megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /18tpo/Hearts_Of_Iron_IV_v1.12.1.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 06 Feb 2023 23:16:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5208
Expires: Tue, 07 Feb 2023 00:43:15 GMT
Date: Mon, 06 Feb 2023 23:16:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3475
Expires: Tue, 07 Feb 2023 00:14:22 GMT
Date: Mon, 06 Feb 2023 23:16:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 22:36:29 GMT
content-type: application/json
age: 2398
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7181
Expires: Tue, 07 Feb 2023 01:16:08 GMT
Date: Mon, 06 Feb 2023 23:16:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: u2D3czbirRxQRCmdbP+iZCDp7T4qJPEQtVXDoGEOdqvwql1Z1EYKrXEWfM8iAEy6Gl/epNh1jLI=
x-amz-request-id: 7MZ1JZB8J3R2JG7Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 22:35:17 GMT
age: 2470
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash f07c85aa578735b0e76244950ffb3817
c71d6ec04f5bd87ac50b0787d2879bbda854c3d0
afdaa526bc344a8f1766a8b635a8e34ca30b0288eab4539ee68ab917a525fc05
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 11:25:43 GMT
Expires: Fri, 10 Feb 2023 11:25:42 GMT
Etag: "c71d6ec04f5bd87ac50b0787d2879bbda854c3d0"
Cache-Control: max-age=302354,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795797f87dccb4ff-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
200 OK 1.1 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
File type ASCII text, with CRLF line terminators
Hash ad76f97bf96cb4ec98de91023ae4daff
f8837d1caea2b828a8b4d94cfb4f914786bcd622
52e68d52752d0e88d264d186cbd776699c218d5b171ea3c1b243a96ef6f500ce
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
200 OK 42 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
File type HTML document, ASCII text, with very long lines (15714), with CRLF line terminators
Hash 563062b3b8f69507c5224d2bfa082d8d
3f54a8c04b9109bccab1d21220432908f0808f23
892350cb68fee3160eceef97079045af32958a240c537a3da7c5bf19f7758d9f
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
File type ASCII text, with very long lines (1759)
Hash 92b5f78396bd3924b342d49ce7468ab6
28fe3cc6fa208db702e6ea5f342dff3cf845189b
7bba7ab9dbdadde6770f7ddf44e8e8329c8ef7c8913b0a534d4e8b0f88c38481
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 23:16:28 GMT
expires: Mon, 06 Feb 2023 23:16:28 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 22:22:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
200 OK 4.6 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP
File type ASCII text, with CRLF line terminators
Hash 98d6cc42dec6e778d6d8cc2ee489710c
22bb78cdf8faf6e689ff687692b62aa6559ec556
01b38e976fe4ae17d6e74605e6291bd91ea1c90c8c064cf95e21dc78cc252c78
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
200 OK 34 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
Hash 4798c74447fe6ade82f07ca6ab19796a
f88c4e210b15e78cbedda1ae26f2860c6239592e
ae58b3ecbe9742f821598ad2431457489bc359a9b6595b553b9099b0328bd38b
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
200 OK 21 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
200 OK 1.2 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
IP
File type ASCII text, with CRLF line terminators
Hash 0ab97a33f5e52e0a2c31b7ff3ece43b2
90f55fb2b60bd75b4ed82c994623e689a062c5e2
285e722297e96f909bd079ba9413416ba2c43a7f2644ece36f7924cc8920311c
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
200 OK 5.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
File type ASCII text, with very long lines (1249)
Hash cdbc7ec8860474c5f202fa7c5591701b
2db3c02cb15e296650a2ddf9c35d1fceff1f08cd
9203ad7f67a817e8aeaf5d432f8ba6df6a5d6f55ec7fd5a61e5598fb4493ba13
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
200 OK 191 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 191 kB (191013 bytes)
Hash c1efe87fffdcb601f975a5ec97b88636
e169012763f2a75b9bdbdbd676a8e7b169874b97
c85ec147ab1ad6c762bd55f4c331e8055967a48476b82ee4b03ac842f97a1d48
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 191013
date: Mon, 06 Feb 2023 23:16:28 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lpCWvp0KbezbMCvSM_CvXS1fxRI9POWKid9Lu3CvNCtUxvc6g3i6_A==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 42797121ce5b2f3ae2c7e4a6bfda157c
034ac76477dbeac4499fe6ef56ff1fe928308afb
fce1b3bc81d33cf24f31c30011c89e0fddfe63c26af7cffe0c2b01d773e5f546
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCE1B3BC81D33CF24F31C30011C89E0FDDFE63C26AF7CFFE0C2B01D773E5F546"
Last-Modified: Mon, 06 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12214
Expires: Tue, 07 Feb 2023 02:40:02 GMT
Date: Mon, 06 Feb 2023 23:16:28 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
IP
Hash 1d3c9d230f5e7ae808dcd1a14153b08e
753ea7b461eedafbab70591ba17bee905999d9d4
203b5dfc402b8cff8cb35d21b7342f987cd5d174f019aad3bc3262f9859ef627
POST /s/gts1p5/1coKpI0UGHs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 23:16:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 07-Feb-2023 23:16:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Tue, 07-Feb-2023 23:16:28 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/js/jquery.fileupload-process.js
200 OK 1.6 kB URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
Hash 8536a1a90261374f119926c217afb4bc
0d7eb57fabc7efaf6f0ebe3b52e02ef27969fe6a
e6be092d1981e76c331de8b5ab171e1466a66e541cfbf5e4448be41e50d0b81d
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uF9yCsu6tDNceh8SHTZbCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vevnzdiME3P3jHQj6kQtQhJnHUo=
ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
IP
Hash 1d3c9d230f5e7ae808dcd1a14153b08e
753ea7b461eedafbab70591ba17bee905999d9d4
203b5dfc402b8cff8cb35d21b7342f987cd5d174f019aad3bc3262f9859ef627
POST /s/gts1p5/1coKpI0UGHs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
IP
Hash 1d3c9d230f5e7ae808dcd1a14153b08e
753ea7b461eedafbab70591ba17bee905999d9d4
203b5dfc402b8cff8cb35d21b7342f987cd5d174f019aad3bc3262f9859ef627
POST /s/gts1p5/1coKpI0UGHs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 23:16:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
IP
Hash 1d3c9d230f5e7ae808dcd1a14153b08e
753ea7b461eedafbab70591ba17bee905999d9d4
203b5dfc402b8cff8cb35d21b7342f987cd5d174f019aad3bc3262f9859ef627
POST /s/gts1p5/1coKpI0UGHs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
IP
Hash 1d3c9d230f5e7ae808dcd1a14153b08e
753ea7b461eedafbab70591ba17bee905999d9d4
203b5dfc402b8cff8cb35d21b7342f987cd5d174f019aad3bc3262f9859ef627
POST /s/gts1p5/1coKpI0UGHs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/themes/flow/js/jquery.tmpl.min.js
200 OK 547 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
File type ASCII text, with very long lines (971), with no line terminators
Hash d6dce21d6878f927665c1c3cec24695b
eabfc5233becbfbb163597e4ec7f02ec212555a1
c7659a07aae69b5e81ae2a353ac6685543ca21d678e72b2bcd3d66f14ee578e3
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
eiorwithitofstwe.xyz/aUNid29GfAEEUgouJA8hPgkgIl8OAjVHPTgSMzk3OHIKNi4vCkQDBg1+VUFeWHtUUR8AJ19GSRo3AwMaGn5TUQYHJQ1KSR9+U1lcXW1RRkFbZRdKXk83EhYIVHJEBxsdL19GWV52VUVaXXBXQ1he
204 No Content 0 B URL HTTP/2 eiorwithitofstwe.xyz/aUNid29GfAEEUgouJA8hPgkgIl8OAjVHPTgSMzk3OHIKNi4vCkQDBg1+VUFeWHtUUR8AJ19GSRo3AwMaGn5TUQYHJQ1KSR9+U1lcXW1RRkFbZRdKXk83EhYIVHJEBxsdL19GWV52VUVaXXBXQ1he
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aUNid29GfAEEUgouJA8hPgkgIl8OAjVHPTgSMzk3OHIKNi4vCkQDBg1+VUFeWHtUUR8AJ19GSRo3AwMaGn5TUQYHJQ1KSR9+U1lcXW1RRkFbZRdKXk83EhYIVHJEBxsdL19GWV52VUVaXXBXQ1he HTTP/1.1
Host: eiorwithitofstwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvk%2FrlFSRP2jLZoP9TAoFB330VvDoBVmnXomKv0o94oiYzPz%2FIYc4SeMws62j5JKMvgc8sqdolUa2KRbz2DVBGe2E2HOShHWSGLX2KrYlGbWVnkza9Q7L%2Ft%2Fde0bRe6XVbU0HWGFsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795797fe7b20b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eiorwithitofstwe.xyz/REMxczVrfFIACBBxeApUAhEDJnQWEmg7QSYCXTVbIC90MG0TBhcHXCB+CUQDd3IJVUUtJwxBDGIwRRJBMTAMQhMtLVccCGI1DEIbdG0HQxt1ZUROBGI3QRJSeXIXA0EwLwxCA3N2BkEAcHAERwx9
204 No Content 0 B URL HTTP/2 eiorwithitofstwe.xyz/REMxczVrfFIACBBxeApUAhEDJnQWEmg7QSYCXTVbIC90MG0TBhcHXCB+CUQDd3IJVUUtJwxBDGIwRRJBMTAMQhMtLVccCGI1DEIbdG0HQxt1ZUROBGI3QRJSeXIXA0EwLwxCA3N2BkEAcHAERwx9
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /REMxczVrfFIACBBxeApUAhEDJnQWEmg7QSYCXTVbIC90MG0TBhcHXCB+CUQDd3IJVUUtJwxBDGIwRRJBMTAMQhMtLVccCGI1DEIbdG0HQxt1ZUROBGI3QRJSeXIXA0EwLwxCA3N2BkEAcHAERwx9 HTTP/1.1
Host: eiorwithitofstwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTrauTmbhNfMCEYsQMLvBqKs5tsYG%2BgqHcifZ4olI3NSqWHixDHjuogBSnfruXmezt9uABM1DONvEh9YDqRcZCxIkWPNrZI5vz0RDn%2FlpXnu%2B8LaTwQqXQxBTp2rLDF64g2WRLS6aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795797fe9b4ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eiorwithitofstwe.xyz/MXhDcHQeRyADSWAgATMtXSI7ISxjIBpDMnkcBSofUj0BCiNcPWUEHVVFe0JBCElyVgRYHH5DRhcLNxEARAt+QkQBT2UZGlcXfkJSR0VzXk0fSW1BUkRFclYAQRkkTUUXCDcEGAxJdUdBBkp2REcETHpA
204 No Content 0 B URL HTTP/2 eiorwithitofstwe.xyz/MXhDcHQeRyADSWAgATMtXSI7ISxjIBpDMnkcBSofUj0BCiNcPWUEHVVFe0JBCElyVgRYHH5DRhcLNxEARAt+QkQBT2UZGlcXfkJSR0VzXk0fSW1BUkRFclYAQRkkTUUXCDcEGAxJdUdBBkp2REcETHpA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MXhDcHQeRyADSWAgATMtXSI7ISxjIBpDMnkcBSofUj0BCiNcPWUEHVVFe0JBCElyVgRYHH5DRhcLNxEARAt+QkQBT2UZGlcXfkJSR0VzXk0fSW1BUkRFclYAQRkkTUUXCDcEGAxJdUdBBkp2REcETHpA HTTP/1.1
Host: eiorwithitofstwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hbf0%2FtJigHUCiSgZg3jBUVmc2Aj7khp668SIqNXIbXVpDEUkHJIfIQ3zJdJXi%2BAz7oNOgAfhf9MiAOyXoKLEhcwOxtNELqrI1gTtVAoz4gZkBjOdGMinFwIWvBzx4dImsje%2FBch6UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795797fe9b51b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/imageads/004.gif
200 OK 788 kB URL HTTP/2 megaup.net/imageads/004.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 788 kB (787620 bytes)
Hash cebf8520da706e8af280b37da0d4b6d0
4a98769512c6ad30fef42667483a8dfcc91fa235
7db21a895acb26d1360633f808e9408ddfbaa5ae59b46b7e89996ac63d7038e1
GET /imageads/004.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: image/gif
content-length: 787620
last-modified: Thu, 01 Apr 2021 04:05:44 GMT
vary: Accept-Encoding
etag: "60654698-c04a4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
eiorwithitofstwe.xyz/ejg1N0JVB1ZEfzV/XXUTS1d4bwoeDldAcyBbbUMyOQkAQCdIVxNDKx4FDAN7Qg4BETITXAgGelxLQVY2D0sIBmQTVlNYf1xOCAZsShYHGXBcTQgGZA5IVFB/Sx5FQzYWBQQBdU8PBwJ2SQ0AB3s
204 No Content 0 B URL HTTP/2 eiorwithitofstwe.xyz/ejg1N0JVB1ZEfzV/XXUTS1d4bwoeDldAcyBbbUMyOQkAQCdIVxNDKx4FDAN7Qg4BETITXAgGelxLQVY2D0sIBmQTVlNYf1xOCAZsShYHGXBcTQgGZA5IVFB/Sx5FQzYWBQQBdU8PBwJ2SQ0AB3s
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ejg1N0JVB1ZEfzV/XXUTS1d4bwoeDldAcyBbbUMyOQkAQCdIVxNDKx4FDAN7Qg4BETITXAgGelxLQVY2D0sIBmQTVlNYf1xOCAZsShYHGXBcTQgGZA5IVFB/Sx5FQzYWBQQBdU8PBwJ2SQ0AB3s HTTP/1.1
Host: eiorwithitofstwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hco24E2yXIfTASYyN0a0dPY%2B2VxpMOpPRNgIF1h%2BbTsDgptP1XRPL4IhS1UldhCbmfm%2BZcU42T9A7WctX4RWqGqWcrzqfEYGReFPIXhscC3oyhOCJ%2FtcyccbX8ewFy0Dw3WtBNRtTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795797febb7eb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eiorwithitofstwe.xyz/eTJUOU5WDTdKcypfYW0YA3BiYXwvWxZhPiNoA3QNHANhUCwOUXJNJx0PbAt7QANlHz4QVmkKfF9BIFg6DEFpCGgQXDJWc19EaQlgQBxlF39fR2kIaA1CNV5zSBQkTToVD2UPeUwFZgx6SgdgAXc
204 No Content 0 B URL HTTP/2 eiorwithitofstwe.xyz/eTJUOU5WDTdKcypfYW0YA3BiYXwvWxZhPiNoA3QNHANhUCwOUXJNJx0PbAt7QANlHz4QVmkKfF9BIFg6DEFpCGgQXDJWc19EaQlgQBxlF39fR2kIaA1CNV5zSBQkTToVD2UPeUwFZgx6SgdgAXc
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eTJUOU5WDTdKcypfYW0YA3BiYXwvWxZhPiNoA3QNHANhUCwOUXJNJx0PbAt7QANlHz4QVmkKfF9BIFg6DEFpCGgQXDJWc19EaQlgQBxlF39fR2kIaA1CNV5zSBQkTToVD2UPeUwFZgx6SgdgAXc HTTP/1.1
Host: eiorwithitofstwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:28 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1y%2F%2FuWp3gsVkmGSvv%2FF0iY0NGNErOle73GSiksqANrw3d7SJC7tcEAbU7i6OiTB4spTJ7%2BJpwMMYaSp02kl%2BDAvvTgOeAhRlpCqOM4KJx8CvcJdqBd6Uzo%2B2xsgJLHbX%2BnlrKRNoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795797fecb99b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 7e3831c4d77c746ff963e7890567b805
97efe9de695923921ace0fef55b836c059dc9d23
7fd92e0595b9e8e17492071bdc49bd6684c4ebf3c3c58f71bf8b640debc7726a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=112947
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:28 GMT
Etag: "63e0882f-117"
Expires: Wed, 08 Feb 2023 06:38:55 GMT
Last-Modified: Mon, 06 Feb 2023 04:55:11 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1coKpI0UGHs
IP
Hash 1d3c9d230f5e7ae808dcd1a14153b08e
753ea7b461eedafbab70591ba17bee905999d9d4
203b5dfc402b8cff8cb35d21b7342f987cd5d174f019aad3bc3262f9859ef627
POST /s/gts1p5/1coKpI0UGHs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.bidgear.com/media/img/b15.png
200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Mon, 20 Feb 2023 09:45:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1431068
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B4L%2F1pEaKvbaDwbxcFjWcD53axoxK4VL8LUeunenoQGnMjmG0qkxu3VcqMzhbTY2lm5886%2FQmCSg9UREnTk64EnnCHaJe4Hj24pBTEtrWztfctF%2F5PISfGMQSmJqqAzFOJeA%2FE4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795798009eb3fac0-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1c419a8f7a9aacf65bee634f019419e0
b9aae81de7cafca4c092f481aa58ba441d5d2101
a13b96acbc897279b9b773456fb5a2c2aacb90d666fd79b459dd9e8654be8308
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A13B96ACBC897279B9B773456FB5A2C2AACB90D666FD79B459DD9E8654BE8308"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16888
Expires: Tue, 07 Feb 2023 03:57:56 GMT
Date: Mon, 06 Feb 2023 23:16:28 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 280 B IP
Hash 5661196684e8851fd71656049c561b3e
9ff563831db43603871763c2aa54ebb11b8f2f58
dc230a0c22ae32ad72912e2456dc0441bb5c2a0b800695e419b769af24830030
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:28 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 16:43:12 GMT
Expires: Sun, 12 Feb 2023 16:43:11 GMT
Etag: "9ff563831db43603871763c2aa54ebb11b8f2f58"
Cache-Control: max-age=494202,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795797ffae3eb4ff-OSL
cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
200 OK 16 kB URL HTTP/2 cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
IP
File type Unicode text, UTF-8 text, with very long lines (46589), with no line terminators
Hash 1e930494de999d6d1c64d03bbfbae254
51778e855e6eaf1df18ac694ec15178758426c1c
bca349b7c1996f754d7fd1c4e8db49b02836412e8a98787aaf1828531754d8a6
GET /video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 15744
date: Mon, 06 Feb 2023 12:13:48 GMT
last-modified: Mon, 06 Feb 2023 12:13:42 GMT
etag: "1e930494de999d6d1c64d03bbfbae254"
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g0JQTaPyFqBieicySwByAcuAjfMOWS2GJ_Y4qyLB0iQ-eRQcr3XrTg==
age: 39761
X-Firefox-Spdy: h2
cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
200 OK 20 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash a4862f4863ac0228f9e002f8a8968d8f
eec7f481e7c17f96f443d3ccd4a4355eda02dab7
d2c03d713e9051df9c62eae50da4b35f0f2782a0c69aafbe4d4315b3e09607e8
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19872
date: Mon, 06 Feb 2023 12:13:47 GMT
last-modified: Thu, 26 Jan 2023 10:15:40 GMT
etag: "a4862f4863ac0228f9e002f8a8968d8f"
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QTEkJU0mhGTKU3-rlTc4H_QQleY2JgAxE5AVrLJ1Ja0nhdGGUwpbGA==
age: 39762
X-Firefox-Spdy: h2
regrupontihe.com/UmQ0dEszBlcZdDNZVlI+IAgJUXkUQQYyLz8JTh8tNlwGAyorChoXJz0RUBI5PQpAWiU3EBFGDTwHYUEIHAllJwIBHGUjPAcKfhM/BjYHBDETCGIsARYibjcsFB5zMigGI3c5AQAwQxsNYDZ3PCMEHlccChshdzUnEVR9IQIRIXgiHTESfhgZCDZjE3kAA0cVKCsyeTAZYkEGNgcUD2UxMjYPZQMdHy1NRQYWNgQdAioqYzp4Jhd2Hw0WAlkECRY2DAUHByFsIgMqHWM2CQcCfD0DBCINUXkQPkMhJgQsTA0aA1RSEQMLMGIOBSAHdS0oAFdEGgkBPmESA38ucTEnAF11Ay8HNnM2MhpUcjAtOzJgNjM9DG4DGjs1B0ExEAhmNS08KWAiIBcLf0QaECJNMX0XVW1HLWEtcCcgFAt6Az8EQl4HJDwUCS4qJQ1ZPzgKPW0
200 OK 1.2 kB URL HTTP/2 regrupontihe.com/UmQ0dEszBlcZdDNZVlI+IAgJUXkUQQYyLz8JTh8tNlwGAyorChoXJz0RUBI5PQpAWiU3EBFGDTwHYUEIHAllJwIBHGUjPAcKfhM/BjYHBDETCGIsARYibjcsFB5zMigGI3c5AQAwQxsNYDZ3PCMEHlccChshdzUnEVR9IQIRIXgiHTESfhgZCDZjE3kAA0cVKCsyeTAZYkEGNgcUD2UxMjYPZQMdHy1NRQYWNgQdAioqYzp4Jhd2Hw0WAlkECRY2DAUHByFsIgMqHWM2CQcCfD0DBCINUXkQPkMhJgQsTA0aA1RSEQMLMGIOBSAHdS0oAFdEGgkBPmESA38ucTEnAF11Ay8HNnM2MhpUcjAtOzJgNjM9DG4DGjs1B0ExEAhmNS08KWAiIBcLf0QaECJNMX0XVW1HLWEtcCcgFAt6Az8EQl4HJDwUCS4qJQ1ZPzgKPW0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3036), with no line terminators
Hash 6d0a158e0153f427cd62b3ce5ddc4c56
59fadc855756be9993bdf1531c0a324273070745
b8c222b12dc411f6757aaae5760f978bd0e12ca543cad03376e71047636d6e1f
GET /UmQ0dEszBlcZdDNZVlI+IAgJUXkUQQYyLz8JTh8tNlwGAyorChoXJz0RUBI5PQpAWiU3EBFGDTwHYUEIHAllJwIBHGUjPAcKfhM/BjYHBDETCGIsARYibjcsFB5zMigGI3c5AQAwQxsNYDZ3PCMEHlccChshdzUnEVR9IQIRIXgiHTESfhgZCDZjE3kAA0cVKCsyeTAZYkEGNgcUD2UxMjYPZQMdHy1NRQYWNgQdAioqYzp4Jhd2Hw0WAlkECRY2DAUHByFsIgMqHWM2CQcCfD0DBCINUXkQPkMhJgQsTA0aA1RSEQMLMGIOBSAHdS0oAFdEGgkBPmESA38ucTEnAF11Ay8HNnM2MhpUcjAtOzJgNjM9DG4DGjs1B0ExEAhmNS08KWAiIBcLf0QaECJNMX0XVW1HLWEtcCcgFAt6Az8EQl4HJDwUCS4qJQ1ZPzgKPW0 HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Mon, 06 Feb 2023 23:16:28 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: RDTmTcWXzM_9tjDfS1zBcmgQ9ZoHLOO3HiqxKtlDFDlzaRUMRqPjwg==
X-Firefox-Spdy: h2
regrupontihe.com/Wkhlam47KgYHUTt1B0wbKCRYT1wcbVcsCjclHwEIPnBXHQ8jJksJAjU9AQwcNSYRRAA/PEBYKCkdITAoDwAkEDkJO1c+FwguLD1fEBIkU1cAIzdYNh4RQFgoEiEkJiwbKyAvXWIHNQJaECoSW1wYCxU5Cx0KMjooOTorWl9oHRwZFA4fIDskHhk2CD8QIi84KC4fHAUfHRwdCyQSHiYsCRQ6PCw4MwoIWgAdHFA5JTMrIQ4/CHk1DTxrCi08BgsAUS03HQUcDj8IeS8SBX96JysmHHk0EicOLFcrJwAvLw03IAJUKCYPIScEOxwKIiwvABoNWwsMHgwoB3cBVC8ULhI8LSdoEQIwXgMNJwIsNBpUOwMYGSkpJwwGCQFXPh0sPSxpHgkyAxsZKC1fGG4PGQE0OFgrOS4LLCEANBE8Ig
200 OK 1.2 kB URL HTTP/2 regrupontihe.com/Wkhlam47KgYHUTt1B0wbKCRYT1wcbVcsCjclHwEIPnBXHQ8jJksJAjU9AQwcNSYRRAA/PEBYKCkdITAoDwAkEDkJO1c+FwguLD1fEBIkU1cAIzdYNh4RQFgoEiEkJiwbKyAvXWIHNQJaECoSW1wYCxU5Cx0KMjooOTorWl9oHRwZFA4fIDskHhk2CD8QIi84KC4fHAUfHRwdCyQSHiYsCRQ6PCw4MwoIWgAdHFA5JTMrIQ4/CHk1DTxrCi08BgsAUS03HQUcDj8IeS8SBX96JysmHHk0EicOLFcrJwAvLw03IAJUKCYPIScEOxwKIiwvABoNWwsMHgwoB3cBVC8ULhI8LSdoEQIwXgMNJwIsNBpUOwMYGSkpJwwGCQFXPh0sPSxpHgkyAxsZKC1fGG4PGQE0OFgrOS4LLCEANBE8Ig
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Hash fd6068b94af615dfe69df7da64602dc9
71d153aec8e7fae4564e9daafdbc2e216184296e
37c68b37ea4ef7918a937c2cd98fe3188927999cfbbca773ae5c2634f5eed07b
GET /Wkhlam47KgYHUTt1B0wbKCRYT1wcbVcsCjclHwEIPnBXHQ8jJksJAjU9AQwcNSYRRAA/PEBYKCkdITAoDwAkEDkJO1c+FwguLD1fEBIkU1cAIzdYNh4RQFgoEiEkJiwbKyAvXWIHNQJaECoSW1wYCxU5Cx0KMjooOTorWl9oHRwZFA4fIDskHhk2CD8QIi84KC4fHAUfHRwdCyQSHiYsCRQ6PCw4MwoIWgAdHFA5JTMrIQ4/CHk1DTxrCi08BgsAUS03HQUcDj8IeS8SBX96JysmHHk0EicOLFcrJwAvLw03IAJUKCYPIScEOxwKIiwvABoNWwsMHgwoB3cBVC8ULhI8LSdoEQIwXgMNJwIsNBpUOwMYGSkpJwwGCQFXPh0sPSxpHgkyAxsZKC1fGG4PGQE0OFgrOS4LLCEANBE8Ig HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Mon, 06 Feb 2023 23:16:28 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: -60Bvz9yrDOZzfdMTw5aKT92YQFLUNZzwertBZF8Z_3XfhRwiJP2ug==
X-Firefox-Spdy: h2
regrupontihe.com/TkV1eFEvJxYVbi94F14kPClIXWMIYEc+NSMoDxM3Kn1HDzA3K1sbPSEwER4jISsBVj8rMVBKFwAKIAAeHQABGRg3BAAcFH4pPhYHNAEbCGgrHTgeGyR1GzIEIj0yKiIcIRwxMw8HPxw3KQxMPBd2LDlKZWt3MykoJj8QP2AYCSY5JyotTQgYDTFHOxYhMzk7OgsgMh9pAXQsFjI3fQ0tEg9gRzobJxc7NDgqMCUUOTYMDBspGwY0ERoZcTk7PzooEAApa3c3HjwPfSA7GD8PDwAaLx0NTBsbdAUeGSZzNi8ba3c3GgkmchQgKXoVMzk4Kw0NDRIpcAcdPzoHEBZ8PjEQMCU+Iz0fZBp3GUESFio/HQYMcSwQKWt3Nx44djAiETImJy0UdHwDExZkeyACFGgoKxkNEn0yGjEFIiY+ERQ5JxILGih2HV1jDANGAD4eHSwxdyQ2GhYhcxImIh4gED0hNXwJAD83ICQ
200 OK 1.2 kB URL HTTP/2 regrupontihe.com/TkV1eFEvJxYVbi94F14kPClIXWMIYEc+NSMoDxM3Kn1HDzA3K1sbPSEwER4jISsBVj8rMVBKFwAKIAAeHQABGRg3BAAcFH4pPhYHNAEbCGgrHTgeGyR1GzIEIj0yKiIcIRwxMw8HPxw3KQxMPBd2LDlKZWt3MykoJj8QP2AYCSY5JyotTQgYDTFHOxYhMzk7OgsgMh9pAXQsFjI3fQ0tEg9gRzobJxc7NDgqMCUUOTYMDBspGwY0ERoZcTk7PzooEAApa3c3HjwPfSA7GD8PDwAaLx0NTBsbdAUeGSZzNi8ba3c3GgkmchQgKXoVMzk4Kw0NDRIpcAcdPzoHEBZ8PjEQMCU+Iz0fZBp3GUESFio/HQYMcSwQKWt3Nx44djAiETImJy0UdHwDExZkeyACFGgoKxkNEn0yGjEFIiY+ERQ5JxILGih2HV1jDANGAD4eHSwxdyQ2GhYhcxImIh4gED0hNXwJAD83ICQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash cd1c98b8bb10b5dd8e445dace921f95b
f69777fa83ed2bf9f199918715c42616aa853b82
dda7d8b766bba71e057f94f2c32b074f094ebfaa658b1247d5d5b3980770f9bf
GET /TkV1eFEvJxYVbi94F14kPClIXWMIYEc+NSMoDxM3Kn1HDzA3K1sbPSEwER4jISsBVj8rMVBKFwAKIAAeHQABGRg3BAAcFH4pPhYHNAEbCGgrHTgeGyR1GzIEIj0yKiIcIRwxMw8HPxw3KQxMPBd2LDlKZWt3MykoJj8QP2AYCSY5JyotTQgYDTFHOxYhMzk7OgsgMh9pAXQsFjI3fQ0tEg9gRzobJxc7NDgqMCUUOTYMDBspGwY0ERoZcTk7PzooEAApa3c3HjwPfSA7GD8PDwAaLx0NTBsbdAUeGSZzNi8ba3c3GgkmchQgKXoVMzk4Kw0NDRIpcAcdPzoHEBZ8PjEQMCU+Iz0fZBp3GUESFio/HQYMcSwQKWt3Nx44djAiETImJy0UdHwDExZkeyACFGgoKxkNEn0yGjEFIiY+ERQ5JxILGih2HV1jDANGAD4eHSwxdyQ2GhYhcxImIh4gED0hNXwJAD83ICQ HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1196
date: Mon, 06 Feb 2023 23:16:28 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: 5dm02-iQYxQxv0nGnvQT7h_iT_6V40-07k3rOrO6VhAcJDrC10uDcg==
X-Firefox-Spdy: h2
regrupontihe.com/cXBVb08QEjYCcBBNN0k6AxxoSn03VWcpKxwdLwQpFUhnGC4IHnsMIx4FMQk9Hh4hQSEUBHBdCUI9PwMNEBtsPRkYSBgMCishHzkrQjEUF3smQ2E6Ggs5EyYaODUTXgI9FRQcJTMjJiMsGzUSLn83PRNfOEYjE153Jh05ChgySBsMJyMTGRgjCDEtVyg1GWU/CyYTMD9+QCMzLXcZJjkYITAJEzcXJhMzIyhIJRkHDhwoOTooJUNkXws2STQOKDA6ND1/HCgTXzo5JCI3DEI1ECA3Ejw2OTtUQhMnDh0bAj5/KTNmKis7HCI/KyRJbQwNCQoCBSw0NAJCHSs0BwwDEiIyWgkGHxQ4fEk4E1wJNREyLgU7F20cGCcqPjgOGjEWNw0QFiIiBRI1bFYOHUg6KAwBJQMFIyEWDT4GEiZsBw4ZSGU5fEVWPxwgHwBoOXY1OmcNIBVJHh8jPQMgOQ
200 OK 1.2 kB URL HTTP/2 regrupontihe.com/cXBVb08QEjYCcBBNN0k6AxxoSn03VWcpKxwdLwQpFUhnGC4IHnsMIx4FMQk9Hh4hQSEUBHBdCUI9PwMNEBtsPRkYSBgMCishHzkrQjEUF3smQ2E6Ggs5EyYaODUTXgI9FRQcJTMjJiMsGzUSLn83PRNfOEYjE153Jh05ChgySBsMJyMTGRgjCDEtVyg1GWU/CyYTMD9+QCMzLXcZJjkYITAJEzcXJhMzIyhIJRkHDhwoOTooJUNkXws2STQOKDA6ND1/HCgTXzo5JCI3DEI1ECA3Ejw2OTtUQhMnDh0bAj5/KTNmKis7HCI/KyRJbQwNCQoCBSw0NAJCHSs0BwwDEiIyWgkGHxQ4fEk4E1wJNREyLgU7F20cGCcqPjgOGjEWNw0QFiIiBRI1bFYOHUg6KAwBJQMFIyEWDT4GEiZsBw4ZSGU5fEVWPxwgHwBoOXY1OmcNIBVJHh8jPQMgOQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Hash 067184aa1b3d31d8d36cf72ce04258fd
0327f24061dc3ce2445d2110fbc5c0711a70e6d0
06d13370236c5c341b96ed5bfb257ab2803ab95ffcaaa0a703be3e592a01794f
GET /cXBVb08QEjYCcBBNN0k6AxxoSn03VWcpKxwdLwQpFUhnGC4IHnsMIx4FMQk9Hh4hQSEUBHBdCUI9PwMNEBtsPRkYSBgMCishHzkrQjEUF3smQ2E6Ggs5EyYaODUTXgI9FRQcJTMjJiMsGzUSLn83PRNfOEYjE153Jh05ChgySBsMJyMTGRgjCDEtVyg1GWU/CyYTMD9+QCMzLXcZJjkYITAJEzcXJhMzIyhIJRkHDhwoOTooJUNkXws2STQOKDA6ND1/HCgTXzo5JCI3DEI1ECA3Ejw2OTtUQhMnDh0bAj5/KTNmKis7HCI/KyRJbQwNCQoCBSw0NAJCHSs0BwwDEiIyWgkGHxQ4fEk4E1wJNREyLgU7F20cGCcqPjgOGjEWNw0QFiIiBRI1bFYOHUg6KAwBJQMFIyEWDT4GEiZsBw4ZSGU5fEVWPxwgHwBoOXY1OmcNIBVJHh8jPQMgOQ HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1196
date: Mon, 06 Feb 2023 23:16:28 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: JBodoq12KKbyp6y8QFuLsktpXTsg67EAHNTOAu5XeN3nVa3oBbcIzA==
X-Firefox-Spdy: h2
regrupontihe.com/Y3BWTjYCEjUjCQJNNGhDERxrawQlVWQIUg4dLCVQB0hkOVcaHngtWgwFMihEDB4iYFgGBHN8cAskAyJ8AUIxO3wKExwYTAgXGhh8BRVlJgI1QWM8fxkfFwxcUkAZGG8BOywlXyokEw98GxgcBnIABDIIDyw5BSlYIDYAPHogExsYbhsGHQ9FKBMef0AkCDEnfw0hHwtfMhwZH3MrPwU9UTAiZj1SICEXC18yHBwfAy0WIXcOMiY+IVNQHB4GTzIeGh93BSA7NgE7Bw97VCsEMBluUh4zG0YBNGQ2ATsIbiV8UEk0Gm5XPDQIBzo+DncPMBwlHlQrXSIocQkEJStfViowFk4NKGYIWQZDPQdyMEQ/BF0TERV9QlYoOiYPBjg6K2I7SWMCQToRHQ0ODjZmfxNRNhJ9XgUoAQADAQgmGFAiVjw9WQ0Aaz4PEBYmJXg6PTgf
200 OK 1.2 kB URL HTTP/2 regrupontihe.com/Y3BWTjYCEjUjCQJNNGhDERxrawQlVWQIUg4dLCVQB0hkOVcaHngtWgwFMihEDB4iYFgGBHN8cAskAyJ8AUIxO3wKExwYTAgXGhh8BRVlJgI1QWM8fxkfFwxcUkAZGG8BOywlXyokEw98GxgcBnIABDIIDyw5BSlYIDYAPHogExsYbhsGHQ9FKBMef0AkCDEnfw0hHwtfMhwZH3MrPwU9UTAiZj1SICEXC18yHBwfAy0WIXcOMiY+IVNQHB4GTzIeGh93BSA7NgE7Bw97VCsEMBluUh4zG0YBNGQ2ATsIbiV8UEk0Gm5XPDQIBzo+DncPMBwlHlQrXSIocQkEJStfViowFk4NKGYIWQZDPQdyMEQ/BF0TERV9QlYoOiYPBjg6K2I7SWMCQToRHQ0ODjZmfxNRNhJ9XgUoAQADAQgmGFAiVjw9WQ0Aaz4PEBYmJXg6PTgf
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3039), with no line terminators
Hash 5cd4eaab73b18d055478725fd0ef105c
82ad54d41118651b72a0298d267b66308278e38b
fc0859542f928040c99d231a4517336981b94a63c8bec291a246e639790aa670
GET /Y3BWTjYCEjUjCQJNNGhDERxrawQlVWQIUg4dLCVQB0hkOVcaHngtWgwFMihEDB4iYFgGBHN8cAskAyJ8AUIxO3wKExwYTAgXGhh8BRVlJgI1QWM8fxkfFwxcUkAZGG8BOywlXyokEw98GxgcBnIABDIIDyw5BSlYIDYAPHogExsYbhsGHQ9FKBMef0AkCDEnfw0hHwtfMhwZH3MrPwU9UTAiZj1SICEXC18yHBwfAy0WIXcOMiY+IVNQHB4GTzIeGh93BSA7NgE7Bw97VCsEMBluUh4zG0YBNGQ2ATsIbiV8UEk0Gm5XPDQIBzo+DncPMBwlHlQrXSIocQkEJStfViowFk4NKGYIWQZDPQdyMEQ/BF0TERV9QlYoOiYPBjg6K2I7SWMCQToRHQ0ODjZmfxNRNhJ9XgUoAQADAQgmGFAiVjw9WQ0Aaz4PEBYmJXg6PTgf HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1190
date: Mon, 06 Feb 2023 23:16:28 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: K6iIk3i10ezuu23agQ6G7wvZett3t7mlbEbpR1-xwFB2Gm4Zhfwukg==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=fe7fc4ea417844f8813953f4e393f07c&p=61&g=NO&token=4a44335432&tbg=1675725388
200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=fe7fc4ea417844f8813953f4e393f07c&p=61&g=NO&token=4a44335432&tbg=1675725388
IP
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=fe7fc4ea417844f8813953f4e393f07c&p=61&g=NO&token=4a44335432&tbg=1675725388 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2UCSMpkpjUhGm419CU02h%2BQ8c4SKaSD2BTdEOlyH%2BfSncdRVCCg0idYVBV%2BTMc6ZE7VlbMLpkcQBXi%2FfBvuXqFeGlq7rxP2RywnDmPrI13c4IoNQfruEiNiAgwyFkQ2Zo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79579800bec7fac0-OSL
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-video-7.22.0-2023-02-06.js
200 OK 88 kB URL HTTP/2 cdn.psdn.xyz/prebid-video-7.22.0-2023-02-06.js
IP
File type ASCII text, with very long lines (64999)
Hash 9489f641c6c493530f418887ad521292
2f964b34ee7022a944dd14b400ce1b35237a2b92
23a1d53fd594c4c53d1694a31364cc44f76a94d526c38c43fabc6b7d89178a27
GET /prebid-video-7.22.0-2023-02-06.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-encoding: gzip
content-length: 87645
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 10:43:07 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "9489f641c6c493530f418887ad521292"
cache-control: max-age=31536000
x-amz-request-id: tx00000000000000b6637fe-0063e0eefe-42d52fad-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675725389.dop003.sk1.t,1675725389.cds021.sk1.hn,1675725389.cds026.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 96f1e231b19466486b661cd50d8c0f65
e6e776870ea0754fad2919d800a6323f801ad72b
e0da2097eaad63526d25558b760784633e523fb189cbb46b75695cd357d123f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 9a60d6016cd998299b6665a91c01695f
6602b5a94afbe5ff3b999196d726e6424db77339
e290f612ebf43358e7d4e0f9f329f6d4b17550c61f7e0e0e62a5e6b57a42f260
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5148
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:29 GMT
Last-Modified: Mon, 06 Feb 2023 21:50:41 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 96f1e231b19466486b661cd50d8c0f65
e6e776870ea0754fad2919d800a6323f801ad72b
e0da2097eaad63526d25558b760784633e523fb189cbb46b75695cd357d123f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash af4f09b8f565f3bdcfb9b5b91629908d
4e375714bdb3b9a6eeef41271dfa1e8284b9604f
5b3f019df4453637bfc872e2a6d9bbc925144c16ecd0ae3ad0447447b461b4eb
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 23:16:29 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1996335526%3A1675725389129801&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeaeyNA6OCMWwO6IBtRSvPyxRiYkGaK8eQkarAHt4ArwAsWWLnxv0ofI5j955wAZJe0V7Ct
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ioAkOjl72Ima2JX3hsBtkQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:mmPV0MpBUyfa5G2Qt930i-KkECb5Xg:26La0wjFr3MWxsAz;Path=/;Expires=Wed, 05-Feb-2025 23:16:29 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
200 OK 126 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP
File type ASCII text, with very long lines (2846)
Size 126 kB (125826 bytes)
Hash 98b1fe69946e421b8ece280ad4995eed
e6e0b95673083dd5319db64472e9505964998bc0
3ce90bb62a4f3d7a503d1a819ce1b7016837a27c17065adb97c94680a7cd870a
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125826
date: Mon, 06 Feb 2023 23:16:29 GMT
expires: Mon, 06 Feb 2023 23:16:29 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/sUDZFUHAzWSs2TyRfIW1JZA99ZkR2XDY/HiALBAcEE38OPh4Jbw12BCpSeGBWPFcrN012UyszTWEQJDQSbQJjJRFtWyoqGTxaJHVCFgNrYFViBm0nGT5SKicDdQR1PgR1BHVhQH4GYGMydQR1Jxk+AHF1QxITd2AIZgJgYzJ1BHUiBnUFBGFAZRh1eVViBi-I1EztZYGI2YgZ0YEBhBnR1QmBQLCIVNlk9dUIWB3VlXmAQMG1B
200 OK 190 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/sUDZFUHAzWSs2TyRfIW1JZA99ZkR2XDY/HiALBAcEE38OPh4Jbw12BCpSeGBWPFcrN012UyszTWEQJDQSbQJjJRFtWyoqGTxaJHVCFgNrYFViBm0nGT5SKicDdQR1PgR1BHVhQH4GYGMydQR1Jxk+AHF1QxITd2AIZgJgYzJ1BHUiBnUFBGFAZRh1eVViBi-I1EztZYGI2YgZ0YEBhBnR1QmBQLCIVNlk9dUIWB3VlXmAQMG1B
IP
File type ASCII text, with no line terminators
Hash 23538fa9dd799e4645c43e44cfd46203
f6c0675eefcb62acc7d40b43de60ca91c4a5538e
e15363b3af0fb3d19fa7dff0f695e1b014eed2f5d36048b3c47306f5a6cbe3ab
GET /sUDZFUHAzWSs2TyRfIW1JZA99ZkR2XDY/HiALBAcEE38OPh4Jbw12BCpSeGBWPFcrN012UyszTWEQJDQSbQJjJRFtWyoqGTxaJHVCFgNrYFViBm0nGT5SKicDdQR1PgR1BHVhQH4GYGMydQR1Jxk+AHF1QxITd2AIZgJgYzJ1BHUiBnUFBGFAZRh1eVViBi-I1EztZYGI2YgZ0YEBhBnR1QmBQLCIVNlk9dUIWB3VlXmAQMG1B HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://regrupontihe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 190
date: Mon, 06 Feb 2023 23:16:29 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bnM8AI0d7VzBOVcLlNjVzmzGZVl0to-6xSKkvk0LEcuJjF3uqvU2xQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 06 Feb 2023 23:16:29 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F_B3J7o1ReaSt9RAu9DexyJ8-p0YG3NkAa5_WOruwwAWZHouc5mQ0w==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 390 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 1e3071e17ae7b834d07e4a1b444e47ea
152dd98edb664053e5d6e78e8aa979ce5fb8cd92
bd54fa450b19f05e8c9024a7c4e41b2cc78d5b76f455cd1f9839d8c8b437e7eb
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 23:16:29 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S805639056%3A1675725389183109&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHeWYoihOmzmp9mekEUfjIKZCvcv8AZmLLts9MEuwRnClD3Q--xvdEiZdJTVm3ZOyu3p45bF
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-lwGaYf6n-cpgS0j_yP84Sw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:yXfrFeikx8gbCd6dtSTH_R_VexFOjA:6Mmy8QJHxg_sV-ml;Path=/;Expires=Wed, 05-Feb-2025 23:16:29 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/ncU5CNmQSISxQWwUnJgtTR3pzAlVXJDFZCgFzGFcTGCMJRTwoF2RCHhVzchAIECAlC0IUICELVVcvJlRZRWg2RgsacyVMDR0+LFkQEydkQwVMIy1MDR0iIxNWN3tsBkFDfmpBDR8qLUEXVHxyWBBUfHIHVF9+ZwUmVHxyQQ0feHYTVzNrcAYcR3pnBSZUfH-JEElR9AwdURGByH0FDfiVTBxohZwQiQ35zBlRAfnMTVkEoK0QBFyE6E1Y3f3IDSkFoNwtV
200 OK 583 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/ncU5CNmQSISxQWwUnJgtTR3pzAlVXJDFZCgFzGFcTGCMJRTwoF2RCHhVzchAIECAlC0IUICELVVcvJlRZRWg2RgsacyVMDR0+LFkQEydkQwVMIy1MDR0iIxNWN3tsBkFDfmpBDR8qLUEXVHxyWBBUfHIHVF9+ZwUmVHxyQQ0feHYTVzNrcAYcR3pnBSZUfH-JEElR9AwdURGByH0FDfiVTBxohZwQiQ35zBlRAfnMTVkEoK0QBFyE6E1Y3f3IDSkFoNwtV
IP
File type ASCII text, with very long lines (818), with no line terminators
Hash f67f3cb70d969badbba255f5ecac169f
e72e6207feacced35cb367cb488272bf92d976ba
b3cd8702630521d1a9ef5b42d6d6bc4b469a215666c7800646774c0c97fd2aa1
GET /ncU5CNmQSISxQWwUnJgtTR3pzAlVXJDFZCgFzGFcTGCMJRTwoF2RCHhVzchAIECAlC0IUICELVVcvJlRZRWg2RgsacyVMDR0+LFkQEydkQwVMIy1MDR0iIxNWN3tsBkFDfmpBDR8qLUEXVHxyWBBUfHIHVF9+ZwUmVHxyQQ0feHYTVzNrcAYcR3pnBSZUfH-JEElR9AwdURGByH0FDfiVTBxohZwQiQ35zBlRAfnMTVkEoK0QBFyE6E1Y3f3IDSkFoNwtV HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://regrupontihe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 583
date: Mon, 06 Feb 2023 23:16:29 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VvAuVBp4toUxa1dLxY2t3Ddjty7PLXk2O8rpDN7198AKIZOW8UpQZA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/hTUlJb2guJicJVzkgLVJfe3h4V15rIzoABj10OVYbKzkiITEAJxhJHDctdF9OISgnCFVrLCcMVXxvKAsKcH1vGxgiInQIEiQlOQEHOSsgSR0sdCQAEiQlJQ5Nfw98QVhoe3lHHyQnLQAfPmx7XwY5bHtfWX1neUpbD2x7Xx8kJ39bTX4LbF1YNX99SlsPbH-tfGjtsei5ZfXxnX0Foe3kIDS4iJkpaC3t5Xlh9eHleTX95LwYaKC8mF01/D3hfXWN5bxpVfA
200 OK 594 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/hTUlJb2guJicJVzkgLVJfe3h4V15rIzoABj10OVYbKzkiITEAJxhJHDctdF9OISgnCFVrLCcMVXxvKAsKcH1vGxgiInQIEiQlOQEHOSsgSR0sdCQAEiQlJQ5Nfw98QVhoe3lHHyQnLQAfPmx7XwY5bHtfWX1neUpbD2x7Xx8kJ39bTX4LbF1YNX99SlsPbH-tfGjtsei5ZfXxnX0Foe3kIDS4iJkpaC3t5Xlh9eHleTX95LwYaKC8mF01/D3hfXWN5bxpVfA
IP
File type ASCII text, with very long lines (823), with no line terminators
Hash 74ec332b249d6a6c91bca3c9e41e6882
ac13efee1996e4ba94b966c07488e2ba74534313
4cc7e69963584e0309f9f8e7c9878f5c3e97bc3096948ab5de43e2d117559b46
GET /hTUlJb2guJicJVzkgLVJfe3h4V15rIzoABj10OVYbKzkiITEAJxhJHDctdF9OISgnCFVrLCcMVXxvKAsKcH1vGxgiInQIEiQlOQEHOSsgSR0sdCQAEiQlJQ5Nfw98QVhoe3lHHyQnLQAfPmx7XwY5bHtfWX1neUpbD2x7Xx8kJ39bTX4LbF1YNX99SlsPbH-tfGjtsei5ZfXxnX0Foe3kIDS4iJkpaC3t5Xlh9eHleTX95LwYaKC8mF01/D3hfXWN5bxpVfA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://regrupontihe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 594
date: Mon, 06 Feb 2023 23:16:29 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rnVKEyhVt_GyoxqLALluRDR3MKOgMpXo7YsTjOq7U-6EuaF16CiHOg==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/3MjlBak9RVi8McEZQJVd3AAx4W34UUzIFIUIEF1MLeAsjBSsLcjEGA0FMF0w7SF18WmleWC8NchRcLwlyAx8gDi0PDWceP11SfB8hVlwnAyFXXWcfLg9ULhAmXlUgT310DG9aagAJaR0mXF0uHTwXC3EEOxcLcVt/HAlkWQ0XC3EdJlwPdU98cBxzWjcEDW-RZDRcLcRg5FwoAW38HF3FDagAJJg8sWVZkWAkACXBafwMJcE99Al8oGCpUVjlPfXQIcV9hAh80V34
200 OK 365 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/3MjlBak9RVi8McEZQJVd3AAx4W34UUzIFIUIEF1MLeAsjBSsLcjEGA0FMF0w7SF18WmleWC8NchRcLwlyAx8gDi0PDWceP11SfB8hVlwnAyFXXWcfLg9ULhAmXlUgT310DG9aagAJaR0mXF0uHTwXC3EEOxcLcVt/HAlkWQ0XC3EdJlwPdU98cBxzWjcEDW-RZDRcLcRg5FwoAW38HF3FDagAJJg8sWVZkWAkACXBafwMJcE99Al8oGCpUVjlPfXQIcV9hAh80V34
IP
File type ASCII text, with very long lines (472), with no line terminators
Hash 6e31893e8797a417e8bc59ab88238cd6
19554d1c275c056836bb20b0508110ad4f4d9248
6822e771ad2ee8dbde9d0e54f7e1f50a8ccfb41362507df9bab5ea9e7e02802f
GET /3MjlBak9RVi8McEZQJVd3AAx4W34UUzIFIUIEF1MLeAsjBSsLcjEGA0FMF0w7SF18WmleWC8NchRcLwlyAx8gDi0PDWceP11SfB8hVlwnAyFXXWcfLg9ULhAmXlUgT310DG9aagAJaR0mXF0uHTwXC3EEOxcLcVt/HAlkWQ0XC3EdJlwPdU98cBxzWjcEDW-RZDRcLcRg5FwoAW38HF3FDagAJJg8sWVZkWAkACXBafwMJcE99Al8oGCpUVjlPfXQIcV9hAh80V34 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://regrupontihe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 365
date: Mon, 06 Feb 2023 23:16:29 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WkJ21jFTBkrb96ySNk4FyBf4uXjf4tQy5B9Led6u8AVCKha2o5WygA==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11d03c07b9852ab59316a2a347ebf1bd
55d036ea5bb029251292e0fd44582458d4cea185
744fff1fac6205be5286e61859b4cc2f0460faf6b015141b2fac58b9515f726d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "744FFF1FAC6205BE5286E61859B4CC2F0460FAF6B015141B2FAC58B9515F726D"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13605
Expires: Tue, 07 Feb 2023 03:03:14 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11d03c07b9852ab59316a2a347ebf1bd
55d036ea5bb029251292e0fd44582458d4cea185
744fff1fac6205be5286e61859b4cc2f0460faf6b015141b2fac58b9515f726d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "744FFF1FAC6205BE5286E61859B4CC2F0460FAF6B015141B2FAC58B9515F726D"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13605
Expires: Tue, 07 Feb 2023 03:03:14 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11d03c07b9852ab59316a2a347ebf1bd
55d036ea5bb029251292e0fd44582458d4cea185
744fff1fac6205be5286e61859b4cc2f0460faf6b015141b2fac58b9515f726d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "744FFF1FAC6205BE5286E61859B4CC2F0460FAF6B015141B2FAC58B9515F726D"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13605
Expires: Tue, 07 Feb 2023 03:03:14 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11d03c07b9852ab59316a2a347ebf1bd
55d036ea5bb029251292e0fd44582458d4cea185
744fff1fac6205be5286e61859b4cc2f0460faf6b015141b2fac58b9515f726d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "744FFF1FAC6205BE5286E61859B4CC2F0460FAF6B015141B2FAC58B9515F726D"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13605
Expires: Tue, 07 Feb 2023 03:03:14 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
regrupontihe.com/utx?cb=3FIu0Mjs5lS8&top=megaup.net&tid=761186
204 No Content 0 B URL HTTP/2 regrupontihe.com/utx?cb=3FIu0Mjs5lS8&top=megaup.net&tid=761186
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=3FIu0Mjs5lS8&top=megaup.net&tid=761186 HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 06 Feb 2023 23:17:29 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: BLhbKJFlNpRxsRBDTx2TPEhdpuMAhqyqAM8kQPL9IHUihl0i7i7JHg==
X-Firefox-Spdy: h2
regrupontihe.com/utx?cb=1Ioem4e4a6Rh&top=megaup.net&tid=825911
204 No Content 0 B URL HTTP/2 regrupontihe.com/utx?cb=1Ioem4e4a6Rh&top=megaup.net&tid=825911
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=1Ioem4e4a6Rh&top=megaup.net&tid=825911 HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 06 Feb 2023 23:17:29 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: _V1ABIgj1vdBoRYUZs9K1KLK16uYqrzGEg5n6a5LpeR_v7zqeC91Jg==
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
200 OK 500 kB URL HTTP/2 static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 500 kB (499628 bytes)
Hash e4eb2c4ec1794d4e05b77ec20607b881
4abdedcc14882e200a685cfd4240e69c60732aea
4f2c5f4d5efd47fd8d0fc9e0ceca3d637d907a682b748102378c2aa677395efe
GET /a-ads-banners/426618/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: image/gif
content-length: 499628
x-amz-id-2: 3s42ySuhjEYJVfL0KGcEUEXqYSbrsd8wuAq2Z1uxeshvDvr0oEohlUdLI9gRVER8iHET9EArrRk=
x-amz-request-id: GPQ9V63SNJC6PC6X
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 16:37:46 GMT
etag: "e4eb2c4ec1794d4e05b77ec20607b881"
cache-control: max-age=315360000
x-amz-version-id: aMmfct8jferkXctt.IjET.eVL2M61OoN
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 9a60d6016cd998299b6665a91c01695f
6602b5a94afbe5ff3b999196d726e6424db77339
e290f612ebf43358e7d4e0f9f329f6d4b17550c61f7e0e0e62a5e6b57a42f260
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5148
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:29 GMT
Last-Modified: Mon, 06 Feb 2023 21:50:41 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
regrupontihe.com/utx?cb=e7xgS8qN6jAl&top=megaup.net&tid=764141
204 No Content 0 B URL HTTP/2 regrupontihe.com/utx?cb=e7xgS8qN6jAl&top=megaup.net&tid=764141
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=e7xgS8qN6jAl&top=megaup.net&tid=764141 HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 06 Feb 2023 23:17:29 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: MbV--bIY9M-e0ipBRJ4mjmJyrFa3qWvoOnCYeeojfNJ-CLNotmbEbA==
X-Firefox-Spdy: h2
regrupontihe.com/utx?cb=mUTrmjmDl7lh&top=megaup.net&tid=876318
204 No Content 0 B URL HTTP/2 regrupontihe.com/utx?cb=mUTrmjmDl7lh&top=megaup.net&tid=876318
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=mUTrmjmDl7lh&top=megaup.net&tid=876318 HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 06 Feb 2023 23:17:29 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: -rAsCJifun6lrB5VHUcd4_2nKnI81Miq5kYdJgLZB3TuRJqNLyO21A==
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 11d03c07b9852ab59316a2a347ebf1bd
55d036ea5bb029251292e0fd44582458d4cea185
744fff1fac6205be5286e61859b4cc2f0460faf6b015141b2fac58b9515f726d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "744FFF1FAC6205BE5286E61859B4CC2F0460FAF6B015141B2FAC58B9515F726D"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13605
Expires: Tue, 07 Feb 2023 03:03:14 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
ad.a-ads.com/1811811?size=300x250
200 OK 45 kB URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP
ASN #24940 Hetzner Online GmbH
Hash 584f071baf0a133c3c37837a4e6110e5
86cb6b09414e094152c846c36ce43afad640bf80
fdbc9afda92c703024a3f2204511ff2719427f40a8871948bb27555ae615dd7a
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 4cca88345b1263c0e8c00de32a5ea6ad
c5bcc6e1b2d36c9cc4c4f41f46f482320c02a84f
5b70db02c26208f87eeeae6968d14ad31b743cd9e78c23efea8e65e4c8d94b57
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127586
Date: Mon, 06 Feb 2023 23:16:29 GMT
Etag: "63e0d9af-1d7"
Expires: Wed, 08 Feb 2023 10:42:55 GMT
Last-Modified: Mon, 06 Feb 2023 10:42:55 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gev_Rz5WAWiPfh-53R6MG69VGo04PycHTJNDzL6RMjHUV9ZZzgt5Aw==
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1675725435641
200 OK 2.2 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1675725435641
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (5362), with no line terminators
Hash 91f0043ba8f4d156dc40ef4bb12cfe53
d840b893c0c9cf0a7428386efbc9375c6f92d752
f0633926c6761d8ca6177be7afecdb5d80c0323ffd66bbb45587d00d2a6c7945
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1675725435641 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qs6OHv3SIY8FBJ7OWCRWX8gyxKaITEQ2OOB8TmKVzp8tPPbiY9X89j8gSbiH1BtpKlbQ1p0lMCmOQgfctVBKspgBM2LrH9sTCRgho0tOPg%2FxoWUkFataMOwRiBB7o19CxL0CtUr5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795797ffae28fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
theharityhild.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 357
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=KnT5nMpzdIiw
204 No Content 0 B URL HTTP/2 parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=KnT5nMpzdIiw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=KnT5nMpzdIiw HTTP/1.1
Host: parrecleftne.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 06 Feb 2023 23:17:29 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 301faf3f65621d2ccd9fad88788c128a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: mhNw5gBzsZ-XyDSLYYpKxkValxloMQzEik5ffBuc0cj43fsTuv7oXw==
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1675725436007
200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1675725436007
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1675725436007 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzE4dHBvL0hlYXJ0c19PZl9Jcm9uX0lWX3YxLjEyLjEucmFy
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: 3b9222ae-6c95-4aed-bc56-5d63d42efb28
x-api-version: 0.44.11
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=477482,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79579804ba9db4ff-OSL
theharityhild.buzz/
200 OK 805 B IP
File type gzip compressed data, max compression\012- data
Hash 76df49a80d7f1e1a91a7b28dd31962df
75c93c8135d10f277240853be9b896d00b71c4be
85cf09450c68f4606364a7c8b4559e9cb7b92ff4082b2c153ccd569774fb4100
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 352
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 528 B IP
Hash 72b65c9ca2f5d976b74dbf8ce3d22f74
9228809c70fc16b1148ef28f069877f1f5c2a30c
4716f976cf10b0cdf30792d74290f05a5012a2a18a4ca6aab3262cd863d908ec
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=477482,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795798054b4eb4ff-OSL
regrupontihe.com/multi?cs=TWsweW50WQZBWnlSAEBddFgATFs&abt=0&red=1&sm=76&k=download%20file%20hearts%20iron&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_2HLp=1675725436293&crc=1
200 OK 1.5 kB URL HTTP/2 regrupontihe.com/multi?cs=TWsweW50WQZBWnlSAEBddFgATFs&abt=0&red=1&sm=76&k=download%20file%20hearts%20iron&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_2HLp=1675725436293&crc=1
IP
File type ASCII text, with very long lines (3271), with no line terminators
Hash b88a2678460fb0a7d24c7fff8230bd27
8904c7138417596db792ec15de093099b0265cf2
d8fb9ec4c0fe38c852e1878634e980cd51c103534107eac3d3d2d3c038e89bfe
GET /multi?cs=TWsweW50WQZBWnlSAEBddFgATFs&abt=0&red=1&sm=76&k=download%20file%20hearts%20iron&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_2HLp=1675725436293&crc=1 HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1508
date: Mon, 06 Feb 2023 23:16:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=9341e062-525e-474b-81d5-fffd07bdc713
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: PE4OWpfLWzdRZLVwU4CnmCy-f7M0G26FRF1vt5nQV0BWrQVVGt_Baw==
X-Firefox-Spdy: h2
6.adsco.re/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://megaup.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 795798067ffcb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3899
Expires: Tue, 07 Feb 2023 00:21:28 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2260e1222da0ce3c503fccbb29e74868
6b0dd7c0469f59363ebf4398f7ced50a9aba0f06
33a800a2711b431c3d6876c9ac1f96b10e463d511c0f540c8026e436769928e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33A800A2711B431C3D6876C9AC1F96B10E463D511C0F540C8026E436769928E8"
Last-Modified: Sun, 05 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17636
Expires: Tue, 07 Feb 2023 04:10:25 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3899
Expires: Tue, 07 Feb 2023 00:21:28 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
4.adsco.re/
200 OK 62 B IP
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3899
Expires: Tue, 07 Feb 2023 00:21:28 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4dd67c975f1c1f91ca92f37c9e098231
b9096efb56b6e196b13722e767a9d2762737cbb9
39f21e5db4089d6cf94646b76cd9032e9831ed03f7c2f0d980fac09c893a52db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8110
x-amzn-requestid: fdfa4af0-a6e4-4664-a86b-48fd6f374d96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77JCFyzoAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17239-205cdd9d70f23cb358c65222;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: haWel3aE2NwfrpYKJbsqnbYuIjdvneK8WP_2_wbjRcV0ZQ4qYJLGzg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:15:10 GMT
age: 3679
etag: "b9096efb56b6e196b13722e767a9d2762737cbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3899
Expires: Tue, 07 Feb 2023 00:21:28 GMT
Date: Mon, 06 Feb 2023 23:16:29 GMT
Connection: keep-alive
regrupontihe.com/floater?cs=ZFJlcTBUY1NEBVRlU0UCVWJUSQc&abt=0&red=1&sm=83&k=download%20file%20hearts%20iron&v=0.9.1.1&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_QRaF=1675725436290&crc=1
200 OK 5.0 kB URL HTTP/2 regrupontihe.com/floater?cs=ZFJlcTBUY1NEBVRlU0UCVWJUSQc&abt=0&red=1&sm=83&k=download%20file%20hearts%20iron&v=0.9.1.1&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_QRaF=1675725436290&crc=1
IP
File type ASCII text, with very long lines (7311), with no line terminators
Hash 9661ffaf7331b17fa4e8c115e9ee9e17
7cc95f2710dd00f1a06f683139f2a61350390dac
a0b68462ce0d8858163243ceaf2b140895c36f59547afa78ac57cd58b581ee18
GET /floater?cs=ZFJlcTBUY1NEBVRlU0UCVWJUSQc&abt=0&red=1&sm=83&k=download%20file%20hearts%20iron&v=0.9.1.1&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_QRaF=1675725436290&crc=1 HTTP/1.1
Host: regrupontihe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 4999
date: Mon, 06 Feb 2023 23:16:29 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=2074cf97-9e29-48b3-891c-5761d4d5645a
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc6d892e50c1cfe7441caac7fe31e5d2.cloudfront.net (CloudFront)
x-amz-cf-pop: QRO51-C1
x-amz-cf-id: sMLlaFQhx6E770LvyWEdLs7v85fN7n0Zj9Geh9zGNoPwjmHkX5k0xA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 298eca3ae092fd28108db52acaa59545
ee865a4919befec21c73f7a1cf0c2405c34743b7
d490b601b1dc9e89392b902b7b7376815c81019ef53ab06aa27ed563600bb1a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4252883-1cf4-4e4a-98fa-fee2d1bd1a6c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13371
x-amzn-requestid: 2fd56339-7b32-4058-8eea-8565cae3037c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2opoHjGoAMFsMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df54a3-5b0bd42e1e21d7d65ac7c7f1;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JsUVBJdjaEX5lknubVE44HzNtrl9gAxfQVmj1G6Wm1yaJ8gmmiOJKw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 10:42:23 GMT
age: 45246
etag: "ee865a4919befec21c73f7a1cf0c2405c34743b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90168201-5a9a-4b46-93be-3475cfc8d425.jpeg
200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90168201-5a9a-4b46-93be-3475cfc8d425.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ce14d8444f612655b3a1bfe39524fa4
975a6a73a44f6c148b78971c644cfe74a02089bb
4bb09993f3b4a0fbb2680e2eeb200a2733be367c8746bc22d0f926d8b3ff7164
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90168201-5a9a-4b46-93be-3475cfc8d425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3633
x-amzn-requestid: 3d3ca1a8-338e-4930-ae3a-71d6486c4f19
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpdtCHe1oAMFQIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0fec-549b40a006425da83f4f1610;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:08:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k71tctyakUu3zKXPqtRWuFl-HkLdHw360_Q_3nNihSIw79QGGNYG2A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 15:44:16 GMT
age: 27133
etag: "975a6a73a44f6c148b78971c644cfe74a02089bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 4870
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bea82060b0cd156bf25493942ab62317
4182ba66cceb85c1e873ed5c72a86d53ab851b94
b77aaa7620aa77c7b73be04ad7c91af04f5e91393b3847928668bed644d68709
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8ec9ce3-b686-41f5-8011-400eea8266d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10297
x-amzn-requestid: e1dcfab3-4321-4c83-8ad2-5b6a1b948178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77J0G-voAMFrfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1723e-33c2bc5c1f200cca7d7aa961;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6X7tm-1VoSJ0mm0sAsGfD4R-lnaCIUmy91BFZo72Idl1di8SabpEWw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:29 GMT
age: 4860
etag: "4182ba66cceb85c1e873ed5c72a86d53ab851b94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88178e0f623494e30ece4da4eed04d60
7f016d87157a577e4ad4e4cf6c854a0489f8571a
e5658ac599ca37e797637a596ca9b65c80c1053b2ce5dacc667ae3b8b1ce54a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6384
x-amzn-requestid: 5f91a438-31d9-42ca-96b4-71344cc736c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77IcE2-oAMFbZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17235-1ce1ebfa4e9ae6053434c48d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: li__CyiikZFRNF7c8_9Kbi18VJ39UzJiNgP9z141MCUFVPnYAEXPCg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:24:59 GMT
age: 3090
etag: "7f016d87157a577e4ad4e4cf6c854a0489f8571a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 102 kB IP
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6480
last-modified: Mon, 06 Feb 2023 21:28:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iykmSxf8v%2FwvJ%2BN6qpWd2%2Fuk8nW6Je7MrwmjAS%2FPMdNXYkGHvxed6FkfBSQA8gYILm2AuPVQPVM8D564rMDPVptV0RQge1apVnnxLZXqMpgiIRMRUTF9Gtj97a5TKkQv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795798030a7271d5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04; _ga=GA1.2.663329532.1675725436; _gid=GA1.2.1003110128.1675725436; _gat_gtag_UA_108868042_1=1; a=uPsuuphyx4XQXmKKEf4FbcIdsX2PxTFJ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:30 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-2023-02-06.js
200 OK 121 kB URL HTTP/2 cdn.psdn.xyz/prebid-2023-02-06.js
IP
File type ASCII text, with very long lines (64829)
Size 121 kB (120556 bytes)
Hash 50ecf57c00000309e142af3287ad14a7
09e12e6ec31a1cc930498c7dd31aafb9ca23f728
dcdfb1a5c627cbe00291a06da828a504f3b0a2a4c67eb24fc0987fda26f712bf
GET /prebid-2023-02-06.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:30 GMT
content-encoding: gzip
content-length: 120556
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 10:49:02 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "50ecf57c00000309e142af3287ad14a7"
cache-control: max-age=31536000
x-amz-request-id: tx00000000000000b889ae1-0063e0dd1b-42ea4c95-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1675725390.dop003.sk1.t,1675725390.cds021.sk1.hn,1675725390.cds219.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8f36a2548dd4140628becbc907244350
a495d8f74effcd89ed0a1dd95a8277186fd49e0d
11b23805d4747f9002640e71b5e8279b1bfa8cfdb2a9f6215ab9a48999c05bd3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11B23805D4747F9002640E71B5E8279B1BFA8CFDB2A9F6215AB9A48999C05BD3"
Last-Modified: Sun, 05 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3921
Expires: Tue, 07 Feb 2023 00:21:51 GMT
Date: Mon, 06 Feb 2023 23:16:30 GMT
Connection: keep-alive
script.4dex.io/localstore.js
200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 296702
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsgcOJ74Jsyjs0xi59Fi5Nnu5CwLcYSN3A8aH0ly75Fo118doL%2BVrOcOjh3NEr8Uayv9OxGiu%2BAQvNaH8hSp1niJ1%2B9nOhPkZbKwleyWPThN5bXdFfPmHDsEhcumTHAG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 795798086bd21c02-OSL
Content-Encoding: br
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8538588a56a58ae265f337c34aa913bf
2902f7ca459bd342268bdc18ae524f85281748b5
7ed6f5637c766a0c6635aeb0cfc67df462bdc4a1f296b46c7cc656fef88d5443
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 07:45:26 GMT
Expires: Sat, 11 Feb 2023 07:45:25 GMT
Etag: "2902f7ca459bd342268bdc18ae524f85281748b5"
Cache-Control: max-age=375534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795798087ddeb4ff-OSL
script.4dex.io/adagio.js
200 OK 23 kB IP
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1229286
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZAP55s6dtBmNgrUyyOG6q6yHDoPQWGZoASGHyFt1aWK1ZQ0uCRY1r7qwETWs1h7stHTRvPLAnWrc2QOcminaQ7o6yUY4IzIul3kuRqZJpwrDPEKQmNstjMX3q8SQ3I%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79579808dff7b527-OSL
Content-Encoding: br
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 401cf9db22c1c23d339cf62d59b541ce
53dc1c6149483f662ce8bb631981855baa42b1c4
1b2357b8badf5f9582a6695c217b489d178f23b2fab81ae2152532ed92f434c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B2357B8BADF5F9582A6695C217B489D178F23B2FAB81AE2152532ED92F434C4"
Last-Modified: Sun, 05 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7249
Expires: Tue, 07 Feb 2023 01:17:19 GMT
Date: Mon, 06 Feb 2023 23:16:30 GMT
Connection: keep-alive
script.4dex.io/localstore.js
304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Mon, 06 Feb 2023 23:16:30 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 296702
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiUGwqXEXk1V7aCSlBLtAVPCbExjnzhsVHyhDxhMTu%2FTWuwbRcwsEsVflMezTdHIcBuhrQPVCk6t6JT4T4k0ua2OH%2BHPOi0AOMcMRX2COb7M7FQaXr1nwtfnO2oL9P7i"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 795798091c261c02-OSL
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1118
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 06 Feb 2023 23:16:29 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1675725437005
200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1675725437005
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
OPTIONS /x/init?ts=1675725437005 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 63638cb1-d26d-4343-812f-3c49f96398f4
x-api-version: 0.44.11
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1106
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 06 Feb 2023 23:16:29 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
304 Not Modified 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Mon, 06 Feb 2023 23:16:30 GMT
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1229286
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYk%2FN2grI67lDzo7VZePU8YKVWq%2FvKrzo9WDZ12IneinhTogEeXhK%2BNO%2F7wne%2FJG409KTxN6cH588n4KPZKr26x3Lguj1iK8pGcaqsBL3L0YOuXuqBhWSCOBsMM3f7th"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 795798096888b527-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash d72a1b04795dbdbc7b866e709ef983cd
bd8d94cbac423e3b2847427edf1cb173c5813b9f
205d77e0d3d23b9b0875f6ad98d8311c592f453f95b1de97cdb00218e65e1796
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4354
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:30 GMT
Last-Modified: Mon, 06 Feb 2023 22:03:56 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
rdlico2bc0iq.n4.adsco.re/
200 OK 0 B URL HTTP/1.1 rdlico2bc0iq.n4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: rdlico2bc0iq.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 471 B IP
Hash 9b3c9fb544f4dc11aa3091a87f4a8533
30f014fe00cc6aa29367575e6d3b04d2d61615c1
c82529c991adfe6857e11b6804354739209c3959773b6d0d8cb7e2df52505e2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6470
Cache-Control: max-age=103460
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:30 GMT
Etag: "63e0622d-1d7"
Expires: Wed, 08 Feb 2023 04:00:50 GMT
Last-Modified: Mon, 06 Feb 2023 02:13:01 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
mp.4dex.io/prebid
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1988
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7957980988471c06-OSL
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 711
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 143 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ede0d981775a19148d38a1bfc5ee61b8
ef38a07b1daa9e3107333f35b7cedb3c9a169ad5
95f3fde856d24e690612969b66f500b7ad1b60d713e0fe77f37da26cf7be9d63
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 888
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5f576885-7360-400c-b801-ef35c616c55a
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMM6Uhp8GOAFAAUgBEM6Uhp8GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5287420029419716325; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 65295dd89439a299ef48e9b96929f295
05e78a331422f356d2266fa5da6d0d8cbe778b6c
057a7aabb36508a64d378f377b1e7242f257364fab5d18d32dba0cb9b1df143f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 23:16:30 GMT
Last-Modified: Mon, 06 Feb 2023 22:33:52 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SQC3O3_LVhHAl_phkkEnXaXfYml-3cjQcKamBHzRO7otwwNQ6qmNiA==
Age: 2558
theharityhild.buzz/T0FKUUoUY3JieHlyeXNmbWNmcyx3cnkyensjZ2cvfyNnZS4tcWdofnd2Zzd8KiQvMi8sIikyL21taGl9LnFyMCh%2BbC4zLy1sfjR9K2wrYXgpbHJneHZxfjd%2BKnF5aGhjYzkmaGNjPjkvJyA4OD42KSM9LmEjPyswbW1oYHphdGh9LC4tOTRmKSAmIi9jJys9OSoc
200 OK 13 kB URL HTTP/2 theharityhild.buzz/T0FKUUoUY3JieHlyeXNmbWNmcyx3cnkyensjZ2cvfyNnZS4tcWdofnd2Zzd8KiQvMi8sIikyL21taGl9LnFyMCh%2BbC4zLy1sfjR9K2wrYXgpbHJneHZxfjd%2BKnF5aGhjYzkmaGNjPjkvJyA4OD42KSM9LmEjPyswbW1oYHphdGh9LC4tOTRmKSAmIi9jJys9OSoc
IP
File type ASCII text, with very long lines (33980), with no line terminators
Hash e5d972e352d59555ad19724eadcbdb26
1a424ae8f6e03c0e56ecf4b4c8cb6b0a902f328d
3187622de53f0339692febc1e387b05ab1c65854dd290fa65dcbcae326e1d72b
GET /T0FKUUoUY3JieHlyeXNmbWNmcyx3cnkyensjZ2cvfyNnZS4tcWdofnd2Zzd8KiQvMi8sIikyL21taGl9LnFyMCh%2BbC4zLy1sfjR9K2wrYXgpbHJneHZxfjd%2BKnF5aGhjYzkmaGNjPjkvJyA4OD42KSM9LmEjPyswbW1oYHphdGh9LC4tOTRmKSAmIi9jJys9OSoc HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 9802dbc3f7200f219b5643f58caacbaf=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8449-c9gQcPsVdB6GbEDnSr+5jDA+nfw"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 7ff9cda5b539afdec8238fb41657b805
b2a8530b4e62027d53a2299e195ea800c968d4fd
83f3100cdc351dd1c22d478b67c95c4ec1f4a4757f0990fb899183e0398e3b48
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 06 Feb 2023 20:29:39 GMT
Expires: Tue, 07 Feb 2023 20:29:39 GMT
ETag: "b2a8530b4e62027d53a2299e195ea800c968d4fd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&tmax=3000
200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&tmax=3000
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 498
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:30 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 143 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d3a6aff3309fe3c5925ab725499f5dcd
18971ecbdd7319d9103bbf0ace4f5df275639d04
a3e6307f4ba34267238784226dc146fbd6c31e91806fbcb4b6eec515da8763c1
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 976
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: faf58183-119e-4efb-9ff4-d8e03dd05715
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMM6Uhp8GOAFAAUgBEM6Uhp8GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3830791902424069988; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 7ff9cda5b539afdec8238fb41657b805
b2a8530b4e62027d53a2299e195ea800c968d4fd
83f3100cdc351dd1c22d478b67c95c4ec1f4a4757f0990fb899183e0398e3b48
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 06 Feb 2023 20:29:39 GMT
Expires: Tue, 07 Feb 2023 20:29:39 GMT
ETag: "b2a8530b4e62027d53a2299e195ea800c968d4fd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bf1533d3ca5e8edb536fdc6eb045c5c9
e506e83ca9763df541e4c502cd9a694f8e062c28
6a02ff7c345c5d0f2061b4587e96eef9d4c1f5812538ad4c34b1dd96a1e5aaba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A02FF7C345C5D0F2061B4587E96EEF9D4C1F5812538AD4C34B1DD96A1E5AABA"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13763
Expires: Tue, 07 Feb 2023 03:05:53 GMT
Date: Mon, 06 Feb 2023 23:16:30 GMT
Connection: keep-alive
prebid.admanmedia.com/pbjs
200 OK 2 B URL HTTP/1.1 prebid.admanmedia.com/pbjs
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 393
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
script.4dex.io/localstore.js
304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Mon, 06 Feb 2023 23:16:30 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 296702
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y41nyKJ%2B90pKiSbANCMZc%2Bp8b%2F0S1nxmwcDfMZ3UQTmMxq9XJdbMro%2FtHo5LbgDfXZtH3KL3B1m%2FK01V8pBjlGvDYH6yRUhT36SqPkeGMlm09q0ZwaNx7cKhmM4lieJJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7957980bbd711c02-OSL
tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&tmax=3000
200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&tmax=3000
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.33.0&referrer=https%3A%2F%2Fmegaup.net%2F18tpo%2FHearts_Of_Iron_IV_v1.12.1.rar&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 531
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:30 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1141
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 06 Feb 2023 23:16:29 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
mp.4dex.io/prebid
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2091
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7957980be9c81c06-OSL
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 743
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
304 Not Modified 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Mon, 06 Feb 2023 23:16:30 GMT
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1229286
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aH8yJq8ExWGec6sZVGnJstUDUQE%2F5BHUhAZxwUztojriwDV%2B39BR4SBVtynmPia7LNIW%2FjY%2BvwoloDXHqYrlN0wJb4SwCqlyUPPjIoeJKY81AXEgGO1CmFPV0EBeRVD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7957980c2b8eb527-OSL
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1121
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 06 Feb 2023 23:16:30 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
mp.4dex.io/prebid
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2092
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7957980c09d71c06-OSL
X-Firefox-Spdy: h2
prebid.admanmedia.com/pbjs
200 OK 2 B URL HTTP/1.1 prebid.admanmedia.com/pbjs
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1029
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
ib.adnxs.com/ut/v3/prebid
200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d0d804b88695cfd3a6ca5100d09d1bc
fcf1779a3a721b30464a5a556214be3c1e3c5394
d7367aaf6d722f7ea3c7f96c5d1039dde92f048c04e725b601de955b64f82f8b
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 965
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 307cf8bd-7afb-43fc-94d0-2666e201bef9
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMM6Uhp8GOAFAAUgBEM6Uhp8GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7026218730044469262; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 70f9bc189f1ac0b8da2a4fed5c227fe5
c11d675e2027b1d1d91c5fc7d89348f0c701d5cd
02b085d586f34a4cca944977007f090559c6e126c5f89a2f6626f215f0d9424f
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 864
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 2cbd95dc-d1d8-40df-b915-af8a2fbb9d5f
Set-Cookie: icu=ChkIud-IARAKGAEgASgBMM6Uhp8GOAFAAUgBEM6Uhp8GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6546594193031212912; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid.admanmedia.com/pbjs
200 OK 2 B URL HTTP/1.1 prebid.admanmedia.com/pbjs
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 394
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
prebid.admanmedia.com/pbjs
200 OK 2 B URL HTTP/1.1 prebid.admanmedia.com/pbjs
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1296
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
rdlico2bc0iq.s4.adsco.re/
200 OK 0 B URL HTTP/1.1 rdlico2bc0iq.s4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: rdlico2bc0iq.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 23:16:30 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
api.purpleads.io/x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=9ba64276-813d-4977-a955-7d95d71283b7&demand=unifiedPb&ts=1675725438007
200 OK 121 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=9ba64276-813d-4977-a955-7d95d71283b7&demand=unifiedPb&ts=1675725438007
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 97a9c71e9dae0e4ff0165470aa3bc0d9
8ba0abff5f03af1b513093104e143635d6ad012a
95d51c72258303c279d62a18c025204b574e9ae373d17bd8aa76073076d46636
GET /x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=9ba64276-813d-4977-a955-7d95d71283b7&demand=unifiedPb&ts=1675725438007 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzE4dHBvL0hlYXJ0c19PZl9Jcm9uX0lWX3YxLjEyLjEucmFy
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:31 GMT
content-type: application/json; charset=utf-8
content-length: 121
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: c10ebd62-4a04-4554-b6b1-f41471d17157
x-api-version: 0.44.11
set-cookie: pa-user-id=9bbd6885-d002-4cf2-9c64-7642fc97b865; Domain=.purpleads.io; Path=/
pa-user-id: 9bbd6885-d002-4cf2-9c64-7642fc97b865
etag: W/"79-i6Cr/18DrxtRMJMQThQ2NdatASo"
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&demand=unifiedPb&ts=1675725438209
200 OK 121 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&demand=unifiedPb&ts=1675725438209
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash e225b65c9deb91bbbbc886578af2b643
7d2478e384ce1c4625b298bbbe3f0453415fd2be
e0000c4cd054ac25e74ce84ae30a8949a0412aa76097d0eb74f231caedde74cd
GET /x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&demand=unifiedPb&ts=1675725438209 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.5.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzE4dHBvL0hlYXJ0c19PZl9Jcm9uX0lWX3YxLjEyLjEucmFy
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:31 GMT
content-type: application/json; charset=utf-8
content-length: 121
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-expose-headers: pa-user-id
x-request-id: aa7de6b0-ae94-45ca-ba4b-60c95334834c
x-api-version: 0.44.11
set-cookie: pa-user-id=94f46cc6-6be0-4cfc-bf54-73cfc04d76e2; Domain=.purpleads.io; Path=/
pa-user-id: 94f46cc6-6be0-4cfc-bf54-73cfc04d76e2
etag: W/"79-fSR444TOHEYlspi7vj8EU0Ff0r4"
vary: Accept-Encoding
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
200 OK 624 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP
File type JSON data\012- , ASCII text, with very long lines (1226), with no line terminators
Hash fd7b0bc92636b75181b665b7455194c4
d51ad7a5a1c4bd8b33fe8ee638f2cce91a78d19b
5b70e0f52e4032adacac182c7feaaf2faa50ce9b61a0fe60c6aad3cbd23e86d2
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1301
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:30 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/ISScEAKWoTw
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/ISScEAKWoTw
IP
Hash 1cad74c7ae3e11b19a618427a53745ae
0eab1d53a036fe741906ad6fbb220aef78ed0f30
547b87ed437cd6d16a421e8594cfbf42d0eb669bcf471e187251edb5b55df3e1
POST /s/gts1p5/ISScEAKWoTw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/ISScEAKWoTw
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/ISScEAKWoTw
IP
Hash 1cad74c7ae3e11b19a618427a53745ae
0eab1d53a036fe741906ad6fbb220aef78ed0f30
547b87ed437cd6d16a421e8594cfbf42d0eb669bcf471e187251edb5b55df3e1
POST /s/gts1p5/ISScEAKWoTw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sheetvibe.com/winnotice?sid=H4sIAAAAAAAC%2F1RTS28cRRetyZdvEbEBBAukIA07kNCke17uIUIWJjGySBwrD3mHVF1VbV%2FcU9Wq6p4ee2WBhLJCg1iQZfk4tgUkiPwABGqzQV5lNsgI%2FBdARGKNZjJk4EpV93Hu4tS9pz7ZK85YgIKfrl03O5Sm%2FFKnEdRfXyctTenqq7frYdAILtfXSXfbl%2BvDyWUHb4VBpxG8UX9PiS1zqRmEQRAGYX2ZrErM8NIUBWUPemGjFzTazUbYaWNoPVxRg%2BM1yMEZexEkx%2F%2Ff%2FOkRSFTQ%2FW%2BvKLeVm%2BzNq%2F0i5bmxGMijO3pLm1KjPw8TW0Oij2bdMG7M2L1zMPpoxhpmcH%2FCGjGNWe3nELE%2BmlFDPDh4yi5OoTRi%2BRzKQQWVViBeQZiPQfIxA4TE6g3o%2FuGqsSXfforyCTpm5%2F96AirH7PxvL0H3v1lKaVi%2FZdIiJ6MdhokHDSvQRoWsOEa%2Bw0DlMUT%2BEUgy6L4HST99NVEFSiqkagTuGIrJIYYiqaHIaujL0zrv9JIgWEjipNWK2kKIVkuITtSVHdlqR0mAQkxojZBnI4h0BGF3kdldbNEItvgU5CoU3IMyj8wdRs1OLwyhxMnik9bUwOm0rhbipmyFnZ4MVVPFYRi0u2HUjjqqG7Y6UiCmk8XF4vnrd14lpMSg%2BMn3f7CpwWkPXfh9bcnDqhM2s30r85PFZ12bHk4yuJxhID1KxVA6hpIzlMRQ5gzlwB%2FI1DWdP5SpK%2BJw5psz3%2FL7Jt%2FwBybfUJrtZWfshelO%2FhQfYEud1pNANKOk1241o3avF0eyvdDqRl0pQhmpdiTh6J8JkDsH7mrYoTF7%2BdffkU3kIj9HzI%2Fh0mMIeg28uAheevBNjx3tIc1Dt6lUPqBYNYTpI8svIN%2Bu7aVn7JUpke69u%2F%2BZrbAemfX4kH5k2Ejv7t80Jbt%2F05SOPbqR5dSnHT4Rzq2c5%2Bp%2FX72vtktj5coVN%2FryHTEBJuGD28rl17iWpDcc%2B3qJpFR22Vih2Hcrbl3Fa4XbXCqsLrJra%2B8ur%2FQzq5wjoytwenz1Cwgaswuf%2FTL9Ehcfvg2yFWzh0S%2Be7QpkKohsFy6b15xhsOk8jzOGsvD7thnPixM1pPOlg8ce7l95PI%2F33A9w5JE79jcAAAD%2F%2FwEAAP%2F%2FgMlrHHwEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1675725389&pid=91283&sub2=icon&auid=e7b2d3159d1e2eb1104618485e6135dc&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
307 Temporary Redirect 0 B URL HTTP/2 sheetvibe.com/winnotice?sid=H4sIAAAAAAAC%2F1RTS28cRRetyZdvEbEBBAukIA07kNCke17uIUIWJjGySBwrD3mHVF1VbV%2FcU9Wq6p4ee2WBhLJCg1iQZfk4tgUkiPwABGqzQV5lNsgI%2FBdARGKNZjJk4EpV93Hu4tS9pz7ZK85YgIKfrl03O5Sm%2FFKnEdRfXyctTenqq7frYdAILtfXSXfbl%2BvDyWUHb4VBpxG8UX9PiS1zqRmEQRAGYX2ZrErM8NIUBWUPemGjFzTazUbYaWNoPVxRg%2BM1yMEZexEkx%2F%2Ff%2FOkRSFTQ%2FW%2BvKLeVm%2BzNq%2F0i5bmxGMijO3pLm1KjPw8TW0Oij2bdMG7M2L1zMPpoxhpmcH%2FCGjGNWe3nELE%2BmlFDPDh4yi5OoTRi%2BRzKQQWVViBeQZiPQfIxA4TE6g3o%2FuGqsSXfforyCTpm5%2F96AirH7PxvL0H3v1lKaVi%2FZdIiJ6MdhokHDSvQRoWsOEa%2Bw0DlMUT%2BEUgy6L4HST99NVEFSiqkagTuGIrJIYYiqaHIaujL0zrv9JIgWEjipNWK2kKIVkuITtSVHdlqR0mAQkxojZBnI4h0BGF3kdldbNEItvgU5CoU3IMyj8wdRs1OLwyhxMnik9bUwOm0rhbipmyFnZ4MVVPFYRi0u2HUjjqqG7Y6UiCmk8XF4vnrd14lpMSg%2BMn3f7CpwWkPXfh9bcnDqhM2s30r85PFZ12bHk4yuJxhID1KxVA6hpIzlMRQ5gzlwB%2FI1DWdP5SpK%2BJw5psz3%2FL7Jt%2FwBybfUJrtZWfshelO%2FhQfYEud1pNANKOk1241o3avF0eyvdDqRl0pQhmpdiTh6J8JkDsH7mrYoTF7%2BdffkU3kIj9HzI%2Fh0mMIeg28uAheevBNjx3tIc1Dt6lUPqBYNYTpI8svIN%2Bu7aVn7JUpke69u%2F%2BZrbAemfX4kH5k2Ejv7t80Jbt%2F05SOPbqR5dSnHT4Rzq2c5%2Bp%2FX72vtktj5coVN%2FryHTEBJuGD28rl17iWpDcc%2B3qJpFR22Vih2Hcrbl3Fa4XbXCqsLrJra%2B8ur%2FQzq5wjoytwenz1Cwgaswuf%2FTL9Ehcfvg2yFWzh0S%2Be7QpkKohsFy6b15xhsOk8jzOGsvD7thnPixM1pPOlg8ce7l95PI%2F33A9w5JE79jcAAAD%2F%2FwEAAP%2F%2FgMlrHHwEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1675725389&pid=91283&sub2=icon&auid=e7b2d3159d1e2eb1104618485e6135dc&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTS28cRRetyZdvEbEBBAukIA07kNCke17uIUIWJjGySBwrD3mHVF1VbV%2FcU9Wq6p4ee2WBhLJCg1iQZfk4tgUkiPwABGqzQV5lNsgI%2FBdARGKNZjJk4EpV93Hu4tS9pz7ZK85YgIKfrl03O5Sm%2FFKnEdRfXyctTenqq7frYdAILtfXSXfbl%2BvDyWUHb4VBpxG8UX9PiS1zqRmEQRAGYX2ZrErM8NIUBWUPemGjFzTazUbYaWNoPVxRg%2BM1yMEZexEkx%2F%2Ff%2FOkRSFTQ%2FW%2BvKLeVm%2BzNq%2F0i5bmxGMijO3pLm1KjPw8TW0Oij2bdMG7M2L1zMPpoxhpmcH%2FCGjGNWe3nELE%2BmlFDPDh4yi5OoTRi%2BRzKQQWVViBeQZiPQfIxA4TE6g3o%2FuGqsSXfforyCTpm5%2F96AirH7PxvL0H3v1lKaVi%2FZdIiJ6MdhokHDSvQRoWsOEa%2Bw0DlMUT%2BEUgy6L4HST99NVEFSiqkagTuGIrJIYYiqaHIaujL0zrv9JIgWEjipNWK2kKIVkuITtSVHdlqR0mAQkxojZBnI4h0BGF3kdldbNEItvgU5CoU3IMyj8wdRs1OLwyhxMnik9bUwOm0rhbipmyFnZ4MVVPFYRi0u2HUjjqqG7Y6UiCmk8XF4vnrd14lpMSg%2BMn3f7CpwWkPXfh9bcnDqhM2s30r85PFZ12bHk4yuJxhID1KxVA6hpIzlMRQ5gzlwB%2FI1DWdP5SpK%2BJw5psz3%2FL7Jt%2FwBybfUJrtZWfshelO%2FhQfYEud1pNANKOk1241o3avF0eyvdDqRl0pQhmpdiTh6J8JkDsH7mrYoTF7%2BdffkU3kIj9HzI%2Fh0mMIeg28uAheevBNjx3tIc1Dt6lUPqBYNYTpI8svIN%2Bu7aVn7JUpke69u%2F%2BZrbAemfX4kH5k2Ejv7t80Jbt%2F05SOPbqR5dSnHT4Rzq2c5%2Bp%2FX72vtktj5coVN%2FryHTEBJuGD28rl17iWpDcc%2B3qJpFR22Vih2Hcrbl3Fa4XbXCqsLrJra%2B8ur%2FQzq5wjoytwenz1Cwgaswuf%2FTL9Ehcfvg2yFWzh0S%2Be7QpkKohsFy6b15xhsOk8jzOGsvD7thnPixM1pPOlg8ce7l95PI%2F33A9w5JE79jcAAAD%2F%2FwEAAP%2F%2FgMlrHHwEAAA%3D&ap=${AUCTION_PRICE}&l=3577992&sub3=1675725389&pid=91283&sub2=icon&auid=e7b2d3159d1e2eb1104618485e6135dc&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: sheetvibe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Mon, 06 Feb 2023 23:16:32 GMT
content-length: 0
location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
x-request-id: db4555b2a6bc142a99cbc1831a82f341
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcyJYwrCwjvfayOofV7qKbTQrhZ5yJAbhQabpTM5k2%2BHC8%2BcrClETteU6%2BnosVSWpIR0jtwW%2FsXhVHGESgO%2BMOJwJz3gR3WMl6pA5ngSCceuFQ%2Fd4IQnNEoPrc9Qh%2FcS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79579815a85d1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/ISScEAKWoTw
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/ISScEAKWoTw
IP
Hash 1cad74c7ae3e11b19a618427a53745ae
0eab1d53a036fe741906ad6fbb220aef78ed0f30
547b87ed437cd6d16a421e8594cfbf42d0eb669bcf471e187251edb5b55df3e1
POST /s/gts1p5/ISScEAKWoTw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 23:16:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dee62a2a013d4ee8d946cfdb1f4be459
17d8d9f9e538b311321383f7a26f258730f6fe52
e25753484ff7daa3fe858dcf3173286fe242afd6fd13732f8fc38b7b7940a7ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E25753484FF7DAA3FE858DCF3173286FE242AFD6FD13732F8FC38B7B7940A7CA"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8429
Expires: Tue, 07 Feb 2023 01:37:01 GMT
Date: Mon, 06 Feb 2023 23:16:32 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:32 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Wed, 08 Feb 2023 23:16:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 07 Feb 2023 23:16:35 GMT
Date: Mon, 06 Feb 2023 23:16:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 07 Feb 2023 23:16:35 GMT
Date: Mon, 06 Feb 2023 23:16:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
200 OK 8.2 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash e606b082ed34ef80e2f62653f83d68ba
716c3ef72d18a1c368d200d7bc3ecb90a3fa93d2
7db3562f887826779c62ec7b7defe118470bb68d15a58811aa5f3b78df278092
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 08 Feb 2023 23:16:33 GMT
date: Mon, 06 Feb 2023 23:16:33 GMT
content-length: 8210
X-Firefox-Spdy: h2
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
200 OK 8.2 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash e606b082ed34ef80e2f62653f83d68ba
716c3ef72d18a1c368d200d7bc3ecb90a3fa93d2
7db3562f887826779c62ec7b7defe118470bb68d15a58811aa5f3b78df278092
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 08 Feb 2023 23:16:33 GMT
date: Mon, 06 Feb 2023 23:16:33 GMT
content-length: 8210
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 0dc3bd60-7125-4803-89b6-ce4492cce4df
Set-Cookie: uuid2=3111873130198662772; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
200 OK 8.8 kB URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash f0090e5a7f49c442fbd556c9a496bdc1
e70f24382ddb71e359f40706ae761124119abb5c
97ac6c2c0ddc5f1614a11a79cf2349c9cde1143cae48c3f28728cf202bf07325
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1269
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:30 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 10bfa28a-8271-4653-b68a-ef680662abb3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 4afad50d-8e22-4c09-bb07-399b21463805
Set-Cookie: uuid2=2302914103902393865; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a3e81b52-51ed-4934-a735-783e6235d82d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 8aebae87-26d5-42e0-a335-39c9a250143e
Set-Cookie: uuid2=3780786695282496493; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eb2.3lift.com/sync?
200 OK 37 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:33 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
eb2.3lift.com/sync?
200 OK 37 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:34 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 6ea50223-2c8e-4edd-935d-8b704d86e949
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: e1ae45a8-5917-4d74-9be9-5b83055b9e0a
Set-Cookie: uuid2=4506879805059584085; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d0f8b301-6865-4a8e-96ca-34f457c009ce
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cs.admanmedia.com/iframe?pbjs=1&coppa=0
404 Not Found 9 B URL HTTP/1.1 cs.admanmedia.com/iframe?pbjs=1&coppa=0
IP
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
cs.admanmedia.com/iframe?pbjs=1&coppa=0
404 Not Found 9 B URL HTTP/1.1 cs.admanmedia.com/iframe?pbjs=1&coppa=0
IP
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
cs.admanmedia.com/iframe?pbjs=1&coppa=0
204 No Content 0 B URL HTTP/1.1 cs.admanmedia.com/iframe?pbjs=1&coppa=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 06 Feb 2023 23:16:34 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: DENY
cs.admanmedia.com/iframe?pbjs=1&coppa=0
404 Not Found 9 B URL HTTP/1.1 cs.admanmedia.com/iframe?pbjs=1&coppa=0
IP
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
api.purpleads.io/x/v2/v?ts=1675725436424
200 OK 818 B URL HTTP/2 api.purpleads.io/x/v2/v?ts=1675725436424
IP
File type gzip compressed data, from Unix\012- data
Hash 536b28dc79ed711ba00bbefb6ec5ed78
7006acd9ee1b468f4c54df1d5a4ee0129b8cef08
d24366448b4bcb2c829e6607037ccd98e32613745fcbe4b233a5698f41082896
OPTIONS /x/v2/v?ts=1675725436424 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 0f99efae-1781-4fdb-8b51-724e22f837bf
x-api-version: 0.44.11
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 287b472d-834c-4413-bfe7-fb1d6baa44b6
Set-Cookie: uuid2=2340311478636745498; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: f1d1ca70-fb59-4a5a-bb06-82351c1584fc
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 70b043cf-7b06-4799-8c10-b0d2d9bc87ea
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: d8e97577-39fa-4512-90cd-dc11d9107fb9
Set-Cookie: uuid2=6791240937933177310; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: cb4c3342-30c1-4c95-8089-2b92dc4941ae
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04; _ga=GA1.2.663329532.1675725436; _gid=GA1.2.1003110128.1675725436; _gat_gtag_UA_108868042_1=1; a=uPsuuphyx4XQXmKKEf4FbcIdsX2PxTFJ; token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAY-GKTgFj4YpOgAGBAcAAIBeeDGO8wZhiu5uAWa-X0re743C2zwWlAaCtFBUf_mk_wQAgvItHQuORWLBs_DfA6CmbOWAGBEAds3ebBW6hZ-ElfIk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:34 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: b8c9403c-987d-4c71-bdfd-3554ad4e315b
Set-Cookie: uuid2=6500510601914186875; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 23:16:35 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 23:16:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 0ced9be0-dbdc-46c5-a01e-358f86c7b1f1
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
200 OK 1.1 kB URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP
Hash 426f398f992e645dcc74eb6d3ad4808f
98436f34006fc33f90dcda919bbe3d838e1d5365
4b56d178ff5d0e0aaa9c5ede30910cf8231d7444aa8022651c50841231c5c060
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1190
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:30 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
imgdelnw.com/ie?v=4&c=qbIrBnoK8h0rEtoLVQevc7WzlEhVdhaKUMa5r2dMYQOc7zB-S57UO9RIyVfneN5FzgzI9_VgjOCHM15788hf5o3df5HT78JQupOx2brJ1S0_ax38HHE8nFO6zcJzd90_eXK8QmRgxFJH7Clfc52D9qhBebVWIoJ3O47JYAOKW9PRYI9gjpV-zqXHaqhy9yPXmmxOXi32tiCwxMyIN3kupUUofvlS-K-Mz4uJqgiobwgd5blJlpHdFZRDtvqHprw4rXyVHtFwRwY8dtXUf57tQ3wicjO5JwI5y4DvpOwgvXsd6Lva_QRSxA-orbu1IsGvsyAF2WND5Ej6vAONcamSZBePcRtneFh6OcfaoIGAdLoXFWph17MTr72u-9y76ekNUk2XaOP6TPFiwyM8eeDg4n0bCCmZqtMqc3LPRK6ieVa2_IT3rSDIM5TU-w==&v1=79&v2=72842
301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=qbIrBnoK8h0rEtoLVQevc7WzlEhVdhaKUMa5r2dMYQOc7zB-S57UO9RIyVfneN5FzgzI9_VgjOCHM15788hf5o3df5HT78JQupOx2brJ1S0_ax38HHE8nFO6zcJzd90_eXK8QmRgxFJH7Clfc52D9qhBebVWIoJ3O47JYAOKW9PRYI9gjpV-zqXHaqhy9yPXmmxOXi32tiCwxMyIN3kupUUofvlS-K-Mz4uJqgiobwgd5blJlpHdFZRDtvqHprw4rXyVHtFwRwY8dtXUf57tQ3wicjO5JwI5y4DvpOwgvXsd6Lva_QRSxA-orbu1IsGvsyAF2WND5Ej6vAONcamSZBePcRtneFh6OcfaoIGAdLoXFWph17MTr72u-9y76ekNUk2XaOP6TPFiwyM8eeDg4n0bCCmZqtMqc3LPRK6ieVa2_IT3rSDIM5TU-w==&v1=79&v2=72842
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=qbIrBnoK8h0rEtoLVQevc7WzlEhVdhaKUMa5r2dMYQOc7zB-S57UO9RIyVfneN5FzgzI9_VgjOCHM15788hf5o3df5HT78JQupOx2brJ1S0_ax38HHE8nFO6zcJzd90_eXK8QmRgxFJH7Clfc52D9qhBebVWIoJ3O47JYAOKW9PRYI9gjpV-zqXHaqhy9yPXmmxOXi32tiCwxMyIN3kupUUofvlS-K-Mz4uJqgiobwgd5blJlpHdFZRDtvqHprw4rXyVHtFwRwY8dtXUf57tQ3wicjO5JwI5y4DvpOwgvXsd6Lva_QRSxA-orbu1IsGvsyAF2WND5Ej6vAONcamSZBePcRtneFh6OcfaoIGAdLoXFWph17MTr72u-9y76ekNUk2XaOP6TPFiwyM8eeDg4n0bCCmZqtMqc3LPRK6ieVa2_IT3rSDIM5TU-w==&v1=79&v2=72842 HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Mon, 06 Feb 2023 23:16:36 GMT
content-length: 0
location: https://img.vmmcdn.com/get/76989768/242509_icon.png
x-app-id: 11
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 88d804c93bf58a622484c1a7b70cc136
c2784925f090cdb36f8c893d602ca6dbbdb2dc0d
2b2d127e5fe846eb1c9739a41c35c6ff2613b771cfa67f426dca307eb007d0e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B2D127E5FE846EB1C9739A41C35C6FF2613B771CFA67F426DCA307EB007D0E3"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18816
Expires: Tue, 07 Feb 2023 04:30:12 GMT
Date: Mon, 06 Feb 2023 23:16:36 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=9ba64276-813d-4977-a955-7d95d71283b7&ts=1675725436278
200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=9ba64276-813d-4977-a955-7d95d71283b7&ts=1675725436278
IP
OPTIONS /x/b/?idx=0&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=9ba64276-813d-4977-a955-7d95d71283b7&ts=1675725436278 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: b63f263e-1058-4f05-b978-76f1b8e2c7f8
x-api-version: 0.44.11
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1188
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:30 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
IP
GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: f3yDhp+98K6KhUMOTfdAKok2u5e7yObDG8o3POys8MvyUrpZpqtpgKUA3GDEuLgQWAbCmVW0L0fL1QKattB9cg==
date: Mon, 06 Feb 2023 23:16:29 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6480
last-modified: Mon, 06 Feb 2023 21:28:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD1hNfsy8tpoUSVijOKJisf1d9MQeRxhcvdjLzpwE2PpXdAbsT2x8jB7QrM5fKSYxzzJjbOCnc7SZ8jlHAx1mh1ahSVQHvGrl967UPUWx6wzUomdOQY%2BNNrhmAsRAClj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795798031a7971d5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.adsco.re/
200 OK 0 B IP
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 09 Mar 2023 23:16:29 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 48477
vary: Accept-Encoding
server: cloudflare
cf-ray: 7957980508a1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&ts=1675725437213
200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&ts=1675725437213
IP
OPTIONS /x/b/?idx=0&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&ts=1675725437213 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:30 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: a53c963f-405c-435d-a025-01ed064747de
x-api-version: 0.44.11
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: text/plain
set-cookie: csu=295039536609120@1@1675725389; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VQ7HMKcLYwRHueuwxux7vlIsrIVRMpXJIY2aF2JFcWbhHuo%2BWCNNhLMMBMxexNF0v3VIyG1iQ5asPy%2FR9CZkuUheYj0VrYHO4q5vO6H8QPHYS13LddTebPeCCXDZjFu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795798032a8e71d5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.vmmcdn.com/get/76989768/242509_icon.png
200 OK 0 B URL HTTP/1.1 img.vmmcdn.com/get/76989768/242509_icon.png
IP
ASN #24940 Hetzner Online GmbH
GET /get/76989768/242509_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 06 Feb 2023 23:16:36 GMT
Content-Type: image/png
Content-Length: 81005
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 14:52:03 GMT
Cache-Control: public, max-age=604800
ETag: "63a46f13-13c6d"
X-Proxy-Cache: HIT
Accept-Ranges: bytes
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
200 OK 0 B URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Mon, 06 Feb 2023 23:12:53 GMT
cf-cache-status: HIT
expires: Mon, 06 Feb 2023 23:31:29 GMT
server: cloudflare
cf-ray: 795798031be2b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/sw.js
200 OK 0 B IP
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
200 OK 0 B URL HTTP/2 megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
IP
GET /18tpo/Hearts_Of_Iron_IV_v1.12.1.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04; expires=Tue, 07-Feb-2023 23:16:27 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1675725436007
200 OK 0 B URL HTTP/2 api.purpleads.io/x/init?ts=1675725436007
IP
OPTIONS /x/init?ts=1675725436007 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 7aa07afe-c3eb-47d9-80b7-005f46ed98de
x-api-version: 0.44.11
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6480
last-modified: Mon, 06 Feb 2023 21:28:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fFSft%2BRbsBZxJ2WLyHYvC2ymJXLFMp8dAXAUbPd3233qH%2FGYCY7iUaH32c0roBYUMiOS3TTqBz5fgWNPuw7lfX1rXzujWIuvmM3u4wthOVxhGxKViyso7u9%2BjRlg9DO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795798030a7071d5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&demand=unifiedPb&ts=1675725438209
200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&demand=unifiedPb&ts=1675725438209
IP
OPTIONS /x/b/?idx=1&pid=3ee766044b0c4e9bae93d5233c55311e&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=50721e08-51ae-43b7-b571-478e15d3306e&demand=unifiedPb&ts=1675725438209 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:31 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
x-request-id: 41b65a86-8d82-4ade-ab41-1857cad038ef
x-api-version: 0.44.11
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/18tpo/Hearts_Of_Iron_IV_v1.12.1.rar
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:27 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=i4lrf8vcfb0t6cpras7ek0nu04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 23:16:28 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
theharityhild.buzz/V004eFgsb0sPByI%2FVFpidSVMDCgkdxdXNTIqWQ0oeSNdDHckOhYSK3VhGgs1MW8CSXR1PlUOem1vDFZrdWEaDDkwElEcem1vAEtqYX4LWnR1Pk0aBz4pClpidSsAS2s0fQwadWEoCBp1YylaSHVueQBPdTF7XR09NChbGzs0KBoF
502 Bad Gateway 0 B URL HTTP/2 theharityhild.buzz/V004eFgsb0sPByI%2FVFpidSVMDCgkdxdXNTIqWQ0oeSNdDHckOhYSK3VhGgs1MW8CSXR1PlUOem1vDFZrdWEaDDkwElEcem1vAEtqYX4LWnR1Pk0aBz4pClpidSsAS2s0fQwadWEoCBp1YylaSHVueQBPdTF7XR09NChbGzs0KBoF
IP
GET /V004eFgsb0sPByI%2FVFpidSVMDCgkdxdXNTIqWQ0oeSNdDHckOhYSK3VhGgs1MW8CSXR1PlUOem1vDFZrdWEaDDkwElEcem1vAEtqYX4LWnR1Pk0aBz4pClpidSsAS2s0fQwadWEoCBp1YylaSHVueQBPdTF7XR09NChbGzs0KBoF HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: c2b183e3e0449180d4397932b8f520f6=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 06 Feb 2023 23:16:29 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6480
last-modified: Mon, 06 Feb 2023 21:28:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtD84T8xT%2BKwBuvX5YsJ9iKO0Hozo%2BUFHVrUu6bupOeWL%2Bes29xdDg4XEkRe9JuuEProMRJk8W148KHJUBBQ%2FUdc4jmqZMYmsjperkyBBC5bwHpiab85KNQWvZC7yrsu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795798031a7771d5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
91.209.70.182
172.67.74.36
147.75.85.234
188.114.97.1
104.16.158.17
2.18.172.187
3.124.245.248
185.200.116.90
157.240.205.35
93.184.220.29