQCkKDmcPsISbM8jljqxlsrSZ2NhVB0Um1K4yMvqWq4Mu9lLDY30DXlocEaYb_gk9lHlSAd8TlsT38YMxL_j15t7w_oAQH5t4CaSknPXxTDcfFyM2RLNfcxYC2VQwhTQHtUE= HTTP/1.1
Host: hypermusk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 18:45:54 GMT
content-type: text/html; charset=utf-8
content-length: 108
location: https://cdn.pncloudfl.com/pn/3d1/9ee/8df/3d19ee8df6dee83f3dc85d0341cbcfc37e61b32e.jpg
x-route-id: stats.push-notifications.dsp-impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1223
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:48 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Wed, 30 Nov 2022 18:45:48 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: text/plain
set-cookie: csu=1446735866397024@1@1669833947; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4siMluH1EnbIiZCWwXGFXXxKxQumhHa7eGw2kQkvmTlFeC7slrCsnPJM1nl%2Bf6gIUNOyHgRllBF58j%2FjEkCXGEodq9jmc6X6nJb%2B0lFGKjqW5uLF4yiVQLhP2MyVAol"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bdfa0a1371f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: text/plain
set-cookie: csu=2060576649742@1@1669833947; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCo%2F%2F%2FnMcR2zanfzqIwAXscM%2Fn13t42gHxh4t7mDFkNzFnWbJCVaANSkvAYz%2BHxbYt5nATioqyk5eBjFCYv9pZ87g%2BtBg3lvQKkty%2FLpbrSWAWpuspk4SUaRrnVykVNn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bdfa0a1171f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4598
last-modified: Wed, 30 Nov 2022 17:29:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp7yH60CmTua1pbIqp4zEfjNxv9FTAHwvs3jfd1ThOYSTiH%2B1DYVqZQK9dibRWCAgcfNqOj9UBMJ1lyiMADI0uAy08ymoFyC86MPu25vD08zEZJ2k1UHIAaKMQvsyIV6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725bdf9588d71f2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: text/plain
set-cookie: csu=1611324723948256@1@1669833947; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO%2B%2BL%2F%2F7vN8U8HfHXS99ufLZ3lt2zmO0NvB3x8vDdErdzE52vv2qAcaCl7o5Aa1w3pGMVNiuWFaHO%2BpTGvppOXgDrjO4jHogRQXdxky%2BWzIscLpFcgOslwO3oSpn%2By73"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bdf9487e71f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?ts=1669833945991
200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?ts=1669833945991
IP
GET /x/v/?ts=1669833945991 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.0.21
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFhYTltL1Bva2Vtb25fU2NhcmxldF8oWENJKShVUykucGFydDFfKDIpLnJhcg==
Authorization: Bearer 3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: b7c153e3-f52d-4aad-8c23-d3db7f99eb1a
etag: W/"56f-dVqEDMcYZGBPjAtcVh3lbmN2OdY"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1191
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:48 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Wed, 30 Nov 2022 18:45:48 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
200 OK 0 B URL HTTP/2 script.4dex.io/localstore.js
IP
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:48 GMT
content-type: application/javascript
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 612877
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIFWaa6Yqee5%2BE2%2F37eEI0xO4DFM8M6NFpfbcuXxa8xUnc52ztXVlZ4XTcLPV4GupBsV8Jdpxh6nn6hpViJffwaqmLw2iBv2%2BHEAiM%2F3zoYt9I%2FOdWlMwb4wUu7ZJj9g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bdffc89eb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
200 OK 0 B IP
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:48 GMT
content-type: application/javascript
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
etag: W/"c56b6332dacf72f135afcd153ae22448"
cache-control: public, max-age=1800
cf-cache-status: HIT
age: 695476
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kk9me2%2BzJwjZTgb0qbMAQ9Y1%2BuqZwEf4AxAxBJyTkKpdAhXJWWw9q7Pw5k5ZiOd4ZDfJFQg16k2RjmKK2kmdpInfBVVaCHUGWSuXKjlxRHO619iyNwF87deN2T%2F10WSu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725be001807b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4598
last-modified: Wed, 30 Nov 2022 17:29:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx7LRYCse82ryre26B%2FgHOXuGhFGxAoPnleZoYsXSSmqQRscqePL3XLsvz%2FrhFICqVosHznt2904JTdPTK87EaxfZUBVUEHR%2BonQTXhrvdn06HclNe4I5pJI%2B7Bs77eH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725bdf9385671f2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/sw.js
200 OK 0 B IP
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=39165bb70ed44c59b2b2420d5446d078&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=04825041-5778-41e4-8755-941e69b7e0e2&ts=1669833945827
200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=39165bb70ed44c59b2b2420d5446d078&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=04825041-5778-41e4-8755-941e69b7e0e2&ts=1669833945827
IP
OPTIONS /x/b/?idx=0&pid=39165bb70ed44c59b2b2420d5446d078&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=04825041-5778-41e4-8755-941e69b7e0e2&ts=1669833945827 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 18dddbb7-475e-47e0-9bbc-3004f5c46932
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4598
last-modified: Wed, 30 Nov 2022 17:29:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CX3JoyAqbONja3EK6pW99l2qqqZRCoe4B8bdIwWriVulhhEcrnM5UghgcbQiFT%2F4Wup%2Bp5Dkp3jrV4kEXB5%2BEATrgnSJ6s9F7mgrYl73QOrBlStTza5eU%2BSM1OUwWIBm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7725bdf9890371f2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
IP
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1669833945288
200 OK 0 B URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1669833945288
IP
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1669833945288 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:46 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DR3IOtnxDuQBENj9ewn%2FM%2BEsp7RklnOmOl60P3db73fqlWs3uHklpDtdWkSsbLQTDciqYT1AOs5fyZaTNBywTH0tyYR0BfBBgZ1JdJUCWoJpXtuGCibkLkGpwB9sBPstxbwLcYR6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7725bdf60988b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
societingna.info/azcxeHAQFUIPLx5FXVpKSV9FDAAYDR5XHQ5QUA0ARVlUDF8YQB8SA0kbEwsdDRULSVxJQ1AfLwJTE0JSUwQDTkNYFR1aAx5VbhEUWRULWhZfUwhNQQ5THEtAWw4cTEhcURxAFl0CHEBBCQ5QT0cOBgQbFklK
200 OK 0 B URL HTTP/2 societingna.info/azcxeHAQFUIPLx5FXVpKSV9FDAAYDR5XHQ5QUA0ARVlUDF8YQB8SA0kbEwsdDRULSVxJQ1AfLwJTE0JSUwQDTkNYFR1aAx5VbhEUWRULWhZfUwhNQQ5THEtAWw4cTEhcURxAFl0CHEBBCQ5QT0cOBgQbFklK
IP
Analyzer Verdict Alert fortinet Malware
GET /azcxeHAQFUIPLx5FXVpKSV9FDAAYDR5XHQ5QUA0ARVlUDF8YQB8SA0kbEwsdDRULSVxJQ1AfLwJTE0JSUwQDTkNYFR1aAx5VbhEUWRULWhZfUwhNQQ5THEtAWw4cTEhcURxAFl0CHEBBCQ5QT0cOBgQbFklK HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: a553cb148f4f7910f56c5f348a49bf70=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0f1-8qozPnn78vaQaEd/KBViL5YbnGE"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?ts=1669833945991
200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?ts=1669833945991
IP
OPTIONS /x/v/?ts=1669833945991 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 18:45:47 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 92618498-7a6d-4da6-82ea-6e709c560789
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1174700378%3A1669833947002655&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu7ujxjV4A5nx8XY2KsbFjrT0sZdMiusL7ItP3bah27eZ6oRCDEguobcUDYX-OqF6Ko_QhK
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1174700378%3A1669833947002655&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu7ujxjV4A5nx8XY2KsbFjrT0sZdMiusL7ItP3bah27eZ6oRCDEguobcUDYX-OqF6Ko_QhK
IP
GET /v3/signin/identifier?dsh=S1174700378%3A1669833947002655&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAu7ujxjV4A5nx8XY2KsbFjrT0sZdMiusL7ItP3bah27eZ6oRCDEguobcUDYX-OqF6Ko_QhK HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 18:45:47 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-IlR34F-bCpnIiSOyRG-blA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1224770919%3A1669833947046912&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtb_4vw9zPG3sp5GkYLj_iyEP0onPCofvvDjNAEt0NByfLPvXyxbB7MjoLoZbtyp9-yTpKw
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1224770919%3A1669833947046912&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtb_4vw9zPG3sp5GkYLj_iyEP0onPCofvvDjNAEt0NByfLPvXyxbB7MjoLoZbtyp9-yTpKw
IP
GET /v3/signin/identifier?dsh=S1224770919%3A1669833947046912&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtb_4vw9zPG3sp5GkYLj_iyEP0onPCofvvDjNAEt0NByfLPvXyxbB7MjoLoZbtyp9-yTpKw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Nov 2022 18:45:47 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-wU8zdXCfs4q-kxCWBbcYrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1aa9m/Pokemon_Scarlet_(XCI)(US).part1_(2).rar
Connection: keep-alive
Cookie: filehosting=t1ulj33af81t9r2ggeim20rnl4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 18:45:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
91.209.70.182
54.230.111.65
148.251.194.214
147.75.85.234
23.38.200.22
93.184.220.29
104.21.43.76
31.13.72.36
185.200.116.90
188.114.99.234