megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
91.209.70.182301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
IP 91.209.70.182:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1cv43/Muse.Dash.v3.1_(3).rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 29 Mar 2023 13:38:51 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12351
Expires: Wed, 29 Mar 2023 17:04:42 GMT
Date: Wed, 29 Mar 2023 13:38:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7374
Expires: Wed, 29 Mar 2023 15:41:45 GMT
Date: Wed, 29 Mar 2023 13:38:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 13:28:09 GMT
content-type: application/json
age: 642
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6834
Expires: Wed, 29 Mar 2023 15:32:45 GMT
Date: Wed, 29 Mar 2023 13:38:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pai+W370tJCdqVoEIR7sqcUxnlxCLqVh/rokuzBt+2wXUS2THxcd8jPSEF2E8OlTxnrusvUn4VD3mdZTppLD/Q==
x-amz-request-id: AP6XVY4SQYDBVBPS
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 12:56:38 GMT
age: 2534
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2fdd88c5328a20e99bd682e34b8c0173
a6415caf042550cb51822e482d1f5b9178938ea3
f15a1244d7acc3b892df1a3ea767c24ce5f661e2e623fedc25ade8c7094c8af6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:52 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 23:25:48 GMT
Expires: Mon, 03 Apr 2023 23:25:47 GMT
Etag: "a6415caf042550cb51822e482d1f5b9178938ea3"
Cache-Control: max-age=466614,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af884037ea00b39-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
91.209.70.182200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP 91.209.70.182:0
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
91.209.70.182200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP 91.209.70.182:0
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
91.209.70.182200 OK 2.8 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP 91.209.70.182:0
Hash 8b8fde8eec1b16ec57833fcdd505d493
f9ad725e34e9c01b1cbf76aceaf29c31d9bb6960
30ad534afc055dfccfa1db96f2800dfae58ee8f7c3e159c45e7d711992c241c1
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
91.209.70.182200 OK 109 kB URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (840)
Size 109 kB (108993 bytes)
Hash 839013fd2c76292f2ccdb8ca48cb329e
96407751e7c669eddd01b33ae94b4fce5eac2d6f
d7932f4b8bdff7fa350387b72be2e1837c7b7b0a08144d5f9a0809e6aed32e6b
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:38:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 30-Mar-2023 13:38:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Thu, 30-Mar-2023 13:38:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
www.googletagmanager.com/gtag/js?id=UA-108868042-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash eb2e89b569742c34893eb09cc52b5e26
8be0bd7405f71448c57b3b8e8279c2f3425e4ddf
797bd69d016af6147fcdcf5a996246c9eab96f0fb7fd1ea6dab962210e7c1752
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Mar 2023 13:38:52 GMT
expires: Wed, 29 Mar 2023 13:38:52 GMT
cache-control: private, max-age=900
last-modified: Wed, 29 Mar 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44841
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
91.209.70.182200 OK 40 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (464), with CRLF line terminators
Hash 7d698a8bcc1ea495c196acaca70ac622
6fa2ed9156e98a516afc805674d3ad7c8bb59da8
2df1c235f992379fe8b9d3d02ea1fc4ce2a194b618ea3023629c413c6eb1718a
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
91.209.70.182200 OK 2.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP 91.209.70.182:0
File type ASCII text, with CRLF line terminators
Hash 7aae1706246af490f979f761dc9baf93
c1a75b5bc8d30701eef416758452f7262e519389
0aa0d6e2fda5e690af5b528f5d68e2a9ad6a33cdc14b1a0bc3a640f314eb87a4
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:38:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 30-Mar-2023 13:38:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Thu, 30-Mar-2023 13:38:52 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e10c0c62a68346a599a245ad2d85fbbe
a79383efdb28292b6e2112da2344915a97eb7888
b239a83a0672895d5960617bba31f4404a4c103eec12d4e975aaf51204e1f953
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:38:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Last-Modified, Expires, ETag, Cache-Control, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 13:14:36 GMT
age: 1456
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
91.209.70.182200 OK 61 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP 91.209.70.182:0
File type ASCII text, with very long lines (23470)
Hash 5a62a068c46c7425a62e3b342301b49b
443c29a74a75fb696d1d704a2b497b258e05896c
b28accb0d454d9879da04c2852de9a2314bbe001e66249549e28c8ca18f3ae95
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
91.209.70.182200 OK 33 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP 91.209.70.182:0
Hash 927f2e108f3d6be1f1ee97c9d1f9c872
7d832cdb8203b199bac21b6fa0035846656e7ab6
d6fae238833dcf977dcb032f1d34b167ea1a35e13d53e9544bee4caa4ce04c14
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
91.209.70.182200 OK 21 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
54.230.245.57200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP 54.230.245.57:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 189 kB (188667 bytes)
Hash b9472a048d306881d3fb15f985d8c330
45afe5af87161c5aaf0e48b103a00a97d3a4ae3a
ef98d9598032604e7f65a38d3a3b11131e5b9936cf2a9209341c19afd1740e97
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188667
date: Wed, 29 Mar 2023 13:38:52 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kOAHDVwtuHYUSWKtLDFJ1WmljaaFSFbQL4feYRzwaswJJAG31pDD8g==
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.25.208.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.25.208.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6fFQqkM2Rd6u5one4jrQhA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fts3qYMhLCuJS0kEs2qh78Pkq9g=
obrightsapphir.com/VEZVeUR7eTYKeRsOFzoKOi0UKAwnBQYoBhwiBEwKFQMPTwA/KXMNLTB7Yk91ZX5jXzQ9ImhIYicyNA0xJ3tkXy06IDpEYiJ7ZFd3YGhmS2pmYCBEdXIyJRgjaXdzCTAgKmhIcmx2ZUBzZXNjS3Zj
104.21.60.187204 No Content 0 B URL HTTP/2 obrightsapphir.com/VEZVeUR7eTYKeRsOFzoKOi0UKAwnBQYoBhwiBEwKFQMPTwA/KXMNLTB7Yk91ZX5jXzQ9ImhIYicyNA0xJ3tkXy06IDpEYiJ7ZFd3YGhmS2pmYCBEdXIyJRgjaXdzCTAgKmhIcmx2ZUBzZXNjS3Zj
IP 104.21.60.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VEZVeUR7eTYKeRsOFzoKOi0UKAwnBQYoBhwiBEwKFQMPTwA/KXMNLTB7Yk91ZX5jXzQ9ImhIYicyNA0xJ3tkXy06IDpEYiJ7ZFd3YGhmS2pmYCBEdXIyJRgjaXdzCTAgKmhIcmx2ZUBzZXNjS3Zj HTTP/1.1
Host: obrightsapphir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zfbu6%2B1zYlDFu1aW3h8xqN50bvEPrRkRzn69OD0XnPKSIgx7T3vQixqikEoMQuOD9IoPGZURQaJEGNeTY5xaS1%2BOdtkOlOtq5aFi2%2FrAchH4XWedpBGAGviXq173PqFoE8o6IcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840a1bf4b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
obrightsapphir.com/Q3hwUkZsRxMhexQvBB8LFDYXCnUSMiU/ACIeFz4kIhQ+ZwQFC1YmLydFSGBzeklBdDYqHE1hdGULBDMyNgtNYHZzT1Y7KCUXTWBgNUVAfH9tSV5nYDZFQXQyMxkXb3dlCAQmKn5JRmp2c0FHY3N1Skdh
104.21.60.187204 No Content 0 B URL HTTP/2 obrightsapphir.com/Q3hwUkZsRxMhexQvBB8LFDYXCnUSMiU/ACIeFz4kIhQ+ZwQFC1YmLydFSGBzeklBdDYqHE1hdGULBDMyNgtNYHZzT1Y7KCUXTWBgNUVAfH9tSV5nYDZFQXQyMxkXb3dlCAQmKn5JRmp2c0FHY3N1Skdh
IP 104.21.60.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Q3hwUkZsRxMhexQvBB8LFDYXCnUSMiU/ACIeFz4kIhQ+ZwQFC1YmLydFSGBzeklBdDYqHE1hdGULBDMyNgtNYHZzT1Y7KCUXTWBgNUVAfH9tSV5nYDZFQXQyMxkXb3dlCAQmKn5JRmp2c0FHY3N1Skdh HTTP/1.1
Host: obrightsapphir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYbAuMQru5kH2q2Ivk%2BPFxFAdB%2BxHuuD64EM6O%2FajhA0V8zLNQbKUGAmYzKd8e7OzXd4mscJMFWFzK0Zg%2BWPAoMqBS4F1SznwEGQULOaNqHzi52DAlCdnTQslbHBW5RuSCqku7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840a2c09b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
obrightsapphir.com/R1ZSZEdoaTEXehECOh0TLQQhIAI3ZBAzdw0HGj0KHTEQLCIwIXQQLiNralZyfmdjQjcuMm9XdWElJgUzMiVvVWEuODQLemEgb1RpfnhjSnJhI29VYTMmMwN6dnAiEDMra2NSf3dma1N2cmBgU3c
104.21.60.187204 No Content 0 B URL HTTP/2 obrightsapphir.com/R1ZSZEdoaTEXehECOh0TLQQhIAI3ZBAzdw0HGj0KHTEQLCIwIXQQLiNralZyfmdjQjcuMm9XdWElJgUzMiVvVWEuODQLemEgb1RpfnhjSnJhI29VYTMmMwN6dnAiEDMra2NSf3dma1N2cmBgU3c
IP 104.21.60.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /R1ZSZEdoaTEXehECOh0TLQQhIAI3ZBAzdw0HGj0KHTEQLCIwIXQQLiNralZyfmdjQjcuMm9XdWElJgUzMiVvVWEuODQLemEgb1RpfnhjSnJhI29VYTMmMwN6dnAiEDMra2NSf3dma1N2cmBgU3c HTTP/1.1
Host: obrightsapphir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10xgFN%2BMq4D2C2rjEC8KtMhI0UdVZ9bHY7SYi1g98bD321llIpzP44Ccd1xUqiKT2xHoo6onmLxExl2scIyPRpkuRIN8Ke%2Fbou5nsj7QosTxosOSbxOe9ZGoB%2BgI1R8zdnCdOnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840a2c05b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
obrightsapphir.com/MUl6TWUedhk+WFMiQn83eRsbKRJVcSghVBR7OAxWawwiBTx3LUp9Q0UgHnBdBn9JfF0XORMpWANwXD4RUD0PPlgAbxMjA150XDtYAGdKY1MBZ0lrEAx4XDkVUC5HfENBPQ4hWAB/Qn1VCH5LeFMDcUI
104.21.60.187204 No Content 0 B URL HTTP/2 obrightsapphir.com/MUl6TWUedhk+WFMiQn83eRsbKRJVcSghVBR7OAxWawwiBTx3LUp9Q0UgHnBdBn9JfF0XORMpWANwXD4RUD0PPlgAbxMjA150XDtYAGdKY1MBZ0lrEAx4XDkVUC5HfENBPQ4hWAB/Qn1VCH5LeFMDcUI
IP 104.21.60.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MUl6TWUedhk+WFMiQn83eRsbKRJVcSghVBR7OAxWawwiBTx3LUp9Q0UgHnBdBn9JfF0XORMpWANwXD4RUD0PPlgAbxMjA150XDtYAGdKY1MBZ0lrEAx4XDkVUC5HfENBPQ4hWAB/Qn1VCH5LeFMDcUI HTTP/1.1
Host: obrightsapphir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4R7hXOTN7q03ymadfGwa%2Bvu02dtE5pYvGIu4Z6XbkcAkCY0uBOSd4xuYwomXHBkKntvA386iSrOXysxFnauWQSSAe41Qg8NC8SeYW7%2FhbTGKyn2aARR93bSSSR%2FSdicfFobztuI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840a3c34b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
23.109.248.184200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP 23.109.248.184:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:38:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
hegazedatthewo.com/MHAwcEtRElMddFFNUlY+QhwNVXl2VQI2L10dShstVEgCBypJHh4TJ18FVBY5Xx5EXiVVBBVCDVEUdBQCZB1TKBxzKV8nCnIVfDgFYSFXKn5UHHYjE2QDWDMaYTt/MSR5NF1AP3xBdTYfAkQGOBlxO1U3LHw2Zhs9U0B1IhxjBEomJ3onfDMzUSFyNXNgF1cWCFpEBDEzehR8CTx0MnVJPn8HajocWRMANCNYEnsnP2Y9VzomVht6NwkCMQU0I0AkegogZSVhJn95Mn4iCWgYFUINZkFfOCloQFwlGmZEfyF/UTFoCDlmNGkjLl5EViEsfgRWIx1iMmhdLAg1ZjUOcygJKBpiHAQqe3o3cglzQjJySRJSKEcYGVcUBRYnVDZyQydCJmUiGXkkRzMOXBdHEXplCXIeIwcjZSEZYCh+J21aA18eOw0AdB8xahVRRjpI
108.157.214.53200 OK 1.2 kB URL HTTP/2 hegazedatthewo.com/MHAwcEtRElMddFFNUlY+QhwNVXl2VQI2L10dShstVEgCBypJHh4TJ18FVBY5Xx5EXiVVBBVCDVEUdBQCZB1TKBxzKV8nCnIVfDgFYSFXKn5UHHYjE2QDWDMaYTt/MSR5NF1AP3xBdTYfAkQGOBlxO1U3LHw2Zhs9U0B1IhxjBEomJ3onfDMzUSFyNXNgF1cWCFpEBDEzehR8CTx0MnVJPn8HajocWRMANCNYEnsnP2Y9VzomVht6NwkCMQU0I0AkegogZSVhJn95Mn4iCWgYFUINZkFfOCloQFwlGmZEfyF/UTFoCDlmNGkjLl5EViEsfgRWIx1iMmhdLAg1ZjUOcygJKBpiHAQqe3o3cglzQjJySRJSKEcYGVcUBRYnVDZyQydCJmUiGXkkRzMOXBdHEXplCXIeIwcjZSEZYCh+J21aA18eOw0AdB8xahVRRjpI
IP 108.157.214.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3036), with no line terminators
Hash bfba1ba2d537a7f7c6ccda43194045be
d673c9ff7807e1ebffc11e456913d08cb82ace3c
1813c7d218e740ef9f97ce09cfa957b0565f594504ad6d05e87df36c99284fdb
GET /MHAwcEtRElMddFFNUlY+QhwNVXl2VQI2L10dShstVEgCBypJHh4TJ18FVBY5Xx5EXiVVBBVCDVEUdBQCZB1TKBxzKV8nCnIVfDgFYSFXKn5UHHYjE2QDWDMaYTt/MSR5NF1AP3xBdTYfAkQGOBlxO1U3LHw2Zhs9U0B1IhxjBEomJ3onfDMzUSFyNXNgF1cWCFpEBDEzehR8CTx0MnVJPn8HajocWRMANCNYEnsnP2Y9VzomVht6NwkCMQU0I0AkegogZSVhJn95Mn4iCWgYFUINZkFfOCloQFwlGmZEfyF/UTFoCDlmNGkjLl5EViEsfgRWIx1iMmhdLAg1ZjUOcygJKBpiHAQqe3o3cglzQjJySRJSKEcYGVcUBRYnVDZyQydCJmUiGXkkRzMOXBdHEXplCXIeIwcjZSEZYCh+J21aA18eOw0AdB8xahVRRjpI HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1188
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: cIh5-nxjH8DT9BPywaBrXOsPvV63N7gi01RARFdlsE1dW7ttAgcdvQ==
X-Firefox-Spdy: h2
hegazedatthewo.com/WUNQZm04ITMLUjh+MkAYKy9tQ18fZmIgCTQuKg0LPXtiEQwgLX4FATY2NAAfNi0kSAM8N3VUKw0iGDQEC3I3KiouNDg8FS4nEggdPhQ7IA89LjwpJTEGPygFMQkWMl0oCxInGzorEQ8qCA4XBDwLEBYMXWEVBTQoEjk7IShoejg2PAAbCFU3fHESJT8YAjULFRYCEi8CFHIFJCkaDmkiBWkOGQwVFgIBKFsXEjMpLiAwYCU7HxIRMVweERUCXDgGESIuIChoJBoUEQkLHQAEODwEOC84IDg0Lz8yODokCQsdAAInFR07Lyg0OAgVaTEGCCIzMRUXESlLLzAiPAEqHwQaFCYMFQMFAwMaCDMJaCIRXj8YECdVOQwaOwI6MRkCICdrIhYKPwwLM0NfGwIBPyUQFzM3OA8CEgc7MQEELgl8cRIuODUXdgweNi0gWxojMSQCIGwLGgsMGHY8
108.157.214.53200 OK 1.2 kB URL HTTP/2 hegazedatthewo.com/WUNQZm04ITMLUjh+MkAYKy9tQ18fZmIgCTQuKg0LPXtiEQwgLX4FATY2NAAfNi0kSAM8N3VUKw0iGDQEC3I3KiouNDg8FS4nEggdPhQ7IA89LjwpJTEGPygFMQkWMl0oCxInGzorEQ8qCA4XBDwLEBYMXWEVBTQoEjk7IShoejg2PAAbCFU3fHESJT8YAjULFRYCEi8CFHIFJCkaDmkiBWkOGQwVFgIBKFsXEjMpLiAwYCU7HxIRMVweERUCXDgGESIuIChoJBoUEQkLHQAEODwEOC84IDg0Lz8yODokCQsdAAInFR07Lyg0OAgVaTEGCCIzMRUXESlLLzAiPAEqHwQaFCYMFQMFAwMaCDMJaCIRXj8YECdVOQwaOwI6MRkCICdrIhYKPwwLM0NfGwIBPyUQFzM3OA8CEgc7MQEELgl8cRIuODUXdgweNi0gWxojMSQCIGwLGgsMGHY8
IP 108.157.214.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Hash fb8ba0f89947277f32934a4aa534a562
d20292f535537fc7691eae45d7547726dd54320e
10ce4d545cc35817f46656634f6fdd546612f7bb654eceba32c9a37f00ff425d
GET /WUNQZm04ITMLUjh+MkAYKy9tQ18fZmIgCTQuKg0LPXtiEQwgLX4FATY2NAAfNi0kSAM8N3VUKw0iGDQEC3I3KiouNDg8FS4nEggdPhQ7IA89LjwpJTEGPygFMQkWMl0oCxInGzorEQ8qCA4XBDwLEBYMXWEVBTQoEjk7IShoejg2PAAbCFU3fHESJT8YAjULFRYCEi8CFHIFJCkaDmkiBWkOGQwVFgIBKFsXEjMpLiAwYCU7HxIRMVweERUCXDgGESIuIChoJBoUEQkLHQAEODwEOC84IDg0Lz8yODokCQsdAAInFR07Lyg0OAgVaTEGCCIzMRUXESlLLzAiPAEqHwQaFCYMFQMFAwMaCDMJaCIRXj8YECdVOQwaOwI6MRkCICdrIhYKPwwLM0NfGwIBPyUQFzM3OA8CEgc7MQEELgl8cRIuODUXdgweNi0gWxojMSQCIGwLGgsMGHY8 HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1193
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: s6h-yCj5l-gm8XXzvimYMKiKRWtxt1NIMsg0Bz86r6wr9H4AEyayyA==
X-Firefox-Spdy: h2
hegazedatthewo.com/TWpOS1YsCC0maSxXLG0jPwZzbmQLT3wNMiAHNCAwKVJ8PDc0BGAoOiIfKi0kIgQ6ZTgoHmt5EAAIfDsHAD4LBhQZXxYPPj4uAAohBz0IMzwMKyIBFw4kKxMudDIFDWd5JDkOZy4GHy4CDjgCHQAHCyonZxwrH3oiC1sfCRUaWg8NIXklAywhCzkcfzEVBj4YHg4wGB0hGCQDJwAPLH48OhgrOQgUHhoXEwcAJioaGH49JRkxCysALQckDhcTIT4sBHsfGDIYJHN/KBwZBCk9Iw4UBVt3Gw9+JxsTACIEGQ1vFzIgHhUuWj4SDwgBBhxmdAAtMwQpPSdmHAUsCDwkFDsLDgcbGnsNFwMMCh8AHj0pCQYUBC0PDnweKQoHDwwZeAMJKx8gEgQGHBMXDyB/CmUpDxkmAysrGyAwLzsPbTw+BSA7azUGBxM9KCkrOg
108.157.214.53200 OK 1.2 kB URL HTTP/2 hegazedatthewo.com/TWpOS1YsCC0maSxXLG0jPwZzbmQLT3wNMiAHNCAwKVJ8PDc0BGAoOiIfKi0kIgQ6ZTgoHmt5EAAIfDsHAD4LBhQZXxYPPj4uAAohBz0IMzwMKyIBFw4kKxMudDIFDWd5JDkOZy4GHy4CDjgCHQAHCyonZxwrH3oiC1sfCRUaWg8NIXklAywhCzkcfzEVBj4YHg4wGB0hGCQDJwAPLH48OhgrOQgUHhoXEwcAJioaGH49JRkxCysALQckDhcTIT4sBHsfGDIYJHN/KBwZBCk9Iw4UBVt3Gw9+JxsTACIEGQ1vFzIgHhUuWj4SDwgBBhxmdAAtMwQpPSdmHAUsCDwkFDsLDgcbGnsNFwMMCh8AHj0pCQYUBC0PDnweKQoHDwwZeAMJKx8gEgQGHBMXDyB/CmUpDxkmAysrGyAwLzsPbTw+BSA7azUGBxM9KCkrOg
IP 108.157.214.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with no line terminators
Hash 215d67135932eaf094abc07c887ee6a0
0d7e6fc09d7108023f9d7efa3f3831395454b8a1
408055181082fb4fedcf95dbd9214c784b1164b561efc1fd5d9c40f6b5db7a53
GET /TWpOS1YsCC0maSxXLG0jPwZzbmQLT3wNMiAHNCAwKVJ8PDc0BGAoOiIfKi0kIgQ6ZTgoHmt5EAAIfDsHAD4LBhQZXxYPPj4uAAohBz0IMzwMKyIBFw4kKxMudDIFDWd5JDkOZy4GHy4CDjgCHQAHCyonZxwrH3oiC1sfCRUaWg8NIXklAywhCzkcfzEVBj4YHg4wGB0hGCQDJwAPLH48OhgrOQgUHhoXEwcAJioaGH49JRkxCysALQckDhcTIT4sBHsfGDIYJHN/KBwZBCk9Iw4UBVt3Gw9+JxsTACIEGQ1vFzIgHhUuWj4SDwgBBhxmdAAtMwQpPSdmHAUsCDwkFDsLDgcbGnsNFwMMCh8AHj0pCQYUBC0PDnweKQoHDwwZeAMJKx8gEgQGHBMXDyB/CmUpDxkmAysrGyAwLzsPbTw+BSA7azUGBxM9KCkrOg HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: -g6J2wDbF658Xdl3d-Agv-9MpVvLL2qjb4kWMf-Xvh-mQJyxM8GDPA==
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
142.91.159.115200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP 142.91.159.115:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:38:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
hegazedatthewo.com/a1ZhYmQKNAIPWwprA0QRGTpcR1Ytc1MkAAY7GwkCD25TFQUSOE8BCAQjBQQWBDgVTAoOIkRQIlI3URY0OTgkKy4oEwY2DFM/KlEQIg5SKFcIEzcsLT8hESocH2QjNikNHgZSAyICAgstHGdRLTdaIi4YEz0ADxYUID4gJCgjHAYkJT45AgwAMxUIWhAOZjcsNAJjViolOi4rCwsPFQxXXSoTMyQBWSZRMzEmbisLAz0UJRVcMmYvAC4/IgszVR9gB1AMKQIPBSoyZi8ANCgPDjBVUiMHIzY+ATkRVwgTNy0BKmcLM1UYYy41KigdDxJBWRACU10JDwxPFFsHMBURJxVRBzAFPSsGIS03BFFdWAc3EhENDjg6JQE9ECsmXwIDDFQqBycWQVkUODo+Mx4POEFZFEcIFwQ4EV8uHjgUJAsMECgKJlkeJw
108.157.214.53200 OK 1.2 kB URL HTTP/2 hegazedatthewo.com/a1ZhYmQKNAIPWwprA0QRGTpcR1Ytc1MkAAY7GwkCD25TFQUSOE8BCAQjBQQWBDgVTAoOIkRQIlI3URY0OTgkKy4oEwY2DFM/KlEQIg5SKFcIEzcsLT8hESocH2QjNikNHgZSAyICAgstHGdRLTdaIi4YEz0ADxYUID4gJCgjHAYkJT45AgwAMxUIWhAOZjcsNAJjViolOi4rCwsPFQxXXSoTMyQBWSZRMzEmbisLAz0UJRVcMmYvAC4/IgszVR9gB1AMKQIPBSoyZi8ANCgPDjBVUiMHIzY+ATkRVwgTNy0BKmcLM1UYYy41KigdDxJBWRACU10JDwxPFFsHMBURJxVRBzAFPSsGIS03BFFdWAc3EhENDjg6JQE9ECsmXwIDDFQqBycWQVkUODo+Mx4POEFZFEcIFwQ4EV8uHjgUJAsMECgKJlkeJw
IP 108.157.214.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 448f16cdcdd3cb8942305046764229fd
98aaf63175d0cbb8a817c0af6aa0780bad023e49
c86ea5d0007e3875a9d869b668b918fa01e90d3b0e74fb2376d96fe50a9aef15
GET /a1ZhYmQKNAIPWwprA0QRGTpcR1Ytc1MkAAY7GwkCD25TFQUSOE8BCAQjBQQWBDgVTAoOIkRQIlI3URY0OTgkKy4oEwY2DFM/KlEQIg5SKFcIEzcsLT8hESocH2QjNikNHgZSAyICAgstHGdRLTdaIi4YEz0ADxYUID4gJCgjHAYkJT45AgwAMxUIWhAOZjcsNAJjViolOi4rCwsPFQxXXSoTMyQBWSZRMzEmbisLAz0UJRVcMmYvAC4/IgszVR9gB1AMKQIPBSoyZi8ANCgPDjBVUiMHIzY+ATkRVwgTNy0BKmcLM1UYYy41KigdDxJBWRACU10JDwxPFFsHMBURJxVRBzAFPSsGIS03BFFdWAc3EhENDjg6JQE9ECsmXwIDDFQqBycWQVkUODo+Mx4POEFZFEcIFwQ4EV8uHjgUJAsMECgKJlkeJw HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1175
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7pjiimKnmd9dtqBTp510vaMV0tetTj1IzxpDokkIXYGUOM3Td0iDdQ==
X-Firefox-Spdy: h2
hegazedatthewo.com/c2c1ZUcSBVYIeBJaV0MyAQsIQHU1QgcjIx4KTw4hF18HEiYKCRsGKxwSUQM1HAlBSykWExBXARIqbSsLJAtvNg8wMg0EEiYGeVcjGyUFAXERClY9ACcABCoCNSh3HSQRJHY8HjQdY1EJMF4NLCwAP1EINwQ/ZywrIzBGPQEaMgAEMDExfg9zQyNwATM/Dm8AADs+RiwBJjF8MXdDMWQoPRUkezQTGj4EKQEUAX8fMwkmTzNiQSVRIh4mNm0RPjoxUgELCTJdNCspUlQPLzUxWwk2KRBzASJAXlkGdilSVAwBKi9tVDIQEHwdJR4PWDYSJUIHIyFBMU8zKV4LRC8CFzBQJzMdJmA/KxIJDTAWKxQMKHY6Pn8tfhgDBSNwElVsJxYdE0cGMD0jeTEKGDF3MCw6CXghCSsXRDw/SiNXNn4BJnRDLQAIWxV6Pyp4XBIgJlYsABc
108.157.214.53200 OK 1.2 kB URL HTTP/2 hegazedatthewo.com/c2c1ZUcSBVYIeBJaV0MyAQsIQHU1QgcjIx4KTw4hF18HEiYKCRsGKxwSUQM1HAlBSykWExBXARIqbSsLJAtvNg8wMg0EEiYGeVcjGyUFAXERClY9ACcABCoCNSh3HSQRJHY8HjQdY1EJMF4NLCwAP1EINwQ/ZywrIzBGPQEaMgAEMDExfg9zQyNwATM/Dm8AADs+RiwBJjF8MXdDMWQoPRUkezQTGj4EKQEUAX8fMwkmTzNiQSVRIh4mNm0RPjoxUgELCTJdNCspUlQPLzUxWwk2KRBzASJAXlkGdilSVAwBKi9tVDIQEHwdJR4PWDYSJUIHIyFBMU8zKV4LRC8CFzBQJzMdJmA/KxIJDTAWKxQMKHY6Pn8tfhgDBSNwElVsJxYdE0cGMD0jeTEKGDF3MCw6CXghCSsXRDw/SiNXNn4BJnRDLQAIWxV6Pyp4XBIgJlYsABc
IP 108.157.214.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3039), with no line terminators
Hash 1d6ba7f13fa960db1b163a344cb152f1
33bc218af13a917f53b7fc1c1eb108895b96dc76
c991fe56b025c921dd90c0a60d644da63a37bb117d03d6d473f567073d959a71
GET /c2c1ZUcSBVYIeBJaV0MyAQsIQHU1QgcjIx4KTw4hF18HEiYKCRsGKxwSUQM1HAlBSykWExBXARIqbSsLJAtvNg8wMg0EEiYGeVcjGyUFAXERClY9ACcABCoCNSh3HSQRJHY8HjQdY1EJMF4NLCwAP1EINwQ/ZywrIzBGPQEaMgAEMDExfg9zQyNwATM/Dm8AADs+RiwBJjF8MXdDMWQoPRUkezQTGj4EKQEUAX8fMwkmTzNiQSVRIh4mNm0RPjoxUgELCTJdNCspUlQPLzUxWwk2KRBzASJAXlkGdilSVAwBKi9tVDIQEHwdJR4PWDYSJUIHIyFBMU8zKV4LRC8CFzBQJzMdJmA/KxIJDTAWKxQMKHY6Pn8tfhgDBSNwElVsJxYdE0cGMD0jeTEKGDF3MCw6CXghCSsXRDw/SiNXNn4BJnRDLQAIWxV6Pyp4XBIgJlYsABc HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1193
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ERPvQY031hhE_ReUwiS9FsBIB8X9ESqwh_aGvC_ZBQR8ytpBY_sWHw==
X-Firefox-Spdy: h2
obrightsapphir.com/dUN2VmVafBUlWCFxQwcGRytTZCMtLh4TPS0rEA8OBSUTEBEbEUdmQwEqEmtcQXpOYFFTMx8yWER7UCURFDcDJVhEZR84Axp+UCBYRG1GeFdbcFAjWERlAiYEEn5HcBUBNxprVEN7RmZcQnJDYFZFcQ
104.21.60.187204 No Content 0 B URL HTTP/2 obrightsapphir.com/dUN2VmVafBUlWCFxQwcGRytTZCMtLh4TPS0rEA8OBSUTEBEbEUdmQwEqEmtcQXpOYFFTMx8yWER7UCURFDcDJVhEZR84Axp+UCBYRG1GeFdbcFAjWERlAiYEEn5HcBUBNxprVEN7RmZcQnJDYFZFcQ
IP 104.21.60.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dUN2VmVafBUlWCFxQwcGRytTZCMtLh4TPS0rEA8OBSUTEBEbEUdmQwEqEmtcQXpOYFFTMx8yWER7UCURFDcDJVhEZR84Axp+UCBYRG1GeFdbcFAjWERlAiYEEn5HcBUBNxprVEN7RmZcQnJDYFZFcQ HTTP/1.1
Host: obrightsapphir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln5Qej%2F31IaKnRfNmrdy0%2FFPnx%2FCnBoRT1tMXx%2Bm0Scth3o%2BHjmvae8aZtPdSmMM5%2FNzp1yGWQfnaOhyYFrwqCB55CFtls1AiWdoV5xAgoAaE77twpMzANIsy0vDP%2Ff3GOiCD8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840aacd5b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
obrightsapphir.com/bVZMZVpCaS8WZz47PD0PAGNpVxw4ZA4MDTUYLz9oIw4pCWsBNyBVfBk/KFhtW2J9UWtLJiUBZ1xwPxE7GSM/WGtLPyIDNVBwOlhrQ2V4S2lfeH5DL1BnahEqDDFxVHwdIjgJZ1xgdFVqVGF9UGxeZ3s
104.21.60.187204 No Content 0 B URL HTTP/2 obrightsapphir.com/bVZMZVpCaS8WZz47PD0PAGNpVxw4ZA4MDTUYLz9oIw4pCWsBNyBVfBk/KFhtW2J9UWtLJiUBZ1xwPxE7GSM/WGtLPyIDNVBwOlhrQ2V4S2lfeH5DL1BnahEqDDFxVHwdIjgJZ1xgdFVqVGF9UGxeZ3s
IP 104.21.60.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bVZMZVpCaS8WZz47PD0PAGNpVxw4ZA4MDTUYLz9oIw4pCWsBNyBVfBk/KFhtW2J9UWtLJiUBZ1xwPxE7GSM/WGtLPyIDNVBwOlhrQ2V4S2lfeH5DL1BnahEqDDFxVHwdIjgJZ1xgdFVqVGF9UGxeZ3s HTTP/1.1
Host: obrightsapphir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHOTKdM9qNILKk7FzuS%2Bie9sR7ju2eJUiSYBuRWtMLoch29QCN37GjoJFR2Zk4ObkQ7wJwFf0zlAhVLVPZg%2F7n%2B8M%2Fw%2BApfApYHI686c4BsDfgnWxBlDFBOxCsardCc17rKLSG4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840abce1b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/adDdITmcXWCYoWABeLHNQQgZ5dlFSXTshCQQKOAoIDm0tL1EFT246HRAKeGgLFVkvc0ERWStzVlJWLCxaQBE8PggfCj44AxJdLywDBE9uOwZJWic0DhhbKWtVMgJmfkJGB2A5DhpTJzkUUQV4IBNRBXh/V1oHbX0lUQV4OQ4aAXxrVDYSen4fQgNtfSVRBX-g8EVEECX9XQRl4Z0JGBy8rBB9YbXwhRgd5fldFB3lrVURRITwCElgwa1UyBnh7SUQRPXNW
54.230.245.57200 OK 595 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/adDdITmcXWCYoWABeLHNQQgZ5dlFSXTshCQQKOAoIDm0tL1EFT246HRAKeGgLFVkvc0ERWStzVlJWLCxaQBE8PggfCj44AxJdLywDBE9uOwZJWic0DhhbKWtVMgJmfkJGB2A5DhpTJzkUUQV4IBNRBXh/V1oHbX0lUQV4OQ4aAXxrVDYSen4fQgNtfSVRBX-g8EVEECX9XQRl4Z0JGBy8rBB9YbXwhRgd5fldFB3lrVURRITwCElgwa1UyBnh7SUQRPXNW
IP 54.230.245.57:0
File type ASCII text, with very long lines (838), with no line terminators
Hash 97d7a135aabb79ceed1e21634baa0bb4
a9c51df5eec10001838c5db6651affc29aab07bd
1ce174a8182b834565e030b18c45610ef441ffe2ccdb1a7f67f1636e356d7657
GET /adDdITmcXWCYoWABeLHNQQgZ5dlFSXTshCQQKOAoIDm0tL1EFT246HRAKeGgLFVkvc0ERWStzVlJWLCxaQBE8PggfCj44AxJdLywDBE9uOwZJWic0DhhbKWtVMgJmfkJGB2A5DhpTJzkUUQV4IBNRBXh/V1oHbX0lUQV4OQ4aAXxrVDYSen4fQgNtfSVRBX-g8EVEECX9XQRl4Z0JGBy8rBB9YbXwhRgd5fldFB3lrVURRITwCElgwa1UyBnh7SUQRPXNW HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hegazedatthewo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 595
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WZ5jObxEVJNhmqFVzE7it4iTE4kMQjhJV926IOa3jXfhD78C8Du_FA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/TaHRiR1gLGwwhZxwdBnpgWkFbdmlOHhEoNhhJFT0qHBAvchAiGQMGbQRSFj08VUREKzkGE19hPQYXX3Z+CRAAemxOABIoM1UBDCM9Dh0MIjxOAQN6NQcOCys0CVFQAW1GREd1aEADCyk8BwMRYmpYGhZialhFUmloTUcgYmpYAwspblxRUQV9WkQacWxNRy-BialgGFGJrKUVScnZYXUd1aA8RASw3TUYkdWhZRFJ2aFlRUHc+AQYHITcQUVABaVhBTHd+HUlT
54.230.245.57200 OK 369 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/TaHRiR1gLGwwhZxwdBnpgWkFbdmlOHhEoNhhJFT0qHBAvchAiGQMGbQRSFj08VUREKzkGE19hPQYXX3Z+CRAAemxOABIoM1UBDCM9Dh0MIjxOAQN6NQcOCys0CVFQAW1GREd1aEADCyk8BwMRYmpYGhZialhFUmloTUcgYmpYAwspblxRUQV9WkQacWxNRy-BialgGFGJrKUVScnZYXUd1aA8RASw3TUYkdWhZRFJ2aFlRUHc+AQYHITcQUVABaVhBTHd+HUlT
IP 54.230.245.57:0
File type ASCII text, with very long lines (474), with no line terminators
Hash ea96efc75d496613e7a5ec36630d006a
af4272f43cfc096b7b744fc874fa35581e6b38b7
57d4a575f62e8dc17efb7aa476dc26aac5db90185dcffba881129a09d081446d
GET /TaHRiR1gLGwwhZxwdBnpgWkFbdmlOHhEoNhhJFT0qHBAvchAiGQMGbQRSFj08VUREKzkGE19hPQYXX3Z+CRAAemxOABIoM1UBDCM9Dh0MIjxOAQN6NQcOCys0CVFQAW1GREd1aEADCyk8BwMRYmpYGhZialhFUmloTUcgYmpYAwspblxRUQV9WkQacWxNRy-BialgGFGJrKUVScnZYXUd1aA8RASw3TUYkdWhZRFJ2aFlRUHc+AQYHITcQUVABaVhBTHd+HUlT HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hegazedatthewo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 369
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NkubNAPM_6kBNTCbxL797paCOTA3ozroIH-JuZfHuY46b8Y7ozjmWg==
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
104.26.3.107200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP 104.26.3.107:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Fri, 21 Apr 2023 07:19:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 618796
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTkPsCfoJ5vnfuTyTWQ6D5CKJeu4aKT35xZ8k%2B7kQZpsqyTv4wRc6%2ByBcslw0IJh8oANcyxC90i7mBbTgaEKmKP9TJCbICSHDbtHaDgssQ0x8xTDRw%2FZx9k3rid6eSyvkNPJnqnm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af8840c8cda1c0e-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fe041d86f94c0955b807d3b411c9fe1
83fb0b2adc624d0dd7562f3a6bfce55e11ccfce6
e4da5aa3c19c4ee5c4bb0324539228134b1c0bb178324c91633d9d3ecf210ff8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4DA5AA3C19C4EE5C4BB0324539228134B1C0BB178324C91633D9D3ECF210FF8"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17119
Expires: Wed, 29 Mar 2023 18:24:12 GMT
Date: Wed, 29 Mar 2023 13:38:53 GMT
Connection: keep-alive
cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
143.204.55.49200 OK 22 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 143.204.55.49:0
File type Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash d6217a2941571dc73d5be02e1e847e5e
fdbd752464252a89d3c63473c8b1bb5baae955b7
833217f89862142b73b2d116c4f7bc69d05e73ddfb6c3596a9e800ff58f252df
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 21595
date: Wed, 29 Mar 2023 11:40:38 GMT
last-modified: Wed, 29 Mar 2023 11:39:57 GMT
etag: "d6217a2941571dc73d5be02e1e847e5e"
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IxrhWbKqJcSgi0bl6NzaRPZ50dPwTCqOdDFcGcg0EY3LWQ-eedKkXA==
age: 7095
X-Firefox-Spdy: h2
a.exdynsrv.com/ad-provider.js
205.185.216.42200 OK 27 kB URL HTTP/1.1 a.exdynsrv.com/ad-provider.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (52886)
Hash caff325c3dedde56662118710021ba52
e8ac8e95435ebffc411a75ba572b492079db0903
2599a4794875f4b05a6e1166832a35356a2144b6f6edabdf4016206cac7490bc
GET /ad-provider.js HTTP/1.1
Host: a.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:53 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 26741
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"11f47ce07ddb24215f4f3a5ce34"
X-HW: 1680097133.dop067.sk1.t,1680097133.cds240.sk1.shn,1680097133.dop067.sk1.t,1680097133.cds246.sk1.c
Access-Control-Allow-Origin: *, *
ocsp.sectigo.com/
104.18.32.68200 OK 282 B IP 104.18.32.68:0
Hash d986f9507590f78cb7e62b4c0072268f
35d899ad0ed0d2d280d3fbe6d6def6774cc3ae7f
a05b3b8fba96a231b432c6f2918fd32283aca4d7f312e59949b1704e707f344d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:53 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 16:43:16 GMT
Expires: Sun, 02 Apr 2023 16:43:15 GMT
Etag: "35d899ad0ed0d2d280d3fbe6d6def6774cc3ae7f"
Cache-Control: max-age=356061,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7af8840c8fc30b39-OSL
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
91.209.70.182200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP 91.209.70.182:0
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/9a0tPRnEIJCEgTh8iK3tIX3J3cEVNITwpHxt2BTMfHg0gITciIw10OS1tOzwVVntpKhAFLHJgFAUocndXCi8te0VNPi57HAQxJiodCm59AERFe2p0QUM8JigVBDw8Y0NbJTtjQ1t6f2hBTngNY0NbPCYoR19ufARUWXs3cEVOeA1jQ1s5OWNCKnp/c19bYm-p0QQwuLC0eTnkJdEFae393QVpufXYXAjkqIB4Tbn0AQFt+YXZXHnZ+
54.230.245.57200 OK 193 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/9a0tPRnEIJCEgTh8iK3tIX3J3cEVNITwpHxt2BTMfHg0gITciIw10OS1tOzwVVntpKhAFLHJgFAUocndXCi8te0VNPi57HAQxJiodCm59AERFe2p0QUM8JigVBDw8Y0NbJTtjQ1t6f2hBTngNY0NbPCYoR19ufARUWXs3cEVOeA1jQ1s5OWNCKnp/c19bYm-p0QQwuLC0eTnkJdEFae393QVpufXYXAjkqIB4Tbn0AQFt+YXZXHnZ+
IP 54.230.245.57:0
File type ASCII text, with no line terminators
Hash dde353565ff54b0adc017d89db6cbc4d
1254cf1b5bdc671ed6bffdeafee4474f3ed39d25
1bcc6441158293ceb190472529defb5cb9c08b84fb90c20dfb41e5b760334d90
GET /9a0tPRnEIJCEgTh8iK3tIX3J3cEVNITwpHxt2BTMfHg0gITciIw10OS1tOzwVVntpKhAFLHJgFAUocndXCi8te0VNPi57HAQxJiodCm59AERFe2p0QUM8JigVBDw8Y0NbJTtjQ1t6f2hBTngNY0NbPCYoR19ufARUWXs3cEVOeA1jQ1s5OWNCKnp/c19bYm-p0QQwuLC0eTnkJdEFae393QVpufXYXAjkqIB4Tbn0AQFt+YXZXHnZ+ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hegazedatthewo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 193
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ISrTraK_7D49AZdznYao31t6itrGHZCNQYGzxoOVoVhnIRuwFd0kxA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/aMXNLWlZSHCU8aUUaL2dhB0d6bmcXGTg1OEFOBxcbCCYYGzV4NC98IksXdmpwXRIlPWsXFiU5awBVKj40DEdtLiZeGHYsIFUVIT00VQMzfCNQTiY1LFgfJztzAzV+dGYUQXtyIVgdLzUhQlZ5ajhFVnlqZwFde39lc1Z5aiFYHX1ucwIxbmhmSUV/f2VzVn-lqJEdWeBtnAUZlan8UQXs9M1IYJH9kd0F7a2YBQntrcwNDLTMkVBUkInMDNXpqYx9DbS9rAA
54.230.245.57200 OK 607 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/aMXNLWlZSHCU8aUUaL2dhB0d6bmcXGTg1OEFOBxcbCCYYGzV4NC98IksXdmpwXRIlPWsXFiU5awBVKj40DEdtLiZeGHYsIFUVIT00VQMzfCNQTiY1LFgfJztzAzV+dGYUQXtyIVgdLzUhQlZ5ajhFVnlqZwFde39lc1Z5aiFYHX1ucwIxbmhmSUV/f2VzVn-lqJEdWeBtnAUZlan8UQXs9M1IYJH9kd0F7a2YBQntrcwNDLTMkVBUkInMDNXpqYx9DbS9rAA
IP 54.230.245.57:0
File type ASCII text, with very long lines (835), with no line terminators
Hash 49393d7ecb842332bfc78f452208fa7d
e29708c44be1e973a835ef91df655601744cb6f3
ac13566138d8a33b7c1a0b251fe440bd0a885a5595a4b45f3caf40870ffdf0b6
GET /aMXNLWlZSHCU8aUUaL2dhB0d6bmcXGTg1OEFOBxcbCCYYGzV4NC98IksXdmpwXRIlPWsXFiU5awBVKj40DEdtLiZeGHYsIFUVIT00VQMzfCNQTiY1LFgfJztzAzV+dGYUQXtyIVgdLzUhQlZ5ajhFVnlqZwFde39lc1Z5aiFYHX1ucwIxbmhmSUV/f2VzVn-lqJEdWeBtnAUZlan8UQXs9M1IYJH9kd0F7a2YBQntrcwNDLTMkVBUkInMDNXpqYx9DbS9rAA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hegazedatthewo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 607
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LygYto5pXkA6lNCAMDhFtmrl1LP0R81Zi9aFCpz1TqhgkZ8wDXLIbQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/Mb2pQMTEMBT5XDhsDNAwJWFxjAAlJACNeXx9XKF14NwE1clQeTCRLVVJadl1QAQ1tF1QBCW0AFw4OMgwFSR4gXlpSHCZVVwUNMlVBF0wlUAwCBSpYXQMLdQN3WkRgFANfQidYXwsFJ0IUXVo+RRRdWmEBH19PY3MUXVonWF9ZXnUCc0pYYEkHW09jcxRdWi-JHFFwrYQEEQVp5FANfDTVSWgBPYncDX1tgAQBfW3UDAQkDIlRXABJ1A3deWmUfAUkfbQA
54.230.245.57200 OK 449 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/Mb2pQMTEMBT5XDhsDNAwJWFxjAAlJACNeXx9XKF14NwE1clQeTCRLVVJadl1QAQ1tF1QBCW0AFw4OMgwFSR4gXlpSHCZVVwUNMlVBF0wlUAwCBSpYXQMLdQN3WkRgFANfQidYXwsFJ0IUXVo+RRRdWmEBH19PY3MUXVonWF9ZXnUCc0pYYEkHW09jcxRdWi-JHFFwrYQEEQVp5FANfDTVSWgBPYncDX1tgAQBfW3UDAQkDIlRXABJ1A3deWmUfAUkfbQA
IP 54.230.245.57:0
File type ASCII text, with very long lines (589), with no line terminators
Hash 4af71be708b6045ef7a7dc4f349f91c9
d0daad8d1e3c0585a3ff43756cbc5abb9630945e
c309c33197086517eae4334e9eab4a6640e3c1c090f190e425fe2f308f678360
GET /Mb2pQMTEMBT5XDhsDNAwJWFxjAAlJACNeXx9XKF14NwE1clQeTCRLVVJadl1QAQ1tF1QBCW0AFw4OMgwFSR4gXlpSHCZVVwUNMlVBF0wlUAwCBSpYXQMLdQN3WkRgFANfQidYXwsFJ0IUXVo+RRRdWmEBH19PY3MUXVonWF9ZXnUCc0pYYEkHW09jcxRdWi-JHFFwrYQEEQVp5FANfDTVSWgBPYncDX1tgAQBfW3UDAQkDIlRXABJ1A3deWmUfAUkfbQA HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hegazedatthewo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 449
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FLdpye1ymKDCh6STHnS8KoVIoXH5Oi_qD0-paxtVhARUIEjfauAtdw==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=8546ed57464b480eb96806343804087e&p=28&g=NO&token=4a44335432&tbg=1680097133
104.26.3.107200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=8546ed57464b480eb96806343804087e&p=28&g=NO&token=4a44335432&tbg=1680097133
IP 104.26.3.107:0
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=8546ed57464b480eb96806343804087e&p=28&g=NO&token=4a44335432&tbg=1680097133 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZD6pqfYBNR75QHSnu3rIq2OB%2BBKKshvE1rF5fB4QZvNLL%2BT5b81NFcTL4Camk8ZI0e7EYuoDKQJ7N1BliXRp3gVeUra1uQf2avIC9KM463c6VMywaVduB7%2BjWcz%2BMqnoabU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840c9ce01c0e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a2bb5fb59a31f465d83b5b81591063a3
256dc5c585e6e3501a01da61505f12e30c9cde85
520ac0c6e4a1c901cf6bc09fbbb196ac735f082061766d97059c8ccf8173809a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 29 Mar 2023 12:05:11 GMT
expires: Wed, 29 Mar 2023 14:05:11 GMT
cache-control: public, max-age=7200
age: 5622
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f2ece3e5907870b283917a99cd1af151
12359d23a1436959aef66b98ada87bcb624232b6
d1611493613d9d6dd13b642f7579d831ccbb9d61015775dd635c9a0b7588a54d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2024
Cache-Control: max-age=114959
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:38:53 GMT
Etag: "64235594-1d7"
Expires: Thu, 30 Mar 2023 21:34:52 GMT
Last-Modified: Tue, 28 Mar 2023 21:01:08 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
91.209.70.182200 OK 750 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP 91.209.70.182:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f4d02eb8e9822a20c1bc657b1608e8f0
a18cc13ea5d6b2e519681b7a2b1520259afd4a22
d603e8bff2afbaae655e91109b21a5cd26e4787f9b783cddfc13874382e041a2
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
hegazedatthewo.com/utx?cb=IV87XIitpbAq&top=megaup.net&tid=761186
108.157.214.53204 No Content 0 B URL HTTP/2 hegazedatthewo.com/utx?cb=IV87XIitpbAq&top=megaup.net&tid=761186
IP 108.157.214.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=IV87XIitpbAq&top=megaup.net&tid=761186 HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 29 Mar 2023 13:39:53 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: cYW_rM4otSHuLvKV7IOAkOYuGeSULkZqiQiOeEPCEW9s-DFCsFHO5w==
X-Firefox-Spdy: h2
hegazedatthewo.com/utx?cb=fN4KIAUy3p4H&top=megaup.net&tid=825911
108.157.214.53204 No Content 0 B URL HTTP/2 hegazedatthewo.com/utx?cb=fN4KIAUy3p4H&top=megaup.net&tid=825911
IP 108.157.214.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=fN4KIAUy3p4H&top=megaup.net&tid=825911 HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 29 Mar 2023 13:39:53 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: eV1YaVlH_88a8LoLd_5KcolfvMU0cVYc8UEwn3nSamfkXe5gUNMdog==
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1747970020&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&ul=en-us&de=UTF-8&dt=Muse.Dash.v3.1%20(3).rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=153602330&gjid=743843541&cid=1996998183.1680097157&tid=UA-108868042-1&_gid=1699607248.1680097157&_r=1>m=457e33r0&jsscut=1&z=200134651
142.250.74.110200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1747970020&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&ul=en-us&de=UTF-8&dt=Muse.Dash.v3.1%20(3).rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=153602330&gjid=743843541&cid=1996998183.1680097157&tid=UA-108868042-1&_gid=1699607248.1680097157&_r=1>m=457e33r0&jsscut=1&z=200134651
IP 142.250.74.110:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j99&a=1747970020&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&ul=en-us&de=UTF-8&dt=Muse.Dash.v3.1%20(3).rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=153602330&gjid=743843541&cid=1996998183.1680097157&tid=UA-108868042-1&_gid=1699607248.1680097157&_r=1>m=457e33r0&jsscut=1&z=200134651 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Wed, 29 Mar 2023 13:38:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/
54.230.245.57200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP 54.230.245.57:0
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Wed, 29 Mar 2023 13:38:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N3d6blB_xPpZ4n0BLi3Hdg6gKXxCnLryfPcCrAduC-fQpm4iYl45sg==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
95.211.229.248200 OK 930 B URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1223), with no line terminators
Hash 0f598d4d41b4864ad60ba5ee13d36839
c0a515c98e3da5455487b57967e5eebf29512a9e
677c473817b9dc6fc58a11f9404f7d5017a343a5d5507ddf7a69d81ac6643e69
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 319
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:38:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264243f6dbde260.52976529432621325%22%3B%7D; expires=Fri, 28-Mar-2025 13:38:53 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 69d033c232e94b122a0b66e4733f1d57
dca98865e28271c9eafc7307850dbce5126c1a86
d80b57ddab8c2898af0939a454bb1296abd2f964c3bf3eaea2bab7c225d73490
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:38:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7SN4P_K57TeFl5cLYo9CErNmOp1qLgbEhDGMePOuqRVh8O7sHgerkKlZOWmlXcEsIqPoCsB7g
142.250.74.109302 Found 397 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7SN4P_K57TeFl5cLYo9CErNmOp1qLgbEhDGMePOuqRVh8O7sHgerkKlZOWmlXcEsIqPoCsB7g
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash a226122427d25b21458d9ba2467a4daa
26e244718443ebecc44ccc5962aa63f62b877794
f58e59bf34615835c9bc7399ff8326b06e871354ef07b5e988fb86bac39ce145
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7SN4P_K57TeFl5cLYo9CErNmOp1qLgbEhDGMePOuqRVh8O7sHgerkKlZOWmlXcEsIqPoCsB7g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Mar 2023 13:38:53 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-720946561%3A1680097133796147&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Q1Zu4s8WQpGm6q6baC5qPaWTol-LMe_DinnaY3ZIsYNc4-s2dfNVT_DPHTGTwMDfY_IbGUVQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-arrm7rTir5Lu95ni6Whr7A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:51CHvjSzQD7UYyEqILbwgZY4LFONSQ:36khGL1JImmPVqtq;Path=/;Expires=Fri, 28-Mar-2025 13:38:53 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hegazedatthewo.com/utx?cb=fcxA4y10dVzv&top=megaup.net&tid=876318
108.157.214.53204 No Content 0 B URL HTTP/2 hegazedatthewo.com/utx?cb=fcxA4y10dVzv&top=megaup.net&tid=876318
IP 108.157.214.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=fcxA4y10dVzv&top=megaup.net&tid=876318 HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 29 Mar 2023 13:39:53 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: hB-xgwYNz5Z6lCeFsL0FDGlp1GqSFJf5KtoeGwTZ0o6CoZUmqe3V6A==
X-Firefox-Spdy: h2
hegazedatthewo.com/utx?cb=0BNtN0Y5ziIc&top=megaup.net&tid=764141
108.157.214.53204 No Content 0 B URL HTTP/2 hegazedatthewo.com/utx?cb=0BNtN0Y5ziIc&top=megaup.net&tid=764141
IP 108.157.214.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=0BNtN0Y5ziIc&top=megaup.net&tid=764141 HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 29 Mar 2023 13:39:53 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: d0PMs11-BxVGDMxWn6bcCyt64rP0Rw9GQ_QY5aC5MkYRMQQs06c8hw==
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 3a3b89a33cb4cdaa987b7e83aca8e3ea
35dc8507e38e96f0218d3eae09027df9365eaa07
fa8a3c72d1f04e1833770194460f7f7fbc1c7ca1f00d25c02ef5ab7dc3a67263
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 29 Mar 2023 13:38:53 GMT
Last-Modified: Wed, 29 Mar 2023 12:19:17 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Vxv0gBa6SfR3HtyTN7eXVZBzh7nyWGi95QXTmT-uN5ntA3NRDQ-WSQ==
Age: 4776
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OWUoEUQy8ihfoprK8JfPtt4LiAV5vfjkIjjBCHd7XPTKYImSrVKJQG2CDxgPiZPWUjCFjYHQdJTmfnl/owo/1vX1/juf1wqxaSzBHwCvDvGqme3apmUmEbm4IpUeBVql00IgOTea+ZyMgrODb6+Ph0qE04KoJPd+vUtA1eoHrvlt1mmItiM3y1iTmWto02dLKElNg3on/38QNI0TsUP9r0MRNXTnIvXB2A49x+/o5z+SdfkM6BPqb7nugzcnTMqUCl21D0g3A7LXFkpKs+gu+nNngWAEAAA==
95.211.229.248200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OWUoEUQy8ihfoprK8JfPtt4LiAV5vfjkIjjBCHd7XPTKYImSrVKJQG2CDxgPiZPWUjCFjYHQdJTmfnl/owo/1vX1/juf1wqxaSzBHwCvDvGqme3apmUmEbm4IpUeBVql00IgOTea+ZyMgrODb6+Ph0qE04KoJPd+vUtA1eoHrvlt1mmItiM3y1iTmWto02dLKElNg3on/38QNI0TsUP9r0MRNXTnIvXB2A49x+/o5z+SdfkM6BPqb7nugzcnTMqUCl21D0g3A7LXFkpKs+gu+nNngWAEAAA==
IP 95.211.229.248:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OWUoEUQy8ihfoprK8JfPtt4LiAV5vfjkIjjBCHd7XPTKYImSrVKJQG2CDxgPiZPWUjCFjYHQdJTmfnl/owo/1vX1/juf1wqxaSzBHwCvDvGqme3apmUmEbm4IpUeBVql00IgOTea+ZyMgrODb6+Ph0qE04KoJPd+vUtA1eoHrvlt1mmItiM3y1iTmWto02dLKElNg3on/38QNI0TsUP9r0MRNXTnIvXB2A49x+/o5z+SdfkM6BPqb7nugzcnTMqUCl21D0g3A7LXFkpKs+gu+nNngWAEAAA== HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2264243f6dbde260.52976529432621325%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 13:38:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Fri, 28 Mar 2025 13:38:53 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
178.63.97.71200 OK 500 kB URL HTTP/2 static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
IP 178.63.97.71:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 500 kB (499628 bytes)
Hash e4eb2c4ec1794d4e05b77ec20607b881
4abdedcc14882e200a685cfd4240e69c60732aea
4f2c5f4d5efd47fd8d0fc9e0ceca3d637d907a682b748102378c2aa677395efe
GET /a-ads-banners/426618/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: image/gif
content-length: 499628
x-amz-id-2: AykguZHE7kR/IFv4yRMNiWoMTXOPcNP2Zjc7JDbpUcb5VD3RPx6t4ZUEZq/D3fdd4hZ5oltJs1Y=
x-amz-request-id: 3DD8PSHF7G5W525G
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 16:37:46 GMT
etag: "e4eb2c4ec1794d4e05b77ec20607b881"
cache-control: max-age=315360000
x-amz-version-id: aMmfct8jferkXctt.IjET.eVL2M61OoN
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 506 B IP 192.229.221.95:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8d06ac3ff7b5653c5268af6276b6b934
ebcbf68ef24dea7877af10383ce4474e949cb2fc
fefd5263c8dfac4585439f55c640c9ddfff6d7047bc43c3efdeac25d353c53f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6012
Cache-Control: max-age=118947
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:38:53 GMT
Etag: "64235594-1d7"
Expires: Thu, 30 Mar 2023 22:41:20 GMT
Last-Modified: Tue, 28 Mar 2023 21:01:08 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
s3t3d2y8.afcdn.net/library/622879/eb9fd02e92b480e76c8206413789f3977f753c0e.mp4
185.76.9.19206 Partial Content 110 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/622879/eb9fd02e92b480e76c8206413789f3977f753c0e.mp4
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 110 kB (109937 bytes)
Hash 027bef54f6afd3be8886b7aa5b3a3621
eb9fd02e92b480e76c8206413789f3977f753c0e
c06331d9999fe535c4617168ae423b97f51d6ec8d026e37d9e81609d0ec144f8
GET /library/622879/eb9fd02e92b480e76c8206413789f3977f753c0e.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Wed, 29 Mar 2023 13:38:54 GMT
content-type: video/mp4
content-length: 109937
last-modified: Sat, 27 Mar 2021 13:35:05 GMT
etag: "605f3489-1ad71"
expires: Tue, 24 Oct 2023 14:58:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCQ3h6Lv/kcWSAA
x-77-nzt-ray: c0a4cc287796b0386e3f2464863f4c01
x-accel-expires: @1702014301
x-cache: HIT
x-age: 9618833
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-109936/109937
X-Firefox-Spdy: h2
parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=IOwLfAcVpVav
54.230.111.111204 No Content 0 B URL HTTP/2 parrecleftne.xyz/utx?tid=832633&top=megaup.net&cb=IOwLfAcVpVav
IP 54.230.111.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=IOwLfAcVpVav HTTP/1.1
Host: parrecleftne.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:53 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 29 Mar 2023 13:39:53 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D0kTSVNCiWxtQ9VpP1l_uCfUJWfJIFfeeGxXrH38cCDUSyixZRxa7Q==
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 390
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1680097156795
34.196.72.114200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1680097156795
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1680097156795 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFjdjQzL011c2UuRGFzaC52My4xXygzKS5yYXI=
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:54 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
x-request-id: 0862e3a2-9f9b-48bd-864e-4991779910d2
x-api-version: 0.47.3
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 355
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
hegazedatthewo.com/multi?cs=bGkyWkhYUQNiel9YB2h4XlABaXE&abt=0&red=1&sm=76&k=download%20file%20muse%20dash&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=113.50737797956867&ref=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_EfVM=1680097157108&crc=1
108.157.214.53200 OK 1.6 kB URL HTTP/2 hegazedatthewo.com/multi?cs=bGkyWkhYUQNiel9YB2h4XlABaXE&abt=0&red=1&sm=76&k=download%20file%20muse%20dash&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=113.50737797956867&ref=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_EfVM=1680097157108&crc=1
IP 108.157.214.53:0
File type ASCII text, with very long lines (3287), with no line terminators
Hash 8caf498d5638b9ada30146aaa95cdf17
560f21a7e9eaf383fe1833d840a4a07e1093ae23
da255fe16aceb0fd2c08ccc458ae599a6f10cfce4b33d6db39eb433fb24cb24b
GET /multi?cs=bGkyWkhYUQNiel9YB2h4XlABaXE&abt=0&red=1&sm=76&k=download%20file%20muse%20dash&v=1.0.60.3&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=113.50737797956867&ref=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_EfVM=1680097157108&crc=1 HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1620
date: Wed, 29 Mar 2023 13:38:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=2ef20ce0-7727-43e4-9576-4b5a137e5991
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: PLFbPCx6nl6Udppi8Ay8ZXF_mtAgJmwJYM31vQMFPaHVc77Q12WpEw==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7; _ga=GA1.2.1996998183.1680097157; _gid=GA1.2.1699607248.1680097157; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:54 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
theharityhild.buzz/
54.162.51.18200 OK 0 B IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 366
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14074
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 13:38:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14074
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 13:38:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14074
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 13:38:54 GMT
Connection: keep-alive
hegazedatthewo.com/floater?cs=SWVxUlVwUUlqZHFUQ2ptel1EZ20&abt=0&red=1&sm=83&k=download%20file%20muse%20dash&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=113.50737797956867&ref=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_FjeF=1680097157106&crc=1
108.157.214.53200 OK 2.9 kB URL HTTP/2 hegazedatthewo.com/floater?cs=SWVxUlVwUUlqZHFUQ2ptel1EZ20&abt=0&red=1&sm=83&k=download%20file%20muse%20dash&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=113.50737797956867&ref=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_FjeF=1680097157106&crc=1
IP 108.157.214.53:0
Hash 3061116d31c2a6d1a23c3f9c8ba03429
06ab69e661e0b3be1275c9fca431badb42753337
a1cd5cd3410caabbf27a77b06943ee99ba602f33cec15aec50c6872eba665a5b
GET /floater?cs=SWVxUlVwUUlqZHFUQ2ptel1EZ20&abt=0&red=1&sm=83&k=download%20file%20muse%20dash&v=0.9.1.5&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=113.50737797956867&ref=https%3A%2F%2Fmegaup.net%2F1cv43%2FMuse.Dash.v3.1_(3).rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_FjeF=1680097157106&crc=1 HTTP/1.1
Host: hegazedatthewo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2917
date: Wed, 29 Mar 2023 13:38:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=2c6e2048-adec-4c5b-b98b-541f94ef7ae4
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 419f3eb3d74bedebbef6fc91b3f54a36.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: W7G0BYuiSd2LQK7Ym_g4bDCUvd_yVxYwuhVybRo3yqD-28OVtbaIvA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: FHONNj6M7I5oVTKAKYspq0ZAJMYohURXs5ufSL-r--zCSdjuSvrpSA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 56837
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 2LLHDcPZsSP1XPxH7agC7FhVwQQXfrWq3CEOSz0mBTjGykXxNQIq9Q==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:56:00 GMT
age: 56574
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:50:28 GMT
age: 56906
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8afbc872d18847aaed67054dbfc2d31b
6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b
65c2b5fe2a3df654cfed7e7721b2d8f08665a72bb358b4d6e30e7cba853336e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5414
x-amzn-requestid: b6795b2f-1460-4516-bac0-9148e9868fa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaYF5jIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ddb-42762e4f0aa5e6050f82d138;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:27 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: m58cZVJmakcZ1uuctpXkKhsB7_LGUZrxkCV5G8B17CYVYOl5QpjR1w==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 56837
etag: "6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 7.5 kB URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 088ee9246dd360ff8df1cfd861295d39
6e224650d4c0315d8218e2522fc9a0f1ca81799f
48ae55b65f6bb6f15580d28adc558b96086fb293fef375e7ab57944bf4301ae1
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Mar 2023 13:38:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7S3efQaRXN_oMKjNdnpxx0ySTOKPM5Sr2CYNdrHzLoaFgBjAxAeWorMUH12OhqSvyuhhQR3_w
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-zw6Y9q5-fRcKTkiIKCAIWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:d7IgFLNXNmHNrb9iHAAgfXfdJxkdRg:N9iV56Arx4fz6X9V; Expires=Fri, 28-Mar-2025 13:38:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: STLqzl2xjL7mJeo0QUqFzw7JVbcHbq26pB_O2PnGA-8IC_-4VSdI-Q==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 07:34:04 GMT
age: 21890
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
104.26.2.51200 OK 21 kB URL HTTP/2 cdn.prplads.com/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP 104.26.2.51:0
File type Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash 3856747d8db5dc210434e987c28e4bef
a7936ec9cb3ace2e5392b3d502f0c369ab5e0425
453100e4e787dba7a880c3f0cd63cbef4294164715aad37362032eb2c4fc1533
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:54 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"d6217a2941571dc73d5be02e1e847e5e"
last-modified: Wed, 29 Mar 2023 11:39:59 GMT
x-amz-id-2: mxwM9SEeFK9XLFUAgQUpHrd/ywKsdlS12zIGYrp+/kIuGc44AwBxWU5IjPj16SLl/qMUXCBDw9Y=
x-amz-request-id: 7FHHRPSZ0QDKBH5G
cache-control: max-age=86400
cf-cache-status: HIT
age: 7084
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RITXPIA75cfhlc3AxeLuw30w0LnqXKm%2B54ukiYUcN4bqiqckv%2FEGDxQ6g59XHXRXFJ76lO0LhyeL5ggepTiCRyZSCGZDqgiATIoBeSItMlBq%2BL6jkZD9XzkIlP5Jhp8YsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af88412a8c8b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c152cddfe31a89d99e0b675646a07188
c1d1e9ca24fb2339c0e9e4b8ffad4d8151b2604b
e1a300bb276b0edd32821c20ccd37a4fb0e32504827644d51560a4847db29dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1A300BB276B0EDD32821C20CCD37A4FB0E32504827644D51560A4847DB29DCE"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6752
Expires: Wed, 29 Mar 2023 15:31:26 GMT
Date: Wed, 29 Mar 2023 13:38:54 GMT
Connection: keep-alive
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
w8lrkq6zy1dz.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 w8lrkq6zy1dz.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: w8lrkq6zy1dz.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:54 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
api.purpleads.io/x/init?ts=1680097157718
34.196.72.114200 OK 87 B URL HTTP/2 api.purpleads.io/x/init?ts=1680097157718
IP 34.196.72.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1225a48532b67fd812920a47e3557ed4
ac910f9679bd805609435e4fa8970cdf74fa4b86
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
GET /x/init?ts=1680097157718 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFjdjQzL011c2UuRGFzaC52My4xXygzKS5yYXI=
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:54 GMT
content-type: application/json; charset=utf-8
content-length: 87
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
x-request-id: 947b3586-4cea-4ee9-ad3e-481277c4fc7f
x-api-version: 0.47.3
etag: W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e19e7ae3b7d1ffbcd7ab25777f91e0df
1e8290ce881dce150849c1863620e0c426bd30eb
e08227903eb1191994dcd343220e9e2dc48bb94946cb6c676630c24ae8ec7ae8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E08227903EB1191994DCD343220E9E2DC48BB94946CB6C676630C24AE8EC7AE8"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6796
Expires: Wed, 29 Mar 2023 15:32:11 GMT
Date: Wed, 29 Mar 2023 13:38:55 GMT
Connection: keep-alive
script.4dex.io/localstore.js
104.26.9.169200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 495810
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD%2BbstM0svNQP1jZM%2FvV3W8QEqM63Lpe9ssvQH97FfQMpAnWnoBcD1H%2F2P0SQ%2F%2BIJHMppMjTb80w154v6w7McVXw5X%2Bj8DPY7o0rxaia0zI1zQ9%2FFI1RGzH%2Fj8kG%2FAJn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7af884168e05b4f7-OSL
Content-Encoding: br
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1986
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7af88416be32067b-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f3db3accfba84ad9613969af076cf2c3
e8afa596b8861e2fa99b3f62dcaa8d5c3b8dfe54
37baee52cc4e215972511ddb6d9129a9f2d88855663198e07dd6e2a570ebb5ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37BAEE52CC4E215972511DDB6D9129A9F2D88855663198E07DD6E2A570EBB5BA"
Last-Modified: Mon, 27 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6899
Expires: Wed, 29 Mar 2023 15:33:54 GMT
Date: Wed, 29 Mar 2023 13:38:55 GMT
Connection: keep-alive
script.4dex.io/adagio.js
104.26.9.169200 OK 23 kB IP 104.26.9.169:0
File type ASCII text, with very long lines (65354)
Hash 0ffb2c9b6dd933ae18ab7dc729d58e69
bb88b2f3fc47452873348d1cdcb7ea3d4a2bbc10
0cd0e55fa43693dfe4b04a225bf7774eb3f66e232828f8d661547728475a12f2
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 1419647
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tvf6b38SgG2otqa8uvhyeUFtmi1BE4T53Xy7p18P%2B08M64vSPmwBFquUtH5Fz1tLQYgwz1T5rk4tQMXil9etqr2zRL7Xl4gUw7Co9v9wktIXhRyHrH3T%2BcnyZLPEFfpa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7af88416f8c1b512-OSL
Content-Encoding: br
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1408
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Wed, 29 Mar 2023 13:38:54 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="05eddbfa62d728e8"; Path=/; HttpOnly
X-Firefox-Spdy: h2
status.rapidssl.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash efeef6845ff74610b12686ee44e6a694
949ba23b607dd362ce630df50b2958c3c5d0505c
afa53a10fd6958c37de4a0d657652f7c8f2be213c550cfe6b7142b3f42fb7d0d
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 346
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 13:38:55 GMT
Last-Modified: Wed, 29 Mar 2023 13:33:09 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
w8lrkq6zy1dz.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 w8lrkq6zy1dz.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: w8lrkq6zy1dz.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:55 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 694
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:55 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ac8d9cdf223e611b7f8416c986c1b2e
22410c6eb7ebc2e9ea54618ec5aca74fa46dbeaa
ad997ef489632d7cf36a034a50b1926463ef042bfe9064156514903b90d0e4a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD997EF489632D7CF36A034A50B1926463EF042BFE9064156514903B90D0E4A7"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Wed, 29 Mar 2023 15:40:02 GMT
Date: Wed, 29 Mar 2023 13:38:55 GMT
Connection: keep-alive
adsco.re/p
162.252.214.5200 OK 132 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 555d757c8ee1bcc85ca5565ac94e6dcd
688823bc22fb1328a0dc5a3b46ec7121d168c991
a73eeca83eecbfa64eab59faf7b9478f22a920db34d8ae192da7fc0b9dc79a89
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Length: 1940
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
api.purpleads.io/x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=969ee302-826a-4478-86c8-c3501576b29e&demand=unifiedPb&ts=1680097158523
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=969ee302-826a-4478-86c8-c3501576b29e&demand=unifiedPb&ts=1680097158523
IP 34.196.72.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=969ee302-826a-4478-86c8-c3501576b29e&demand=unifiedPb&ts=1680097158523 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:55 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
w8lrkq6zy1dz.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 w8lrkq6zy1dz.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: w8lrkq6zy1dz.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 13:38:55 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
script.4dex.io/localstore.js
104.26.9.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Wed, 29 Mar 2023 13:38:56 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 495811
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iooyWKrA5w8P2O2yNdrjXElW3Lo2iecX2Q6HunFjNxs3iSutnB0JDamPOkmu2ZcY77ffDbXsKxKUWOwZpDVihbvmTMdNS6D6wj8%2BwZ3kMulDQlKxFKV%2FTDAPZWilmWkE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7af8841c1f9ab4f7-OSL
script.4dex.io/adagio.js
104.26.9.169304 Not Modified 0 B IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:17 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Wed, 29 Mar 2023 13:38:56 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 1419648
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FKfC0QecUljPmtxDp6eTDjj5Kn4yB2%2F7dSXDaaxhASWmJlAhEcr%2BPGzTPydXKheysOl1OSI0EwhI4xOU4P00H5IKrWkAwMqffmv%2B8Af5azvfhjdFuYQHsnD0OCbsx%2Fj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7af8841c38dab512-OSL
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1395
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Wed, 29 Mar 2023 13:38:55 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="05eddbfa62d728e8"; Path=/; HttpOnly
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114204 No Content 0 B IP 104.18.2.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2086
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7af8841c2a69067b-OSL
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 729
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:56 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&demand=unifiedPb&ts=1680097159393
34.196.72.114204 No Content 0 B URL HTTP/2 api.purpleads.io/x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&demand=unifiedPb&ts=1680097159393
IP 34.196.72.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&demand=unifiedPb&ts=1680097159393 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 3.0.1
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0LzFjdjQzL011c2UuRGFzaC52My4xXygzKS5yYXI=
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 29 Mar 2023 13:38:56 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-expose-headers: pa-user-id
x-request-id: f038cc2b-de93-462b-95d8-fc6879cbd240
x-api-version: 0.47.3
set-cookie: pa-user-id=90f494a7-cf8e-4ba1-bb04-c7d30da173ef; Domain=.purpleads.io; Path=/
pa-user-id: 90f494a7-cf8e-4ba1-bb04-c7d30da173ef
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 66ec03f062a9726679fff119fedad79d
f18f2e19ff1ed3d31634062dc195d6ec706dec84
3b7ac9ba3e2aad0c49e868468981d2904a850405900182361581206af8d71481
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B7AC9BA3E2AAD0C49E868468981D2904A850405900182361581206AF8D71481"
Last-Modified: Wed, 29 Mar 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19156
Expires: Wed, 29 Mar 2023 18:58:13 GMT
Date: Wed, 29 Mar 2023 13:38:57 GMT
Connection: keep-alive
imgspics.com/ie?v=4&c=5BlOf0TpDJO-aPa1CGglIbrLh4VoA0OCHQamA5s8ijbzrvYLTgQrBqGCVKUJ_mRjk8ZmeQEoxXODfpAr75HgCd5l5y0zEFjUkRzjzJliORgLQJqjerVMvQPYGsfFy3ZqyWHOJYkJGqd5nB94GQH0cnNIlNusqNhFulY0huEtDupO7u0XfvQVg4u25BrujEQ8TyBsjo4IpHkY5Qe-jaa6dj863f-N3CAW1qB9Z9PO6YPC-b1tq6_Mpn1jLfsRFeCxq-csdQ8x00oP65SmHjRVzjyrlzi2wnqTS2qFhWYrU2gN2kmasu49DpqLshf3WL3TIYEJEk46j-PPvX1xaL3sqesRScUkuzyjSASTZ03GKwbZQcyb2sb7GTF0E1nfAa3S8Ty4Rk7FEipX-xHWOYrf5kUgJzTl8mJlUB2Grq6_Qg==&v1=79&v2=68678
157.90.94.146301 Moved Permanently 0 B URL HTTP/1.1 imgspics.com/ie?v=4&c=5BlOf0TpDJO-aPa1CGglIbrLh4VoA0OCHQamA5s8ijbzrvYLTgQrBqGCVKUJ_mRjk8ZmeQEoxXODfpAr75HgCd5l5y0zEFjUkRzjzJliORgLQJqjerVMvQPYGsfFy3ZqyWHOJYkJGqd5nB94GQH0cnNIlNusqNhFulY0huEtDupO7u0XfvQVg4u25BrujEQ8TyBsjo4IpHkY5Qe-jaa6dj863f-N3CAW1qB9Z9PO6YPC-b1tq6_Mpn1jLfsRFeCxq-csdQ8x00oP65SmHjRVzjyrlzi2wnqTS2qFhWYrU2gN2kmasu49DpqLshf3WL3TIYEJEk46j-PPvX1xaL3sqesRScUkuzyjSASTZ03GKwbZQcyb2sb7GTF0E1nfAa3S8Ty4Rk7FEipX-xHWOYrf5kUgJzTl8mJlUB2Grq6_Qg==&v1=79&v2=68678
IP 157.90.94.146:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=5BlOf0TpDJO-aPa1CGglIbrLh4VoA0OCHQamA5s8ijbzrvYLTgQrBqGCVKUJ_mRjk8ZmeQEoxXODfpAr75HgCd5l5y0zEFjUkRzjzJliORgLQJqjerVMvQPYGsfFy3ZqyWHOJYkJGqd5nB94GQH0cnNIlNusqNhFulY0huEtDupO7u0XfvQVg4u25BrujEQ8TyBsjo4IpHkY5Qe-jaa6dj863f-N3CAW1qB9Z9PO6YPC-b1tq6_Mpn1jLfsRFeCxq-csdQ8x00oP65SmHjRVzjyrlzi2wnqTS2qFhWYrU2gN2kmasu49DpqLshf3WL3TIYEJEk46j-PPvX1xaL3sqesRScUkuzyjSASTZ03GKwbZQcyb2sb7GTF0E1nfAa3S8Ty4Rk7FEipX-xHWOYrf5kUgJzTl8mJlUB2Grq6_Qg==&v1=79&v2=68678 HTTP/1.1
Host: imgspics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Wed, 29 Mar 2023 13:38:56 GMT
content-length: 0
location: https://img.vmmcdn.com/get/7609021/200747_icon.png
x-app-id: 13
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 977a2c61e109239bb66548ccad2311bd
ab1fe6851d94f0e1a2a2533904cf2e6b949e1517
dd8c545be4e585123ebccce3989ce46d66b7b0ac521ef23a6a2e46f64da4ff8a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD8C545BE4E585123EBCCCE3989CE46D66B7B0AC521EF23A6A2E46F64DA4FF8A"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=926
Expires: Wed, 29 Mar 2023 13:54:23 GMT
Date: Wed, 29 Mar 2023 13:38:57 GMT
Connection: keep-alive
img.vmmcdn.com/get/7609021/200747_icon.png
46.4.121.113200 OK 78 kB URL HTTP/2 img.vmmcdn.com/get/7609021/200747_icon.png
IP 46.4.121.113:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 53282b73b589873fa79c738c03b4e47d
ca5ab91a4e36ebddd6b326fa67071e915415085d
530d10989a16c4cbdec879d1f82bb200fe63f5fb111179d873354058460dacc8
GET /get/7609021/200747_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.1
date: Wed, 29 Mar 2023 13:38:57 GMT
content-type: image/png
content-length: 78410
last-modified: Mon, 07 Nov 2022 15:29:52 GMT
cache-control: public, max-age=604800
etag: "63692470-1324a"
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
147.75.85.234204 No Content 0 B URL HTTP/2 prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Wed, 29 Mar 2023 13:38:57 GMT
server: envoy
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="05eddbfa62d728e8"; Path=/; HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
147.75.85.234204 No Content 0 B URL HTTP/2 prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Wed, 29 Mar 2023 13:38:58 GMT
server: envoy
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="05eddbfa62d728e8"; Path=/; HttpOnly
vary: Accept-Encoding
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
91.209.70.182200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP 91.209.70.182:0
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7; _ga=GA1.2.1996998183.1680097157; _gid=GA1.2.1699607248.1680097157; _gat_gtag_UA_108868042_1=1; a=aE2ZVJvQMgPiLGsxZElmrWPwVpRMIeyi; token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAZCQ_bwFkJD9vgAGBAcAAIJWakHCXnFl2-BCfm0hcIO0ai3xs_ufcKXzcaXB8celhwQAgLFu5U2d_zB2NWRDJARNcObcJ1myrDQ9CvQe09JfRmrQ
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:59 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP 91.209.70.182:0
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP 91.209.70.182:0
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
178.63.97.71200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP 178.63.97.71:0
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP 91.209.70.182:0
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP 91.209.70.182:0
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP 91.209.70.182:0
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
theharityhild.buzz/MUhSRDVqamp3Bwd7YWYZE2p%2BZlMJe2EnBQUqf3JQASp%2EcFFTeH99AQl%2EfyIDVC03J1BSKzEnUBNkcHFUBnhqIFdUZWZ8AVRlZiAACWVrcQEHZWpzB1VxanVTUH0zIhcdaiEzFx1qJixQWSkgLUFIIDsoUR8qJz5PE2RwdQUffXBoU1AkISEZVyk%2BN1AdLjMoRlQV
54.162.51.18200 OK 0 B URL HTTP/2 theharityhild.buzz/MUhSRDVqamp3Bwd7YWYZE2p%2BZlMJe2EnBQUqf3JQASp%2EcFFTeH99AQl%2EfyIDVC03J1BSKzEnUBNkcHFUBnhqIFdUZWZ8AVRlZiAACWVrcQEHZWpzB1VxanVTUH0zIhcdaiEzFx1qJixQWSkgLUFIIDsoUR8qJz5PE2RwdQUffXBoU1AkISEZVyk%2BN1AdLjMoRlQV
IP 54.162.51.18:0
GET /MUhSRDVqamp3Bwd7YWYZE2p%2BZlMJe2EnBQUqf3JQASp%2EcFFTeH99AQl%2EfyIDVC03J1BSKzEnUBNkcHFUBnhqIFdUZWZ8AVRlZiAACWVrcQEHZWpzB1VxanVTUH0zIhcdaiEzFx1qJixQWSkgLUFIIDsoUR8qJz5PE2RwdQUffXBoU1AkISEZVyk%2BN1AdLjMoRlQV HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 69d3c662243b8f5675f1c457778587f3=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8449-vit6GzGrCqu/qHyX26a8Jgw1Q3s"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/sw.js
91.209.70.182200 OK 0 B IP 91.209.70.182:0
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/imageads/010.gif
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/imageads/010.gif
IP 91.209.70.182:0
GET /imageads/010.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: image/gif
content-length: 405401
last-modified: Thu, 01 Apr 2021 04:06:22 GMT
vary: Accept-Encoding
etag: "606546be-62f99"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5+7T9ipjrMfebs2TYsRKyLBQy54AU0JwG7MIeE/rUCkBzaKKvXDdMmqPTfzr+Z2SvXnme9Yk9HYnnRix7q0uig==
date: Wed, 29 Mar 2023 13:38:53 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1680097157718
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/init?ts=1680097157718
IP 34.196.72.114:0
OPTIONS /x/init?ts=1680097157718 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:54 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5748
last-modified: Wed, 29 Mar 2023 12:03:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUqhq0yirb8rZtzrn4dtUuqF9NFT28xDmakXlp69i75y1fz3zXFe6LHveggcwvLxMq4ymETUJqXG5ZcPpRf9V3YuWQjVHDKU1wFv5qGJN2laW4vD0Wj5XSpHJ5CaLkmj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af8840e2ed576d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP 91.209.70.182:0
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
theharityhild.buzz/TTI5VHU2EEojKjhAVXZPb1pNIAU%2BCBZ7GChVWCEFY1xcIFo%2BRRc%2BBm8eGycYKxADZVlvQVQiV3cQDXpGbx4bIBQqbVAwV3cQAWdHewEKdllvQUw2KiRWC3ZPb1QBZ0YuAg02WHtXCTZYeVZbZFh0BgFjWCsEXDEQLldaNxYuVxsp
54.162.51.18502 Bad Gateway 0 B URL HTTP/2 theharityhild.buzz/TTI5VHU2EEojKjhAVXZPb1pNIAU%2BCBZ7GChVWCEFY1xcIFo%2BRRc%2BBm8eGycYKxADZVlvQVQiV3cQDXpGbx4bIBQqbVAwV3cQAWdHewEKdllvQUw2KiRWC3ZPb1QBZ0YuAg02WHtXCTZYeVZbZFh0BgFjWCsEXDEQLldaNxYuVxsp
IP 54.162.51.18:0
GET /TTI5VHU2EEojKjhAVXZPb1pNIAU%2BCBZ7GChVWCEFY1xcIFo%2BRRc%2BBm8eGycYKxADZVlvQVQiV3cQDXpGbx4bIBQqbVAwV3cQAWdHewEKdllvQUw2KiRWC3ZPb1QBZ0YuAg02WHtXCTZYeVZbZFh0BgFjWCsEXDEQLldaNxYuVxsp HTTP/1.1
Host: theharityhild.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: 7fccf72ebfd8727cd30ae3bf7c6c7fc5=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=0&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&ts=1680097158346
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/v2/b/?idx=0&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&ts=1680097158346
IP 34.196.72.114:0
OPTIONS /x/v2/b/?idx=0&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&ts=1680097158346 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:55 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP 91.209.70.182:0
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Mar 2023 13:38:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7SN4P_K57TeFl5cLYo9CErNmOp1qLgbEhDGMePOuqRVh8O7sHgerkKlZOWmlXcEsIqPoCsB7g
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-XPhma5CvpYqyWVQNGz9DDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:18_Pcqq7it-JTRtVOVB2qdboT2iUbg:I7k00knm28_Vl4u5; Expires=Fri, 28-Mar-2025 13:38:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1680097156795
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/init?ts=1680097156795
IP 34.196.72.114:0
OPTIONS /x/init?ts=1680097156795 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:54 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=0&pid=9c69b43421724e2ba880862e2034b892&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=969ee302-826a-4478-86c8-c3501576b29e&ts=1680097157021
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/v2/b/?idx=0&pid=9c69b43421724e2ba880862e2034b892&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=969ee302-826a-4478-86c8-c3501576b29e&ts=1680097157021
IP 34.196.72.114:0
OPTIONS /x/v2/b/?idx=0&pid=9c69b43421724e2ba880862e2034b892&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=969ee302-826a-4478-86c8-c3501576b29e&ts=1680097157021 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:54 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
cdn.prplads.com/prebid-2023-03-22.js
104.26.2.51200 OK 0 B URL HTTP/2 cdn.prplads.com/prebid-2023-03-22.js
IP 104.26.2.51:0
GET /prebid-2023-03-22.js HTTP/1.1
Host: cdn.prplads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:54 GMT
content-type: application/javascript
cache-control: max-age=1209600
cf-bgj: minify
cf-polished: origSize=375127
etag: W/"99f3c3ccaab6ea63fe6fdc9617e04981"
last-modified: Wed, 22 Mar 2023 16:08:32 GMT
x-amz-id-2: 3dB1M5cfrx31ot+MQxwNyKdpdvY9n/YE9zc470tE5bCDIY7Ek7r+t0IHFEsYYhIBvj6PSLjfjMQ=
x-amz-request-id: 70YCMBDAKBGN691W
cf-cache-status: HIT
age: 7091
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uBXTFn%2F%2BTVRwTsE8ZNwlpFuidfmxIHLecbHWtzKiSlMb0tvlNzpv0dafgfiM8CXyzzad3HgTR0UxJTjwnlBSbR8tx48rcm5D2DKsaI8WrEvoV72G0xIKcKl2%2Bxr0zkaDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af88413199ab4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
IP 91.209.70.182:0
GET /1cv43/Muse.Dash.v3.1_(3).rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=all435meons6relhj4j2s52ul7; expires=Thu, 30-Mar-2023 13:38:52 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP 91.209.70.182:0
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5748
last-modified: Wed, 29 Mar 2023 12:03:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adkYL%2FExekiDMUCje%2BZCWxM33E4heVvWfEeke6HeI15mLQHLtezBj1pxNPyXxLJoloc59K1QQsDdYD1XwYEifpdhJ4BvYNw4GDhX0C5GAPV%2FD8c9H7bpqoiHjPPeL605"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af8840e0eaa76d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5748
last-modified: Wed, 29 Mar 2023 12:03:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNpl7GrhMX8qd8ldfWI%2FsO6z4Td0l2q2Cdgqh0CLwUPbvzxDxpIYVIfHmwW%2BPb5sgoBBYzsbyjROy7SEv2QaIRd7n%2BpUGNN35pBA7dINMDiteJBh%2BTW6%2BSSVIuvwCBNK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af8840e1ec776d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
104.16.158.17200 OK 0 B URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP 104.16.158.17:0
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:54 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2023 13:32:20 GMT
cf-cache-status: HIT
expires: Wed, 29 Mar 2023 13:53:54 GMT
server: cloudflare
cf-ray: 7af884114e9fb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&demand=unifiedPb&ts=1680097159393
34.196.72.114200 OK 0 B URL HTTP/2 api.purpleads.io/x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&demand=unifiedPb&ts=1680097159393
IP 34.196.72.114:0
OPTIONS /x/v2/b/?idx=1&pid=9c69b43421724e2ba880862e2034b892&sizes=[[1280,898],[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=b0c265d3-05d7-4a8e-9966-313b0a2dc447&demand=unifiedPb&ts=1680097159393 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:56 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
access-control-expose-headers: pa-user-id
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP 91.209.70.182:0
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/1cv43/Muse.Dash.v3.1_(3).rar
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:52 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680097156488
104.26.3.107200 OK 0 B URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680097156488
IP 104.26.3.107:0
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1680097156488 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oNavtHP9%2FkyoGmUeLoUNLu%2F5vmQovewj%2F8DyZLvxirdNISCvW08fWQACMXr18OdprV91nJQkIO0UI3wndDHZ7%2BsdXoDHvsRPpUzgHyBcu3m9qoAFNFR0dRwLFvgTMLRCpq%2FgEAD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840b8bf81c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5748
last-modified: Wed, 29 Mar 2023 12:03:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIiGmS3sooUR8LKKsjMe5KC7NJljTIqZWJaLYfGdbUcRpwZM68P3ZdMN8YWh0V9xUhXbkNK%2Byn9IkQLXi%2F9iPaW0P4CORdE6G%2BoKJ%2BJIpS0tm5ElHLw3DOTN1QUEN5OL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af8840e0ea976d2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.198.35200 OK 0 B IP 172.64.198.35:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: text/plain
set-cookie: csu=1226907956407159@1@1680097133; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmeLs3eLjyHhVF1jQ7eKVy%2BQ6IelQ%2BfBQVMYaZWfvzBiqnaYZl1qEl8vV2npX%2FWEFtQX0LdWuCPBcJ2F4kZhOeTE3mJF2ZmJdIpWnvYUjJqb%2FTQACwcCqmfSFCsTYQl2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af8840e1ec076d2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/sw.js?dWxCZFAuTnpXYkNfcUZ8V05uRjZNX3EHYEEOb1I1RQ5vUDQXXG9dZE1bbwJmEAknBzUWDyEHNVdAYFExQlx6ADIQQXZcZBBBdgBlTUF7UWRDQXpTYhFVelU2FFkjAnJZTjETcllONgw1HQ0wDSQMBCsINFsONx4qV0BgVWBbWWBINhQAMQF8Ew0uFzVZCiMIIxAx
91.209.70.182200 OK 0 B URL HTTP/2 megaup.net/sw.js?dWxCZFAuTnpXYkNfcUZ8V05uRjZNX3EHYEEOb1I1RQ5vUDQXXG9dZE1bbwJmEAknBzUWDyEHNVdAYFExQlx6ADIQQXZcZBBBdgBlTUF7UWRDQXpTYhFVelU2FFkjAnJZTjETcllONgw1HQ0wDSQMBCsINFsONx4qV0BgVWBbWWBINhQAMQF8Ew0uFzVZCiMIIxAx
IP 91.209.70.182:0
GET /sw.js?dWxCZFAuTnpXYkNfcUZ8V05uRjZNX3EHYEEOb1I1RQ5vUDQXXG9dZE1bbwJmEAknBzUWDyEHNVdAYFExQlx6ADIQQXZcZBBBdgBlTUF7UWRDQXpTYhFVelU2FFkjAnJZTjETcllONgw1HQ0wDSQMBCsINFsONx4qV0BgVWBbWWBINhQAMQF8Ew0uFzVZCiMIIxAx HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=all435meons6relhj4j2s52ul7; _ga=GA1.2.1996998183.1680097157; _gid=GA1.2.1699607248.1680097157; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 13:38:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:15:31 GMT
vary: Accept-Encoding
etag: W/"63a1dfa3-1927c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2