megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /Tis6/FIFA.21.Ultimate.Edition.part09.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 21:31:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6648
Expires: Mon, 05 Dec 2022 23:22:33 GMT
Date: Mon, 05 Dec 2022 21:31:45 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5384
Cache-Control: max-age=138558
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:45 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:01:03 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 21:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 685
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2866
Expires: Mon, 05 Dec 2022 22:19:31 GMT
Date: Mon, 05 Dec 2022 21:31:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Z5M1kgDD6a/25CD9+AmgWmgJ64mvxskhqoMtv4JyVo8zvbKRsUMPh6zN0iCFOs+/zSJ5eyLCmqY=
x-amz-request-id: K0WADDZ177E91BDW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 20:46:49 GMT
age: 2696
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash e0990f856f9702f9505da2f3bc9f683e
438d4f18133afdc8a0c79508228d50b57dcaab1c
0f24f4c730acbbaf8d5b85b069896e4c541a1a9937b397e127ba7acd3de4848b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 11:25:43 GMT
Expires: Fri, 09 Dec 2022 11:25:42 GMT
Etag: "438d4f18133afdc8a0c79508228d50b57dcaab1c"
Cache-Control: max-age=308636,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774fe3f75c770b65-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
200 OK 184 kB URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP
File type GIF image data, version 89a, 64 x 64\012- data
Size 184 kB (184355 bytes)
Hash b0dd5b3af9c4c0644d7bddee83716209
30002468d0266b893b3559b8d0d260c6cbf0ad7c
2418224bb4d12c122ef3c54d2ee9edb5f6f28d539e91a166b0215553f8c7609d
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/themes/flow/js/global.js
200 OK 1.5 kB URL HTTP/2 megaup.net/themes/flow/js/global.js
IP
Hash ca1fc45a5047d49e1f95014e46dc2a41
e764defef0f8583a7bbdcbe848e5e0534ab5db3e
e6bdb4caa9d9cf756ea8f8e5a39ad185f94a27e142e089164f5b49bb6769988b
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
File type ASCII text, with very long lines (1921)
Hash 7de625633c6f4adbd44093de302e9c71
7383666cedfdc04e920533f0c81669d827ee4f24
1e0712074e3ccdf38ba2bd2660ebd708fb613ca91fe06ec2fdf5e8f5a2952dae
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 21:31:45 GMT
expires: Mon, 05 Dec 2022 21:31:45 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5372
Cache-Control: max-age=133479
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:45 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:36:24 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
200 OK 8.1 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 31125489006388cacbed211d377a212b
01cf72de2f627e177f59ad4a01fb80a282cbb323
c45eb944255174ae68f1c21c835f3344ec4218c510227ad3d2c518426f51c78d
GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash efdb541b708b2e0a6cc075a9c68b07d0
8ce6ae1e31094485d9bc230e39ca7dd970d16efd
d6e864ac41c8de25a27c2b613463eea4767a20091dc91e4a2797dcf814768ce1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6E864AC41C8DE25A27C2B613463EEA4767A20091DC91E4A2797DCF814768CE1"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16063
Expires: Tue, 06 Dec 2022 01:59:28 GMT
Date: Mon, 05 Dec 2022 21:31:45 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway.woff
IP
File type Web Open Font Format, TrueType, length 31836, version 1.1\012- data
Hash 4514fa5a5b3d1e0b14aa32a7d068124a
e634977bfabc20ed15fe7ed03d3876cf68834b93
5b0f118d658eacc5740b10b0dc2ebbd99ee8e8262c72ff29bfcda48c02b19861
GET /themes/flow/frontend_assets/fonts/raleway.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: font/woff
content-length: 31836
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
200 OK 36 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP
File type ASCII text, with CRLF line terminators
Hash 358c4da36a6805f7bfff1c0facf3020e
d903c5ca0981f4baa4dafcae1e0cd5373231a85c
b9e5e85a04bc18b430bc2173f6fd0ec3384cdbe89e4dbd4ede142e8b2897bab3
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
200 OK 22 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
IP
File type ASCII text, with CRLF line terminators
Hash ad1af13fa56ff37fbf61626f4e1d6b10
bca65d0be26469bab7069bcb4b220e2d0553b509
74b272cbae30925e4e3c87ec24d976be420d043fbf21800688a0a9dbe26e3f20
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 21:31:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 06-Dec-2022 21:31:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 06-Dec-2022 21:31:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 21:31:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 06-Dec-2022 21:31:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 06-Dec-2022 21:31:45 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
200 OK 190 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 190 kB (190021 bytes)
Hash ff1524490c5e484e32241e9781482e4b
cef95e91e6410470b82db8b233594c1314622d90
7cee3320d0a71689dfe9ab53c7bac19367ef0a18e2a6e9e28e3c17f897d5040e
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 190021
date: Mon, 05 Dec 2022 21:31:45 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qiCDHZq47cepEJrikWnO0OVXtkNf06j5ZoVgQjlMwBN_iFE1MUOeEg==
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gCLctlZ996b+tY95SJ+yrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ALLddW2Sj1T6Edkoksx8Jrqiw/M=
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
200 OK 1.4 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
File type ASCII text, with CRLF line terminators
Hash 8d346fdb7216ec281cf1282443351449
58ff02b1efb0a15ba2bef57ce4717cb0cdf3dbcb
683a5d4cb5b305a7cb5c4b994f131a2c4eb68e6446d963940bd125b6e5abe565
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lameterthenhep.com/S1ZBc0MqNCIefCprI1U2OTp8VnENc3M1JyY7OxglL25zBCIyOG8QLyQjJRUxJDg1XS0uImRBBXwYOyE1BR4bJhQ8EBIgFgUyAgQvCRcQJSYPEwAhGyMuIzQGKBwRHxoIMhdDIBE+cBYmIQMSMih6BxQUERoBcCYBHmYyIRYaEBkgNBIFBR8CHhUmMQkaFxsqG3ocAjEofg8GNjQPA3A6Bg4xDyQAGhwjNwV+DwBCFR8UGTkiDD0YIAEnbiIyFX43AkIwCQQDNScJFCk3Bh1mBCE0KDcZCwUNMhM1JwkXBxYUJz0AJjQZZBIUGQwCNjkhDgMXQgYde3E2AQ4TEysLHR4DBAUJFAdLEAk6eCcGegQnMgENEyIiGS0UFCoLCQB5NRY8AwQwFXsTFB8KCgIHPgUoOnU2EjM9BCAWDRoDFGUhJS4dM3YHIwcBIiUTGCoFDA
200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/S1ZBc0MqNCIefCprI1U2OTp8VnENc3M1JyY7OxglL25zBCIyOG8QLyQjJRUxJDg1XS0uImRBBXwYOyE1BR4bJhQ8EBIgFgUyAgQvCRcQJSYPEwAhGyMuIzQGKBwRHxoIMhdDIBE+cBYmIQMSMih6BxQUERoBcCYBHmYyIRYaEBkgNBIFBR8CHhUmMQkaFxsqG3ocAjEofg8GNjQPA3A6Bg4xDyQAGhwjNwV+DwBCFR8UGTkiDD0YIAEnbiIyFX43AkIwCQQDNScJFCk3Bh1mBCE0KDcZCwUNMhM1JwkXBxYUJz0AJjQZZBIUGQwCNjkhDgMXQgYde3E2AQ4TEysLHR4DBAUJFAdLEAk6eCcGegQnMgENEyIiGS0UFCoLCQB5NRY8AwQwFXsTFB8KCgIHPgUoOnU2EjM9BCAWDRoDFGUhJS4dM3YHIwcBIiUTGCoFDA
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3039), with no line terminators
Hash 5983e7125bbe99a15fadb8b7fed81f9d
a067503cd18019ed08c7079f2f3a8bbd7955d65d
1e1795045a46174925e54477f5449167a7f08b79f55687b41764212adbf5fb0e
GET /S1ZBc0MqNCIefCprI1U2OTp8VnENc3M1JyY7OxglL25zBCIyOG8QLyQjJRUxJDg1XS0uImRBBXwYOyE1BR4bJhQ8EBIgFgUyAgQvCRcQJSYPEwAhGyMuIzQGKBwRHxoIMhdDIBE+cBYmIQMSMih6BxQUERoBcCYBHmYyIRYaEBkgNBIFBR8CHhUmMQkaFxsqG3ocAjEofg8GNjQPA3A6Bg4xDyQAGhwjNwV+DwBCFR8UGTkiDD0YIAEnbiIyFX43AkIwCQQDNScJFCk3Bh1mBCE0KDcZCwUNMhM1JwkXBxYUJz0AJjQZZBIUGQwCNjkhDgMXQgYde3E2AQ4TEysLHR4DBAUJFAdLEAk6eCcGegQnMgENEyIiGS0UFCoLCQB5NRY8AwQwFXsTFB8KCgIHPgUoOnU2EjM9BCAWDRoDFGUhJS4dM3YHIwcBIiUTGCoFDA HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1188
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j84PLqx02CLKnJLi3QZ0Kqk_reYs0UT8GJZ24evCryBmLYM9YqeruQ==
X-Firefox-Spdy: h2
lameterthenhep.com/MHZsMnpRFA9fRVFLDhQPQhpRF0h2U150Hl0bFlkcVE5eRRtJGEJRFl8DCFQIXxgYHBRVAkkAPFc4XkoXYz42ZztHERlhL30wLVwsfzcqQixVI1hgOFgjAnU/VCQtYQkFLi4CNHE1NlYzWDsUdz8BPSlYM2M1AEo7ejQIaDkBAhl3S1smOwEWYSALVT9UIyVgPXIvAnorXxcqWD9RJy5jLnw0LlEpWDscYUtfMiRxP1EhGwM+VRwtcStcLBhgO1QzKWE/aSMbfyh/RyF0InERVGcNZhU6ARJpNFxeLHMaIXQicjMEdTt2Lz0BCQAzAActfTMtdilmWzl5L0cgD3Q+BSIucUtoEyl/IGgzVUYocRUgcwNDEjt3FmUyB2MyaCA2BihHEghjSUAxOWMvZTo+cCN2MyIEN3EsD2dIajEpYBZSEz0UEEMZAkJHVxUjWQtbPjxYNEUPCkg
200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/MHZsMnpRFA9fRVFLDhQPQhpRF0h2U150Hl0bFlkcVE5eRRtJGEJRFl8DCFQIXxgYHBRVAkkAPFc4XkoXYz42ZztHERlhL30wLVwsfzcqQixVI1hgOFgjAnU/VCQtYQkFLi4CNHE1NlYzWDsUdz8BPSlYM2M1AEo7ejQIaDkBAhl3S1smOwEWYSALVT9UIyVgPXIvAnorXxcqWD9RJy5jLnw0LlEpWDscYUtfMiRxP1EhGwM+VRwtcStcLBhgO1QzKWE/aSMbfyh/RyF0InERVGcNZhU6ARJpNFxeLHMaIXQicjMEdTt2Lz0BCQAzAActfTMtdilmWzl5L0cgD3Q+BSIucUtoEyl/IGgzVUYocRUgcwNDEjt3FmUyB2MyaCA2BihHEghjSUAxOWMvZTo+cCN2MyIEN3EsD2dIajEpYBZSEz0UEEMZAkJHVxUjWQtbPjxYNEUPCkg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3046), with no line terminators
Hash a0e9de477344860d29a377d25cf65d0d
3eaf116e79bccb0114ce06ef4aafb5081796bb68
21d824828dc04037a716ebf0cd861434966f1011c5773e690e13b3cfade9debf
GET /MHZsMnpRFA9fRVFLDhQPQhpRF0h2U150Hl0bFlkcVE5eRRtJGEJRFl8DCFQIXxgYHBRVAkkAPFc4XkoXYz42ZztHERlhL30wLVwsfzcqQixVI1hgOFgjAnU/VCQtYQkFLi4CNHE1NlYzWDsUdz8BPSlYM2M1AEo7ejQIaDkBAhl3S1smOwEWYSALVT9UIyVgPXIvAnorXxcqWD9RJy5jLnw0LlEpWDscYUtfMiRxP1EhGwM+VRwtcStcLBhgO1QzKWE/aSMbfyh/RyF0InERVGcNZhU6ARJpNFxeLHMaIXQicjMEdTt2Lz0BCQAzAActfTMtdilmWzl5L0cgD3Q+BSIucUtoEyl/IGgzVUYocRUgcwNDEjt3FmUyB2MyaCA2BihHEghjSUAxOWMvZTo+cCN2MyIEN3EsD2dIajEpYBZSEz0UEEMZAkJHVxUjWQtbPjxYNEUPCkg HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ImH2Mq1UecmhvTTQ-s_TIH97rzJ3PE6lgicEVuoQGOrs9Yo6EAKN6Q==
X-Firefox-Spdy: h2
lameterthenhep.com/MUZUUjVQJDc/ClB7NnRAQyppdwd3Y2YUUVwrLjlTVX5mJVRIKHoxWV4zMDRHXiggfFtUMnFgc0IIEgB4YCgeCnpIDz8GYHB/HxoMegQ5FARSdhkBZVt+IBpwYzYENXt9HwcIA3QvBgtXZTU5BHBwMx8aDHIDPjVBfQQBGFZYLScXZF0qNTt4ZhA5PgFrBw4XekgicWBzc3c7JX5iFzYFX3QpDhNRZycHF0FyAGRmfHIIDBBde3M2F3xjHDoqRHMQZGR+cnYSAAZ3Y2YQVlk+FTFtBD8FJWcHIBM2d1UoEncHcyUzBFF+KCRgY0YlAzNtcwUAFX8FHGQUB1IeeWdMcAMeKlNGCBAQcncvNz5GYxw6JVl3dzd3B3cPZjZ0UisOalYBDxEIbUk8AiVvWg09IXRkEh04el0lExdbAD8GKkVaJz42ZXMXcjhGXigkb0dwfwEgA2EQOGtCVQ
200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/MUZUUjVQJDc/ClB7NnRAQyppdwd3Y2YUUVwrLjlTVX5mJVRIKHoxWV4zMDRHXiggfFtUMnFgc0IIEgB4YCgeCnpIDz8GYHB/HxoMegQ5FARSdhkBZVt+IBpwYzYENXt9HwcIA3QvBgtXZTU5BHBwMx8aDHIDPjVBfQQBGFZYLScXZF0qNTt4ZhA5PgFrBw4XekgicWBzc3c7JX5iFzYFX3QpDhNRZycHF0FyAGRmfHIIDBBde3M2F3xjHDoqRHMQZGR+cnYSAAZ3Y2YQVlk+FTFtBD8FJWcHIBM2d1UoEncHcyUzBFF+KCRgY0YlAzNtcwUAFX8FHGQUB1IeeWdMcAMeKlNGCBAQcncvNz5GYxw6JVl3dzd3B3cPZjZ0UisOalYBDxEIbUk8AiVvWg09IXRkEh04el0lExdbAD8GKkVaJz42ZXMXcjhGXigkb0dwfwEgA2EQOGtCVQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3040), with no line terminators
Hash 634e41ed927af76fb02d0157be586bc3
54690b7a1e7db48e188391a8aefe15678edfe045
8240a0709152c58fdab4dda60ac5ff47e2637a552a693c8a1d35ab5e65262488
GET /MUZUUjVQJDc/ClB7NnRAQyppdwd3Y2YUUVwrLjlTVX5mJVRIKHoxWV4zMDRHXiggfFtUMnFgc0IIEgB4YCgeCnpIDz8GYHB/HxoMegQ5FARSdhkBZVt+IBpwYzYENXt9HwcIA3QvBgtXZTU5BHBwMx8aDHIDPjVBfQQBGFZYLScXZF0qNTt4ZhA5PgFrBw4XekgicWBzc3c7JX5iFzYFX3QpDhNRZycHF0FyAGRmfHIIDBBde3M2F3xjHDoqRHMQZGR+cnYSAAZ3Y2YQVlk+FTFtBD8FJWcHIBM2d1UoEncHcyUzBFF+KCRgY0YlAzNtcwUAFX8FHGQUB1IeeWdMcAMeKlNGCBAQcncvNz5GYxw6JVl3dzd3B3cPZjZ0UisOalYBDxEIbUk8AiVvWg09IXRkEh04el0lExdbAD8GKkVaJz42ZXMXcjhGXigkb0dwfwEgA2EQOGtCVQ HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1193
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eIjV1ezoy4dGnBxCetLRMlJWzTw23StYS45QTfawOSTzulRh6Yzmmw==
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 21:31:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
lameterthenhep.com/dThOcXYUWi0cSRQFLFcDB1RzVEQzHXw3EhhVNBoQEQB8BhcMVmASGhpNKhcEGlY6XxgQTGtDMA9bfgUbI3wHIDw0Xzc1JxZRDxwdOWp9OxMsXxQnPydteSk3OwoICCAPayc3EzdPBzMzH3UKNzcWQA8cHTZuHRI+OlQYPhQkdXgkI0AOHzUgIn0WKyUWUy0iEhJLeSI0GlYNGyMtaR9AIhBfBCYTI2J2IyQaVA8bAjN5CUQjL345ORQZaiUwRjtUGB8zN3UZRCMvfRsQPCN6KTdGNHIfQy82e31AJRZpCwkUGWolIDcjTRgjIzFpfUQ/L3o6JhMjFRcLIA15KTIuMHkAKRoiYh87MhBUFB0wRX55MDJEeQgYRj90DBU0MW4qGjRECXkgNTBoHxZQH0shHwZIST8wTx8AHUEELG0Z
200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/dThOcXYUWi0cSRQFLFcDB1RzVEQzHXw3EhhVNBoQEQB8BhcMVmASGhpNKhcEGlY6XxgQTGtDMA9bfgUbI3wHIDw0Xzc1JxZRDxwdOWp9OxMsXxQnPydteSk3OwoICCAPayc3EzdPBzMzH3UKNzcWQA8cHTZuHRI+OlQYPhQkdXgkI0AOHzUgIn0WKyUWUy0iEhJLeSI0GlYNGyMtaR9AIhBfBCYTI2J2IyQaVA8bAjN5CUQjL345ORQZaiUwRjtUGB8zN3UZRCMvfRsQPCN6KTdGNHIfQy82e31AJRZpCwkUGWolIDcjTRgjIzFpfUQ/L3o6JhMjFRcLIA15KTIuMHkAKRoiYh87MhBUFB0wRX55MDJEeQgYRj90DBU0MW4qGjRECXkgNTBoHxZQH0shHwZIST8wTx8AHUEELG0Z
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3020), with no line terminators
Hash 8f4fd795409c6af1e5e8db57d0bfd5cf
7844f44dd5bd70a1d26996800de13534899170b5
be0e58edb1b0e2363456068b6d72c204ae70b486c9dc7b34478115ee89c4f82d
GET /dThOcXYUWi0cSRQFLFcDB1RzVEQzHXw3EhhVNBoQEQB8BhcMVmASGhpNKhcEGlY6XxgQTGtDMA9bfgUbI3wHIDw0Xzc1JxZRDxwdOWp9OxMsXxQnPydteSk3OwoICCAPayc3EzdPBzMzH3UKNzcWQA8cHTZuHRI+OlQYPhQkdXgkI0AOHzUgIn0WKyUWUy0iEhJLeSI0GlYNGyMtaR9AIhBfBCYTI2J2IyQaVA8bAjN5CUQjL345ORQZaiUwRjtUGB8zN3UZRCMvfRsQPCN6KTdGNHIfQy82e31AJRZpCwkUGWolIDcjTRgjIzFpfUQ/L3o6JhMjFRcLIA15KTIuMHkAKRoiYh87MhBUFB0wRX55MDJEeQgYRj90DBU0MW4qGjRECXkgNTBoHxZQH0shHwZIST8wTx8AHUEELG0Z HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cyOEaytU-5Gj33A6X-zLOfSJgehd180dY3qAPYILxg6l2-0JacK7Mw==
X-Firefox-Spdy: h2
lameterthenhep.com/SVA1SjMoMlYnDChtV2xGOzwIbwEPdQcMVyQ9TyFVLWgHPVIwPhspXyYlUSxBJj5BZF0sJBB4dTwCBS4FK2JaIXgLAX8cZwQlfSZ5LTNtBH8eYUEifxg7dAh3LWZ+I0QIGU0bfQMSeCd2IQVHHncEaX0meSgJZjlRCAEEfGobaHcJazlibQsHBhptOnwaAgF5eAsWZgJ3KnUHCHUhN2YHWgQzdw9EMBpeKXALBAU/dS4deRNdHGhiIWF6CV4iVRg6dD91CCNzB3cbNm0cXDkdBHNXHj5veWUPaWUuch82bRxcPhxdGGkRPX96fAwgbC5JcB1iegp5EmNnCi0HXx9LEWFCOFcnNGUbZTklbCFbLxRmA1gMAXcaVxgWfBICPWNRekcvBwcAAho3Xg59GhlWC3EDOVEeSywHWwBDGjteLFYnCRMgQCY+RXdjCjpRGUQCKVQfXA0
200 OK 1.2 kB URL HTTP/2 lameterthenhep.com/SVA1SjMoMlYnDChtV2xGOzwIbwEPdQcMVyQ9TyFVLWgHPVIwPhspXyYlUSxBJj5BZF0sJBB4dTwCBS4FK2JaIXgLAX8cZwQlfSZ5LTNtBH8eYUEifxg7dAh3LWZ+I0QIGU0bfQMSeCd2IQVHHncEaX0meSgJZjlRCAEEfGobaHcJazlibQsHBhptOnwaAgF5eAsWZgJ3KnUHCHUhN2YHWgQzdw9EMBpeKXALBAU/dS4deRNdHGhiIWF6CV4iVRg6dD91CCNzB3cbNm0cXDkdBHNXHj5veWUPaWUuch82bRxcPhxdGGkRPX96fAwgbC5JcB1iegp5EmNnCi0HXx9LEWFCOFcnNGUbZTklbCFbLxRmA1gMAXcaVxgWfBICPWNRekcvBwcAAho3Xg59GhlWC3EDOVEeSywHWwBDGjteLFYnCRMgQCY+RXdjCjpRGUQCKVQfXA0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3041), with no line terminators
Hash 331090262eca550fb6ac1bfe6e65c6fc
388bad6b6ef4d50ab62902b256097c4b3fc95330
e791783640ba1b0a5c67b9c6d0cedf3de7ed93269cd182ef8f9a47228ba59cc4
GET /SVA1SjMoMlYnDChtV2xGOzwIbwEPdQcMVyQ9TyFVLWgHPVIwPhspXyYlUSxBJj5BZF0sJBB4dTwCBS4FK2JaIXgLAX8cZwQlfSZ5LTNtBH8eYUEifxg7dAh3LWZ+I0QIGU0bfQMSeCd2IQVHHncEaX0meSgJZjlRCAEEfGobaHcJazlibQsHBhptOnwaAgF5eAsWZgJ3KnUHCHUhN2YHWgQzdw9EMBpeKXALBAU/dS4deRNdHGhiIWF6CV4iVRg6dD91CCNzB3cbNm0cXDkdBHNXHj5veWUPaWUuch82bRxcPhxdGGkRPX96fAwgbC5JcB1iegp5EmNnCi0HXx9LEWFCOFcnNGUbZTklbCFbLxRmA1gMAXcaVxgWfBICPWNRekcvBwcAAho3Xg59GhlWC3EDOVEeSywHWwBDGjteLFYnCRMgQCY+RXdjCjpRGUQCKVQfXA0 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zRPF3z8IKQQxzfnUbWZDCOLL_LxGN-GjhWOV3tRGA9G2f45zuBNOrQ==
X-Firefox-Spdy: h2
norakseemlyntr.com/akw1UWpFc1YiVz4ZDD4kLR4BNywdCmMJW09+cwQrPBtQPw4zDQQmTB4lUWxSWHkMYFtMPFw1V1l+EyIeCzhAIldbalw/DAVxEydXWmINf1tfYgV3H1d9EyUaCysIYEwaOEE9V1t6AmFYXXkMYVlZfwU
204 No Content 0 B URL HTTP/2 norakseemlyntr.com/akw1UWpFc1YiVz4ZDD4kLR4BNywdCmMJW09+cwQrPBtQPw4zDQQmTB4lUWxSWHkMYFtMPFw1V1l+EyIeCzhAIldbalw/DAVxEydXWmINf1tfYgV3H1d9EyUaCysIYEwaOEE9V1t6AmFYXXkMYVlZfwU
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /akw1UWpFc1YiVz4ZDD4kLR4BNywdCmMJW09+cwQrPBtQPw4zDQQmTB4lUWxSWHkMYFtMPFw1V1l+EyIeCzhAIldbalw/DAVxEydXWmINf1tfYgV3H1d9EyUaCysIYEwaOEE9V1t6AmFYXXkMYVlZfwU HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zVUqM8QVynBpNAMCxGAcRHuUx33BBZpB%2Fe3iUKtoGS1F7LVnLFPkB3zTSDxyMf61%2Bx72MzNPXC1WP68pEIppQ4LXbq3oQZlw06viPjhDlXSpfqNmk%2BScLIM%2FHVC65c1Z2VIz58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe3fdab26b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
200 OK 4.3 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP
File type troff or preprocessor input, ASCII text, with very long lines (305), with CRLF line terminators
Hash 9443ddd68641b463c52a7e8a6ba2925b
46f344749226eb2df7fde1c9af687e063a264afd
b8976223711db602915f34704c514ed227c1d638eda0714233b50471ca987e97
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
norakseemlyntr.com/c0NWMUVcfDVCeBctFFoIHnIRYykyBQF0EzIVF3MTInMMZgdCd3BFLBd+YQdxQndnFzUaJ2sAYwA3N0UwAH5nFywdJTkMYwV+Zx92R21lAGtCZSMMdFU3JlAiTnJwQTEHL2sAc0RzZAZwSnNlAnBG
204 No Content 0 B URL HTTP/2 norakseemlyntr.com/c0NWMUVcfDVCeBctFFoIHnIRYykyBQF0EzIVF3MTInMMZgdCd3BFLBd+YQdxQndnFzUaJ2sAYwA3N0UwAH5nFywdJTkMYwV+Zx92R21lAGtCZSMMdFU3JlAiTnJwQTEHL2sAc0RzZAZwSnNlAnBG
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c0NWMUVcfDVCeBctFFoIHnIRYykyBQF0EzIVF3MTInMMZgdCd3BFLBd+YQdxQndnFzUaJ2sAYwA3N0UwAH5nFywdJTkMYwV+Zx92R21lAGtCZSMMdFU3JlAiTnJwQTEHL2sAc0RzZAZwSnNlAnBG HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVp%2FHm7Vgfca3GAQDjkpl2%2FfPnRdDZBqXFPLMy7MyttrbXuc1tVU0FrEQ7nhoTDttRyhlw0IvTrWMDN%2Bq%2Fq9F8LajyIDQK8LrH67gIQlqjQqN%2BNRkHx18HM9XFSnmkDXPpH5dJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe3fdcb3cb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
norakseemlyntr.com/V1lJZGt4ZioXVhpoG1I+AwAFPj4/NgglGzkKJC0sFh4LLwoWDG8QAjNkcVNdZGhxQhs+PXRWUnEqPQUfIip0VU0+Ny8LVnEvdFVFZ3d/VEVmfzxZWnEtOQUMamhvFB8jNXRVXWBpe1Nebml6V1hv
204 No Content 0 B URL HTTP/2 norakseemlyntr.com/V1lJZGt4ZioXVhpoG1I+AwAFPj4/NgglGzkKJC0sFh4LLwoWDG8QAjNkcVNdZGhxQhs+PXRWUnEqPQUfIip0VU0+Ny8LVnEvdFVFZ3d/VEVmfzxZWnEtOQUMamhvFB8jNXRVXWBpe1Nebml6V1hv
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /V1lJZGt4ZioXVhpoG1I+AwAFPj4/NgglGzkKJC0sFh4LLwoWDG8QAjNkcVNdZGhxQhs+PXRWUnEqPQUfIip0VU0+Ny8LVnEvdFVFZ3d/VEVmfzxZWnEtOQUMamhvFB8jNXRVXWBpe1Nebml6V1hv HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmMHS54kGv42kgR%2BT4qUOGRHEiz5V%2BVv0xZq3JOD51mR2iZr5v%2FPMmDuDsOde1fRZOgp%2F%2BigIhcRRtQXcv9o9BJRnT0%2FItyWr5OHS0Xp%2F0HsW9GmdYRa5Hu1ScGQ8wxGv4%2FU5Jo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe3fdbb31b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
norakseemlyntr.com/WVI1Ym92bVYRUjgXZzM6Mj5sBCgDOlNTF2AIciRXAQoEEg43NRMWBj1vAlReaGoDRB8wNghTSSomVBYaKm8ERAY3NFpfSS9vBExcbXwGU0FodEBfXn8mRQMIZGMTEhstPghTWW5iB1VaYGIGUV5u
204 No Content 0 B URL HTTP/2 norakseemlyntr.com/WVI1Ym92bVYRUjgXZzM6Mj5sBCgDOlNTF2AIciRXAQoEEg43NRMWBj1vAlReaGoDRB8wNghTSSomVBYaKm8ERAY3NFpfSS9vBExcbXwGU0FodEBfXn8mRQMIZGMTEhstPghTWW5iB1VaYGIGUV5u
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WVI1Ym92bVYRUjgXZzM6Mj5sBCgDOlNTF2AIciRXAQoEEg43NRMWBj1vAlReaGoDRB8wNghTSSomVBYaKm8ERAY3NFpfSS9vBExcbXwGU0FodEBfXn8mRQMIZGMTEhstPghTWW5iB1VaYGIGUV5u HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atGazqi4WwgppPLGoDRaOVZjRrqgY29Wfr7OJtMWm1HbZnQDHNRER6lYHMAQM2cuhZ5rDgUfAqS%2F%2Bx1oxQGWXmCvTfC85zHg27qqlHnyhsotLVIzvrZs6rcxkhXqFDUS%2FZOWs4o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe3fdbb35b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
norakseemlyntr.com/cEl5aGtfdhobVip6HV4KNxsqOi5FEy8+DzgYFQQ8JQxAIzNBPl8cAhR0QVpeSXhIThsZLURbWVY6DQkfBTpEWltAfl8BBRYmRFpNBnRJRlNeeExGW1Y8RFlNBDkYD1ZBbwkcHxx0SF5cQHtOXVJAekpbWg
204 No Content 0 B URL HTTP/2 norakseemlyntr.com/cEl5aGtfdhobVip6HV4KNxsqOi5FEy8+DzgYFQQ8JQxAIzNBPl8cAhR0QVpeSXhIThsZLURbWVY6DQkfBTpEWltAfl8BBRYmRFpNBnRJRlNeeExGW1Y8RFlNBDkYD1ZBbwkcHxx0SF5cQHtOXVJAekpbWg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cEl5aGtfdhobVip6HV4KNxsqOi5FEy8+DzgYFQQ8JQxAIzNBPl8cAhR0QVpeSXhIThsZLURbWVY6DQkfBTpEWltAfl8BBRYmRFpNBnRJRlNeeExGW1Y8RFlNBDkYD1ZBbwkcHxx0SF5cQHtOXVJAekpbWg HTTP/1.1
Host: norakseemlyntr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG73wUgyiQHYVGuR6X%2FtEx0KBEcIBHX4o4iTpqD%2F0sFRCUI4uHHVwuqU2RM%2F7ymUiwdhgQmO8LrZvLh2zUlwN%2BjVjDQbAymWryZzFCwsjyhrYiYNrxPNbwd3WUOZ53Cd3jPEeek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe3fdbb33b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zS9LQpQjq7E
IP
Hash 25390cf3c12981eaf3dfd85a8c68598e
543bd08b6eadedd122c3173be79cdbed6bde6d00
87682f755d290d90603accae3fbdbf564fc831124d1b3e727f4fc199c4c540ba
POST /s/gts1p5/zS9LQpQjq7E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/imageads/019.gif
200 OK 850 kB URL HTTP/2 megaup.net/imageads/019.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 850 kB (850157 bytes)
Hash 0e0a55692c2025b89cacce57763ff238
0ed0db48a99f5d1ead8793e9d9e21563ee5b4ee3
1e0cce373f323d981dc4463f1c2920962ca348667296dd94f2f9d2a91b34b988
GET /imageads/019.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: image/gif
content-length: 850157
last-modified: Thu, 02 Aug 2018 19:16:52 GMT
vary: Accept-Encoding
etag: "5b6358a4-cf8ed"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/sNFRMQnJXOyIkTUA9KH9KBmF1c0MSPj8tHERpPgNLYSZ6EiRYbTsmVEAuKH9CEjgtLBUJciksEQllaiMWVml4ZAZEOyd/B1owKSQbWjEoZAdVaSEtCF04ICNXBhJ5bEIRZnxqBV06KC0FR3F+chxAcX5yQwR6fGdBdnF+cgVdOnp2VwcWaXBCTGJ4Z0F2cX-5yAEJxfwNDBGFiclsRZnwlF1c/I2dAcmZ8c0IEZXxzVwZkKisAUTIjOlcGEn1yRxpkajdPBQ
200 OK 364 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/sNFRMQnJXOyIkTUA9KH9KBmF1c0MSPj8tHERpPgNLYSZ6EiRYbTsmVEAuKH9CEjgtLBUJciksEQllaiMWVml4ZAZEOyd/B1owKSQbWjEoZAdVaSEtCF04ICNXBhJ5bEIRZnxqBV06KC0FR3F+chxAcX5yQwR6fGdBdnF+cgVdOnp2VwcWaXBCTGJ4Z0F2cX-5yAEJxfwNDBGFiclsRZnwlF1c/I2dAcmZ8c0IEZXxzVwZkKisAUTIjOlcGEn1yRxpkajdPBQ
IP
File type ASCII text, with very long lines (472), with no line terminators
Hash 94a5eda7aac582622a969c38c9e028c5
885b38546ce30b47412cb826ddea093a354212ba
ef12ed246691f54f31574490f95fdb7b42d42a7e0cecc7a9f3c3ab152f7bb3ff
GET /sNFRMQnJXOyIkTUA9KH9KBmF1c0MSPj8tHERpPgNLYSZ6EiRYbTsmVEAuKH9CEjgtLBUJciksEQllaiMWVml4ZAZEOyd/B1owKSQbWjEoZAdVaSEtCF04ICNXBhJ5bEIRZnxqBV06KC0FR3F+chxAcX5yQwR6fGdBdnF+cgVdOnp2VwcWaXBCTGJ4Z0F2cX-5yAEJxfwNDBGFiclsRZnwlF1c/I2dAcmZ8c0IEZXxzVwZkKisAUTIjOlcGEn1yRxpkajdPBQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 364
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _QX8GHi-F180NGE8YRO7Mj6_L--4SuUqI8fOyJls-4VbOaZdvbzFJA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/7NzRvNHZUWwFSSUNdCwlBAQVeDEARXhxbGEcJPlYCdV0cZh1eejUSAk1QUgRQW1UBU0sRUQFXSwYSDlAUCgBJQAZYX1JCBk5YGEwDU1IEEgNWCQJbDF5YA1VTBXJaGkYSBl8cAV5aC1sBRBFdBBhDEV0ERwcaXxFFdRFdBAFeWlkAUwR2SgZGTwJbEUV1EV-0EBEERXHVHBwFBBF8SBl9TE1RfABFEcQZfBUYHBV8FUwUECV0EUlIATFMFcl4EQxkESUFLBg
200 OK 592 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/7NzRvNHZUWwFSSUNdCwlBAQVeDEARXhxbGEcJPlYCdV0cZh1eejUSAk1QUgRQW1UBU0sRUQFXSwYSDlAUCgBJQAZYX1JCBk5YGEwDU1IEEgNWCQJbDF5YA1VTBXJaGkYSBl8cAV5aC1sBRBFdBBhDEV0ERwcaXxFFdRFdBAFeWlkAUwR2SgZGTwJbEUV1EV-0EBEERXHVHBwFBBF8SBl9TE1RfABFEcQZfBUYHBV8FUwUECV0EUlIATFMFcl4EQxkESUFLBg
IP
File type ASCII text, with very long lines (835), with no line terminators
Hash 6d1a0445fd1f6d804131250b577b28c8
86784a98ac1088f5239a3431cf6fe631acece7d5
a6bb771ba50ae6f63862893a067ae4a8db68dfabe555174291c3fe13b37da5e7
GET /7NzRvNHZUWwFSSUNdCwlBAQVeDEARXhxbGEcJPlYCdV0cZh1eejUSAk1QUgRQW1UBU0sRUQFXSwYSDlAUCgBJQAZYX1JCBk5YGEwDU1IEEgNWCQJbDF5YA1VTBXJaGkYSBl8cAV5aC1sBRBFdBBhDEV0ERwcaXxFFdRFdBAFeWlkAUwR2SgZGTwJbEUV1EV-0EBEERXHVHBwFBBF8SBl9TE1RfABFEcQZfBUYHBV8FUwUECV0EUlIATFMFcl4EQxkESUFLBg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 592
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XlDmUnPikNRNBOxHVq9hZbJK0UYKHZDcs1PRO3nDu6fnMkfHFmDtSQ==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/gN2xmSHZUAwguSUMFAnVOAFpVeU4RBhUnGEdRASs5XB0NACZdIhMxEE1KEjISClxAJBdZC1tuE1kPW3lQVggEdUIRGBYnHQoaFjEaQBQTLBBcShMpS1oDHCEaWw1DejACQlZtRAdEESEYUwMRO1MFXAg8UwVcV3hYB0lVClMFXBEhGAFYQ3s0El5WMEADSV-UKUwVcFD5TBC1XeEMZXE9tRAcLAysdWElUDkQHXVZ4RwddQ3pGUQUULRBYFEN6MAZcU2ZGERlbeQ
200 OK 455 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/gN2xmSHZUAwguSUMFAnVOAFpVeU4RBhUnGEdRASs5XB0NACZdIhMxEE1KEjISClxAJBdZC1tuE1kPW3lQVggEdUIRGBYnHQoaFjEaQBQTLBBcShMpS1oDHCEaWw1DejACQlZtRAdEESEYUwMRO1MFXAg8UwVcV3hYB0lVClMFXBEhGAFYQ3s0El5WMEADSV-UKUwVcFD5TBC1XeEMZXE9tRAcLAysdWElUDkQHXVZ4RwddQ3pGUQUULRBYFEN6MAZcU2ZGERlbeQ
IP
File type ASCII text, with very long lines (598), with no line terminators
Hash bfdc32b1baa85af03f67b43e2f2ae377
e5941bac62fea58ae27b70ae17a8d472d979f769
fb2c4c81567cd8d257a36f9311fcd38afb7b75fe2d32d5c47a52a51aef7ccfda
GET /gN2xmSHZUAwguSUMFAnVOAFpVeU4RBhUnGEdRASs5XB0NACZdIhMxEE1KEjISClxAJBdZC1tuE1kPW3lQVggEdUIRGBYnHQoaFjEaQBQTLBBcShMpS1oDHCEaWw1DejACQlZtRAdEESEYUwMRO1MFXAg8UwVcV3hYB0lVClMFXBEhGAFYQ3s0El5WMEADSV-UKUwVcFD5TBC1XeEMZXE9tRAcLAysdWElUDkQHXVZ4RwddQ3pGUQUULRBYFEN6MAZcU2ZGERlbeQ HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 455
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DTX8V2Dn5YMeHRwJaM_4n456-EQd_WNPIoV5KLBvxvtiMhXc4sf5zQ==
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:43 GMT
etag: "62de65cf-289"
expires: Thu, 22 Dec 2022 09:44:57 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1165589
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qx%2FesBHwpLm0t0%2Bg82YfCfiqDtDeuXcmcUveuJOxFBn4sQv9i1KMIb%2FR0KmQalIt7cfha2P%2FtPHvH8IzRXqXInHhFXYZDOyJkGSlLJIDzRImU75DLc%2BeT%2FsCZ82y7TvxTN6sdURK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774fe3ff1ef0b503-OSL
X-Firefox-Spdy: h2
cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
200 OK 15 kB URL HTTP/2 cdn.purpleads.io/video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003
IP
File type Unicode text, UTF-8 text, with very long lines (43435), with no line terminators
Hash 7992564beb8d8c7f661dfb295abd2505
262a7a41e2b966f02049730c087dc94b56457d18
92147ccd54504999d2651cca6e45d41a66fefece750eeb78995d18d2343a5dfc
GET /video-agent.js?publisherId=3cbb0201d97a2713cdc7b8284a6018c0:12ba07f36ad75faf8474b45232c34095e60db9bba8b910c63bd25a84dbe49b2358fc816c33104b67ff752f6837ddf9f037b306459421d61f484a6dfbf846a003 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 15029
date: Mon, 05 Dec 2022 10:08:39 GMT
last-modified: Sun, 04 Dec 2022 13:54:31 GMT
etag: "7992564beb8d8c7f661dfb295abd2505"
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wQHYZY4PMt9GmPTWYYJH2nNoLzxBbpQpTL5oaX3IiJwFlVR4wDKe1Q==
age: 40988
X-Firefox-Spdy: h2
cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
200 OK 20 kB URL HTTP/2 cdn.purpleads.io/agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
IP
File type Unicode text, UTF-8 text, with very long lines (65394), with no line terminators
Hash 0ea10dcf30115ab829d02f7922851149
58fec21d69c868b403a7129080f057524344ddc3
b560d2d6391d2e7c59a2ffe3839168beca0ac863020499c0f2ccaccd28b2fd99
GET /agent.js?publisherId=70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655 HTTP/1.1
Host: cdn.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 19592
date: Mon, 05 Dec 2022 10:08:40 GMT
last-modified: Mon, 05 Dec 2022 10:08:31 GMT
etag: "0ea10dcf30115ab829d02f7922851149"
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NQV37W8rp4rRSvvmfq_DT2VLGeVbAAcX1Xwcl8YWfh1nr-0WFRYVdg==
age: 40987
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/zc0tmVDIQJAgyDQciAmkLR3JeYgZVIRU7XAN2FyVzSiFeBwIBEjMDFAcxAmkCVScHOlVObQM6UU56QDVWEXZSckcSdgs7SBonCjUXQQ1TegJWeVZ8RRolAjtFAG5UZFwHblRkA0NlVnEBMW5UZEUaJVBgF0AJQ2YCC31ScQExblRkQAVuVRUDQ35IZBtWeV-YzVxAgCXEANXlWZQJDelZlF0F7AD1AFi0JLBdBDVdkB117QCEPQg
200 OK 190 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/zc0tmVDIQJAgyDQciAmkLR3JeYgZVIRU7XAN2FyVzSiFeBwIBEjMDFAcxAmkCVScHOlVObQM6UU56QDVWEXZSckcSdgs7SBonCjUXQQ1TegJWeVZ8RRolAjtFAG5UZFwHblRkA0NlVnEBMW5UZEUaJVBgF0AJQ2YCC31ScQExblRkQAVuVRUDQ35IZBtWeV-YzVxAgCXEANXlWZQJDelZlF0F7AD1AFi0JLBdBDVdkB117QCEPQg
IP
File type ASCII text, with no line terminators
Hash d914b6f7f32af659ddd37f6d466dcf2f
6a8986ee0fe41129c37a5f5963415b79cebfdd78
68036f297146d3688a981d427f2f5d17704cee7a1f88592d7aac5872b948016c
GET /zc0tmVDIQJAgyDQciAmkLR3JeYgZVIRU7XAN2FyVzSiFeBwIBEjMDFAcxAmkCVScHOlVObQM6UU56QDVWEXZSckcSdgs7SBonCjUXQQ1TegJWeVZ8RRolAjtFAG5UZFwHblRkA0NlVnEBMW5UZEUaJVBgF0AJQ2YCC31ScQExblRkQAVuVRUDQ35IZBtWeV-YzVxAgCXEANXlWZQJDelZlF0F7AD1AFi0JLBdBDVdkB117QCEPQg HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 190
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yc7ANPWw_fcKN2FsmUnFWOCehkpF2msEfAhvVnanxkihwME54rMhAA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/uR0d6b2okKBQJVTMuHlJdcXNLW1thLQkABDd6KiwAIxQNJBMmEhUrTDM9HlJaYSsbAQ16YR8BCXp2XA4OJXpOSR43KBFSHDc+FhgSMiMcBEwyJkcCBT0uFgMLYnU8WkR3YkhfQjAuFAsFMDRfXVopM19dWnZ3VF9PdAVfXVowLhRZXmJ0OEpYdz9MW090BV-9dWjUxX1wrdndPQVpuYkhfDSIkEQBPdQFIX1t3d0tfW2J1SgkDNSIcABJidTxeWnJpSkkfenY
200 OK 599 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/uR0d6b2okKBQJVTMuHlJdcXNLW1thLQkABDd6KiwAIxQNJBMmEhUrTDM9HlJaYSsbAQ16YR8BCXp2XA4OJXpOSR43KBFSHDc+FhgSMiMcBEwyJkcCBT0uFgMLYnU8WkR3YkhfQjAuFAsFMDRfXVopM19dWnZ3VF9PdAVfXVowLhRZXmJ0OEpYdz9MW090BV-9dWjUxX1wrdndPQVpuYkhfDSIkEQBPdQFIX1t3d0tfW2J1SgkDNSIcABJidTxeWnJpSkkfenY
IP
File type ASCII text, with very long lines (832), with no line terminators
Hash 55e5c9b98eecd5524648019f34109edb
d19d6396a22f4a8807cbfeb4ee885154289b9293
b4f42e826ecaa64d706790037b5210408379cf9514f783da2cad99f86c24398d
GET /uR0d6b2okKBQJVTMuHlJdcXNLW1thLQkABDd6KiwAIxQNJBMmEhUrTDM9HlJaYSsbAQ16YR8BCXp2XA4OJXpOSR43KBFSHDc+FhgSMiMcBEwyJkcCBT0uFgMLYnU8WkR3YkhfQjAuFAsFMDRfXVopM19dWnZ3VF9PdAVfXVowLhRZXmJ0OEpYdz9MW090BV-9dWjUxX1wrdndPQVpuYkhfDSIkEQBPdQFIX1t3d0tfW2J1SgkDNSIcABJidTxeWnJpSkkfenY HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lameterthenhep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 599
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0tzXVf3vlUv8rWg72Fp19FckzVJFzzD4yUBxv4Lr1iP9GEe71AcDiA==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=f269b7ae489343cb9491bdad2ed5eeea&p=61&g=NO&token=4a44335432&tbg=1670275906
200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=f269b7ae489343cb9491bdad2ed5eeea&p=61&g=NO&token=4a44335432&tbg=1670275906
IP
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=f269b7ae489343cb9491bdad2ed5eeea&p=61&g=NO&token=4a44335432&tbg=1670275906 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeLFKxl8rp9QxMuJdp3Z9l7HWSvdPu8uYKieNCmgBn%2BmEGZ7ROV36ayqDs4fk5wbThpLClefyspKW%2FCpPymyd0bQ1sNPWWbZq51PnPxl3bFzsLYje0uMIZaBZkOpq9MdWRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe3ff1effb503-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 280 B IP
Hash fe81538e07b7c219a0618e8bc273b676
e81a88a41f02c8ed7e7ce9bae321be31c467509b
55ca09955297fe3f54eb5025f0818765fb440ccdbc6586bab872cf51f61f5e08
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:46 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 21:53:51 GMT
Expires: Fri, 09 Dec 2022 21:53:50 GMT
Etag: "e81a88a41f02c8ed7e7ce9bae321be31c467509b"
Cache-Control: max-age=346323,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774fe3ff1bd80b65-OSL
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a5cb85b1ac5aace4ca74b40ebb1b8209
ab60ee9ca56b580e9252d4d8025fa6190808799e
8c651e358cd272e6bf83ea903d5f499d99731fbce2cbb290ba4c369467b97516
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C651E358CD272E6BF83EA903D5F499D99731FBCE2CBB290BA4C369467B97516"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5698
Expires: Mon, 05 Dec 2022 23:06:44 GMT
Date: Mon, 05 Dec 2022 21:31:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
200 OK 2.8 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
Hash dd68eae6c9ca4f4490cf49ccf6680def
674efd53b6c8ca3f4a41b637b5fb3475136a7545
abcf3e4952a73bb73aa6724b57632597db840b0d9cc26464b28db7e19bf86f47
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 05 Dec 2022 20:41:08 GMT
expires: Mon, 05 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 3038
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1166
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Last-Modified: Mon, 05 Dec 2022 21:12:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9d69ff04990cf145fb9c990ef594df3c
620b60961007c43da93fd24ff8bfade06943b926
aa36a39ff7e1724a518c35f6dcd1e9a8ff0526b9a57aecc097cfb7e38cdab728
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lameterthenhep.com/utx?cb=Lyrwoj6rE4s3&top=megaup.net&tid=761186
204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?cb=Lyrwoj6rE4s3&top=megaup.net&tid=761186
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Lyrwoj6rE4s3&top=megaup.net&tid=761186 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 21:32:46 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 05SCHR_9VTFAGULmOJBKRhGCjs1cPBqWgdYH5tjopTf0-mqv8Ieozw==
X-Firefox-Spdy: h2
cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
200 OK 86 kB URL HTTP/2 cdn.psdn.xyz/prebid-video-7.22.0-2022-10-26.gz.js
IP
File type ASCII text, with very long lines (65020)
Hash 700d1de734b4979c4c3059b613e9d7b1
0a7d2ad10cba258cfc2e0376240852a4ae5f4012
2031fbefbf1b070dcf0ebb746438e628fdd59c7daac6952000ef9056b7294eb6
GET /prebid-video-7.22.0-2022-10-26.gz.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
content-encoding: gzip
content-length: 86507
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:24:00 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "700d1de734b4979c4c3059b613e9d7b1"
cache-control: max-age=31536000
x-amz-request-id: tx0000000000001178867eb-00635934f6-34c6886a-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670275906.dop202.sk1.t,1670275906.cds222.sk1.hn,1670275906.cds218.sk1.c
X-Firefox-Spdy: h2
lameterthenhep.com/utx?cb=aGYlzAx15t8F&top=megaup.net&tid=825911
204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?cb=aGYlzAx15t8F&top=megaup.net&tid=825911
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=aGYlzAx15t8F&top=megaup.net&tid=825911 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 21:32:46 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aHLF2jl053GmD5_wU0S5nHFrk7v7XIfXFvUZBIvs6y7EgSgKDaSsAQ==
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=457328272&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&ul=en-us&de=UTF-8&dt=FIFA.21.Ultimate.Edition.part09.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1727366808&gjid=325396873&cid=815758058.1670275904&tid=UA-108868042-1&_gid=827424546.1670275904&_r=1>m=2oubu0&z=1883900989
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=457328272&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&ul=en-us&de=UTF-8&dt=FIFA.21.Ultimate.Edition.part09.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1727366808&gjid=325396873&cid=815758058.1670275904&tid=UA-108868042-1&_gid=827424546.1670275904&_r=1>m=2oubu0&z=1883900989
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=457328272&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&ul=en-us&de=UTF-8&dt=FIFA.21.Ultimate.Edition.part09.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1727366808&gjid=325396873&cid=815758058.1670275904&tid=UA-108868042-1&_gid=827424546.1670275904&_r=1>m=2oubu0&z=1883900989 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://megaup.net
date: Mon, 05 Dec 2022 21:31:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 398 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 9cd181bb29065a2a789ad3d95094c61f
2e9ac8a6fc01c739833537667e6e9db93a498b88
719cdd3e097154133e71e34a057cc44cc079b6149a0911bf395b18c8db8bac72
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 21:31:46 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S587858966%3A1670275906725379&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtPxoW811rBNXwK_lTElRCT-Qe2OBRhzPTdy6tRC8jS7ccbRLLJFzz4IVASEaTPN0LcU_HMsQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-bwJcBdhBjCfkmHFKl7URCg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:d0iwgzNl9p39D0EvFTKH-Is1CNnW2g:t_T-3x4PSvcKumJy;Path=/;Expires=Wed, 04-Dec-2024 21:31:46 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP
File type ASCII text, with very long lines (2791)
Size 127 kB (126620 bytes)
Hash f641dae66d812e803cbfc91d689e2ea8
96372a7ba661528d13bc774536d04ab3e03b82d6
e78b718ac77697fbb92e88ac394141adc4e016830eb04d53279238cbcd65435b
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126620
date: Mon, 05 Dec 2022 21:31:46 GMT
expires: Mon, 05 Dec 2022 21:31:46 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 5e178f3b526edee352d9b28af2257f11
07b38a86e9afe9a3aa168eacb99ae717d54829f4
d9ecd0706d265906b70d78272c9ddeec7bc96e61f7e5554372d08e019a91e4ce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D9ECD0706D265906B70D78272C9DDEEC7BC96E61F7E5554372D08E019A91E4CE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6553
Expires: Mon, 05 Dec 2022 23:20:59 GMT
Date: Mon, 05 Dec 2022 21:31:46 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 5e178f3b526edee352d9b28af2257f11
07b38a86e9afe9a3aa168eacb99ae717d54829f4
d9ecd0706d265906b70d78272c9ddeec7bc96e61f7e5554372d08e019a91e4ce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D9ECD0706D265906B70D78272C9DDEEC7BC96E61F7E5554372D08E019A91E4CE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6553
Expires: Mon, 05 Dec 2022 23:20:59 GMT
Date: Mon, 05 Dec 2022 21:31:46 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 5e178f3b526edee352d9b28af2257f11
07b38a86e9afe9a3aa168eacb99ae717d54829f4
d9ecd0706d265906b70d78272c9ddeec7bc96e61f7e5554372d08e019a91e4ce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D9ECD0706D265906B70D78272C9DDEEC7BC96E61F7E5554372D08E019A91E4CE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6553
Expires: Mon, 05 Dec 2022 23:20:59 GMT
Date: Mon, 05 Dec 2022 21:31:46 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 5e178f3b526edee352d9b28af2257f11
07b38a86e9afe9a3aa168eacb99ae717d54829f4
d9ecd0706d265906b70d78272c9ddeec7bc96e61f7e5554372d08e019a91e4ce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D9ECD0706D265906B70D78272C9DDEEC7BC96E61F7E5554372D08E019A91E4CE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6553
Expires: Mon, 05 Dec 2022 23:20:59 GMT
Date: Mon, 05 Dec 2022 21:31:46 GMT
Connection: keep-alive
dmmzkfd82wayn.cloudfront.net/
200 OK 73 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/
IP
File type ASCII text, with no line terminators
Hash de37377b72195a4f064edf7ec8a76676
ed544d5b6a37acad78498099407c648a93316ddb
b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
GET / HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 73
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0SNYCS6VavdRYt-fJwnOcUnJHfNcAa_hC2aSGzxGvucvRAkL-zSVPA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash cef21c9040639806ca3db76e37e20383
730561dd7b53b211e53528aa85c54ffafdb1b57f
56c2df4f42a73ace4f2cb7bd7fb64fe35d120fd1fca6ecbde81a13964e315bff
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 21:31:46 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1442347414%3A1670275906782928&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvByVEDNG0UUy5QlDupc28Sn_n7UAnz2tdX_cjg_FljQbn8quUTKn0b-1AOWWDEiF-TYcmNgQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Xq6OpqM-EKw1ub1JpurHkw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:1ShkwdtFlM_AjDCHc9JU3SyBTy2H0w:NLboz7bNQJex59jj;Path=/;Expires=Wed, 04-Dec-2024 21:31:46 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lameterthenhep.com/utx?cb=Hldz0gMIkAii&top=megaup.net&tid=764141
204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?cb=Hldz0gMIkAii&top=megaup.net&tid=764141
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Hldz0gMIkAii&top=megaup.net&tid=764141 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 21:32:46 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jfQdkDr-C58NyjtpRnCgDyP47uEnNHiuygmxyrhPJkwXCSDZE_Kq_A==
X-Firefox-Spdy: h2
lameterthenhep.com/utx?cb=LhOn0RxuOYf4&top=megaup.net&tid=876318
204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?cb=LhOn0RxuOYf4&top=megaup.net&tid=876318
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=LhOn0RxuOYf4&top=megaup.net&tid=876318 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:46 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 21:32:46 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cpb6NpwDDJ2Wck7e6iYOvTr6AetX1Hn6MgWPJjgeeNPtV_G3HT651w==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1166
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:46 GMT
Last-Modified: Mon, 05 Dec 2022 21:12:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 5e178f3b526edee352d9b28af2257f11
07b38a86e9afe9a3aa168eacb99ae717d54829f4
d9ecd0706d265906b70d78272c9ddeec7bc96e61f7e5554372d08e019a91e4ce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D9ECD0706D265906B70D78272C9DDEEC7BC96E61F7E5554372D08E019A91E4CE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6553
Expires: Mon, 05 Dec 2022 23:20:59 GMT
Date: Mon, 05 Dec 2022 21:31:46 GMT
Connection: keep-alive
lameterthenhep.com/utx?tid=832633&top=megaup.net&cb=EbBxQ6JzGefL
204 No Content 0 B URL HTTP/2 lameterthenhep.com/utx?tid=832633&top=megaup.net&cb=EbBxQ6JzGefL
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=EbBxQ6JzGefL HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:47 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 05 Dec 2022 21:32:47 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BejdRzNCzKUg9302ct7zu0ZtUWjN5JjrpgwVcLQQ-0fgqkRKj0uTxQ==
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1670275903750
200 OK 124 B URL HTTP/2 api.purpleads.io/x/init?ts=1670275903750
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b5a86d7e14f6e2dd578bcd6ddaaca404
25129bd8a3e982f30d3034dc8fd9abd5622f82af
623929a9761653d9cf8b8c822bdc66bc3c7d5ca7ec800a7f0d6d77292f4ea0cb
GET /x/init?ts=1670275903750 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.3.2
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0L1RpczYvRklGQS4yMS5VbHRpbWF0ZS5FZGl0aW9uLnBhcnQwOS5yYXI=
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/json; charset=utf-8
content-length: 89
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: ab97dcc4-5b22-4a56-827d-fca84f90e8e0
etag: W/"59-wf/bp/+Cw03eNhYKAEF8JmndjTw"
vary: Accept-Encoding
X-Firefox-Spdy: h2
lameterthenhep.com/multi?cs=RW5Pd2V9X31OU3xdf0RVdlp%2FTlY&abt=0&red=1&sm=76&k=download%20file%20fifa%20ultimate%20edition%20part09&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Pg8Q=1670275904181&crc=1
200 OK 1.6 kB URL HTTP/2 lameterthenhep.com/multi?cs=RW5Pd2V9X31OU3xdf0RVdlp%2FTlY&abt=0&red=1&sm=76&k=download%20file%20fifa%20ultimate%20edition%20part09&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Pg8Q=1670275904181&crc=1
IP
File type ASCII text, with very long lines (3303), with no line terminators
Hash b960dd54fc24127d5cde5adce0cd0dbd
aa566d0bfd991718da07802ce3f1c05a7d796e9f
f609cf3f3594f2526f74b26f4fd11a5cc097318b6d8956a7779f738d2db43dfa
GET /multi?cs=RW5Pd2V9X31OU3xdf0RVdlp%2FTlY&abt=0&red=1&sm=76&k=download%20file%20fifa%20ultimate%20edition%20part09&v=1.0.60.1&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_Pg8Q=1670275904181&crc=1 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1629
date: Mon, 05 Dec 2022 21:31:47 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=d0e00f44-323a-4113-a887-d6d6d8a8810d
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7ABf9a4-OD_sijtjso1bI14tnqK_GV2WlDq-yaaOvBUCvyfc5G3UJA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 532 B IP
ASN #20940 Akamai International B.V.
Hash 6efed1d6764480acfe436ec8b83820e3
7470e619742607c315f01f5fb4ce235c61f87f1f
58a4054188537cb29946e4cdcb29f57470aeeb3793f5bc965044fcd03850de23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "130E7AD80CCDF5E3484884E61078FF2E36E3273EB21DAAAD5A14A295C8ED3723"
Last-Modified: Sun, 04 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9238
Expires: Tue, 06 Dec 2022 00:05:45 GMT
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00; _ga=GA1.2.815758058.1670275904; _gid=GA1.2.827424546.1670275904; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1054836
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPrpm8OUz7zXKq7WERBvwSHEmWH50oNBX60rXh87EtuvJ%2F7uyJoSPwRbbhDaIk0rKqx6zW%2FFVfxtFAN3aMinx18vludE4%2FODXd4Nk6mzfX3gHxRaAExIFsbgttZkT8Dz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774fe404aa2eb4f7-OSL
Content-Encoding: br
ocsp.digicert.com/
200 OK 279 B IP
Hash 7bd4a31b93fe1b8383986e8fce545cc1
4eac738efd518be7b909e7f641ac0f5c39adce04
d85398f4f00dbbb0679fa2a548ecdd9e5f55b99f6ce0c67bcd3ed2b25ecd40df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5515
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:47 GMT
Last-Modified: Mon, 05 Dec 2022 19:59:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
script.4dex.io/adagio.js
200 OK 23 kB IP
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1137435
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkPf6D57aZ%2BKNs5UiNxXxkq19xNmuBnXviuRPbAGUET7yDEQUZQOvkSoKi02aIGLvPzy7%2B3DIK8k%2Bq%2FRWVV%2Bo7uUBzcwu%2BbWTKpyI%2BB8VPM9b53LvXpFtRNnFiikAk8B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774fe404e928b527-OSL
Content-Encoding: br
lameterthenhep.com/floater?cs=M3k0NngGSgAHSQNJDAdKBEEEAUA&abt=0&red=1&sm=83&k=download%20file%20fifa%20ultimate%20edition%20part09&v=0.8.15.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_mU1L=1670275904178&crc=1
200 OK 6.6 kB URL HTTP/2 lameterthenhep.com/floater?cs=M3k0NngGSgAHSQNJDAdKBEEEAUA&abt=0&red=1&sm=83&k=download%20file%20fifa%20ultimate%20edition%20part09&v=0.8.15.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_mU1L=1670275904178&crc=1
IP
File type ASCII text, with very long lines (9955), with no line terminators
Hash 89b13b4c4a1b72bb62cffe5d5896f94e
5e29ff0220bc72f3772074f641231de59355a449
828eef98492a1a9becb9d9f0e6baeb9a1c13da004ab17abcda5bb64b9336f34f
GET /floater?cs=M3k0NngGSgAHSQNJDAdKBEEEAUA&abt=0&red=1&sm=83&k=download%20file%20fifa%20ultimate%20edition%20part09&v=0.8.15.0&sts=0&prn=0&emb=0&tid=825911&rxy=1280_1024&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&aa=oi1_&_mU1L=1670275904178&crc=1 HTTP/1.1
Host: lameterthenhep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 6551
date: Mon, 05 Dec 2022 21:31:47 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=e6d1e2e6-985e-45f7-821a-6b6fa1f91245
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6rSREIaVCEp6-WCy7rxbUrrUERDLLDK0ek6uMZmgdnW2HbfDyOdjLQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 45a560af2d1a64d1f4bd1133e109612f
636beffd6cba7a6a53c7e742f9853524072a6d69
8af93f3cefa029d0b8f944881704f9b1dcf040b1b6d26bbb8dfd9ae0ef8b1f83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AF93F3CEFA029D0B8F944881704F9B1DCF040B1B6D26BBB8DFD9AE0EF8B1F83"
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Mon, 05 Dec 2022 22:38:24 GMT
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
cdn.psdn.xyz/prebid-7.22.0-2022-10-26.js
200 OK 110 kB URL HTTP/2 cdn.psdn.xyz/prebid-7.22.0-2022-10-26.js
IP
File type ASCII text, with very long lines (64899)
Size 110 kB (110489 bytes)
Hash 57c01fea38b0b55be8f8695b6c4988ff
4032cfd77db4cefcc38aedac4b9bbf9f4c51639e
b9f42206a1196365d65749aa3bececd05e35895c8608e7553d358132987191f9
GET /prebid-7.22.0-2022-10-26.js HTTP/1.1
Host: cdn.psdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
content-encoding: gzip
content-length: 110489
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 13:07:08 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "57c01fea38b0b55be8f8695b6c4988ff"
cache-control: max-age=31536000
x-amz-request-id: tx00000000000010ab6e820-006359394f-34c5ae65-nyc3b
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670275907.dop202.sk1.t,1670275907.cds222.sk1.hn,1670275907.cds204.sk1.c
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&ts=1670275904005
200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&ts=1670275904005
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/b/?idx=0&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&ts=1670275904005 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 987e4a3a-b81d-44b5-9662-18f05f26118f
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1136
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 05 Dec 2022 21:31:47 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ntheworldw.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 382
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 3ff156271ecc48b8e18a7505ed2e57d4
1560c0f537b833fd78154ca56b27657d539a30ce
d2e2b7d43e6ec7239e9024bcd5a061a370535a5c537f52e7accccf0d0567c485
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 834
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
AN-X-Request-Uuid: e7ea15fb-73aa-47b1-9299-7ca8489f8543
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6456
Expires: Mon, 05 Dec 2022 23:19:23 GMT
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 85412
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 85146
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 84526
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 85666
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 111 kB IP
Size 111 kB (110715 bytes)
Hash 638d467ed87cc299e71cfb347127bbc8
f92d09efc2a69d5f12b0e5f22fb069523010764e
ea449356e8b4d371cc74d62bbe5a3668489f3cc8ba208e36340334b9ba440a31
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BNPYr3i%2FL9eROCqi3f49a8RXxLYqN31rdSepbJHpavM4Y8PPQRXngI4s2Jm124WA1AR4YUgEujwfDYWO0ihdngCvuNYIEIgfh3sQcA%2F2xVw9uyZYlysxRXEToniqrJQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe40199a3071e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1054836
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmESh9OaO9QKR0GobjGSYkaZoxx4iJjs0xGdTIwb2m9Y9fR%2FV%2Faf6K%2BrME8kjBuGxKsM10KyDJYdp%2FFLOgPWCGLZYDHEftdqpW6nU1V6GrCixIIIci%2B%2Fa4gfFRIRA7HR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774fe4061c5fb4f7-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PGz98Kv7xrcdfvzwMFbA9V206DdlXitB-Xk8dllnaLlk1QMhZZEs9Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:04 GMT
age: 84523
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 501 B IP
File type ASCII text, with no line terminators
Hash a96f266e42cdf7dddb4ab025bf6792e6
cc5444a6641dd096445a6257ae72b1e04086e0e4
32bcce85d1f7cd1c2ca409c2bd515b0c29d7ce1c24d8a3d4133b635b7cce0a47
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: text/plain
set-cookie: csu=1779066088414579@1@1670275906; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FQxoFNN4L0qm1IcD%2BCTv68Ktv%2BsB%2Fx11VXNIE0PhXU5l36yqNfM0YVohC%2B%2B1ZT8A68jz2urXDpCSeRqr5PnWDBXKyEE18uRx%2FW143msva9WWbIeAdSsrQNsb2VxiYR8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe40199a5071e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1010
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, private, must-revalidate
date: Mon, 05 Dec 2022 21:31:46 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b0d5f7eb2d849f7dbaa84f3694c08e12
7fb4b8686b41c7186f740c431d66216f88d8f635
db2787930691bbd4d378faa56c1d9eb511edf400eb4cba874766e13878069a7b
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 983
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
AN-X-Request-Uuid: 5c600413-3466-4ccb-96d5-53f00ca948c1
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
script.4dex.io/adagio.js
304 Not Modified 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
x-amz-id-2: dOiiTtiPLhGmcsmNBt0jZ1duXkkbJlTuZvRlN+aronrZIFb3Z/0/X80dBYCPZGT3qBvEJe+8wr4=
x-amz-request-id: DC3YQNPP1H3TAVZD
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1137435
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K103XSpLzTS%2BZzOQMbA9oYvjkZ3MI88X%2F5vbN2k%2BwvYJ%2BaLkhQPd9hj6dBc%2ByTyzfWb5e95VlwBqiYDZLLR1H6WEa%2FIv%2Bjy3TvpRWbgSyrRMpNL0MMQvgDDmc3VGN9Vu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774fe4069af4b527-OSL
mp.4dex.io/prebid
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1980
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774fe4065db2b511-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash eeda3604908166775b47b9e4d9944b36
6702a1c3fcf5f79a8c142c7f4dea561eee59f3a4
95246d818d8868920fb8922acac422f78286362814ed6c4ad75451c74abdf165
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4403
Cache-Control: max-age=108062
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:47 GMT
Etag: "638d552e-1d7"
Expires: Wed, 07 Dec 2022 03:32:49 GMT
Last-Modified: Mon, 05 Dec 2022 02:19:26 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 332921147ce2c4900737e94a727245e5
5541913d80e07db785708a394e9e0fed212227da
6a03c7de26b10f1761aaaba9f3af5568ec45e7c986a5e90b8f667af953a870fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4858
Cache-Control: max-age=108140
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:31:47 GMT
Etag: "638d53b5-1d7"
Expires: Wed, 07 Dec 2022 03:34:07 GMT
Last-Modified: Mon, 05 Dec 2022 02:13:09 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a76195c327e24a6bbde147e87dd13e87
1bf2c34ddbb4ae77191c4042e508e1e20f4aabfb
710f409e159083f2c2df90b250fd12a36875c3fbbd9b53a93bdbe1a7c115293c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "710F409E159083F2C2DF90B250FD12A36875C3FBBD9B53A93BDBE1A7C115293C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7013
Expires: Mon, 05 Dec 2022 23:28:40 GMT
Date: Mon, 05 Dec 2022 21:31:47 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 47b385abd0350f2068c3e97294ba7933
44a4d7270f6948106cf3c910ecf99742b89dad5a
95c99aa47761b292309183cec1c3351e778da912c61e96156ebdaca881eb8e51
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151900
Date: Mon, 05 Dec 2022 21:31:47 GMT
Etag: "638dff25-1d7"
Expires: Wed, 07 Dec 2022 15:43:27 GMT
Last-Modified: Mon, 05 Dec 2022 14:24:37 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g4RB5RR524m340Fpqv6EKZCe3F7kC9BDPMHHCMtQlGM4GagnVZZjyw==
Age: 4730
b1h-euc1.zemanta.com/api/bidder/prebid/bid/
204 No Content 0 B URL HTTP/1.1 b1h-euc1.zemanta.com/api/bidder/prebid/bid/
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 534
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
prebid-eu.creativecdn.com/bidder/prebid/bids
204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 456
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 21:31:47 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.8851516360254501&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar
200 OK 63 B URL HTTP/2 pbjs.e-planning.net/hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.8851516360254501&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar
IP
ASN #49981 WorldStream B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash e42fa16b70b901e3ebd7bdcdbe9a700b
347d67a79ec376313ce3ed24e47545d0f243d09b
1bd2cc7014a81b95de8cd39a139d2053216fb7a5bee9bddce9e9344361799b04
GET /hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.8851516360254501&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Content-Type: text/plain
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/json
access-control-allow-credentials: true
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires: Mon, 05 Dec 2022 21:31:47 GMT
content-length: 63
access-control-allow-origin: https://megaup.net
cache-control: max-age=0, no-cache
x-sid: AMS-928
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 732da84d0f02b079717f6196a91b0cbf
4aa26ee061153de217cd0098217e5f0b9a19e48c
80a09e5996432d95c843d9cdedc5e2ce3a2b7d42936674b76524af0f54de7142
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 21:31:47 GMT
Last-Modified: Mon, 05 Dec 2022 20:01:40 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dQ9XT6PEgTZs2TDlWD7cthLDATiNr7Y6Alumr3XdgHkru0NVJWy4Lw==
Age: 5407
hb.minutemedia-prebid.com/hb-mm-multi
200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP
File type JSON data\012- , ASCII text
Hash 40236165ccf5b352195387bd420a6ce4
746ae8efc9e0bf8fe04414e41153406bd16e964b
afbaae8353fc71ff735580be7c0bca7cc4f2f900d294876227159beed33b8ce9
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1016
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://megaup.net
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
hb.minutemedia-prebid.com/hb-mm-multi
200 OK 105 B URL HTTP/2 hb.minutemedia-prebid.com/hb-mm-multi
IP
File type JSON data\012- , ASCII text
Hash 780ca280c7ecf36ed9285e6c6209620c
abba6c1957ceb3e8ce28803e167620f49ea97b3c
6779634aa0adbcbc7a67e882b4f46a1821aeb800a2f4297b71afe939a1654d8c
POST /hb-mm-multi HTTP/1.1
Host: hb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1030
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/json
content-length: 105
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://megaup.net
x-reason: gdpr is not applied
X-Firefox-Spdy: h2
ntheworldw.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 353
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&tmax=3000
200 OK 19 B URL HTTP/2 tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&tmax=3000
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a548f7b55db665b1df71a33a2bee47a7
4f88e5b6a18226d7207f1458b0b83e428dbf9898
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
POST /header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&tmax=3000 HTTP/1.1
Host: tlx.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 509
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/json; charset=utf-8
content-length: 19
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ntheworldw.buzz/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?demand=unifiedPb&ts=1670275905105
200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?demand=unifiedPb&ts=1670275905105
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /x/v/?demand=unifiedPb&ts=1670275905105 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 7959de9e-38eb-4dd9-9fb6-f838832f85df
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash a3c9679236e68e323a0f63bdba404745
c378193fe82679178d947e5b02a5f3c1d052313d
f09384df5ffcae048ae1a647747e51318c2ceb1caf7e418966e494d5ed358f8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:34 GMT
Expires: Sun, 11 Dec 2022 12:04:33 GMT
Etag: "c378193fe82679178d947e5b02a5f3c1d052313d"
Cache-Control: max-age=483764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774fe40ab90a0b65-OSL
c.adsco.re/
200 OK 27 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 4dd9f0b11c79a25739d8109e29c607d8
4ce1cc86d9b0f2e861080b903c9f555c154e9e88
34a78297ab464a6af199e6d80b46bf41d2d3ed366c42644d6982a5c45aa42432
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:48 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 05 Jan 2023 21:31:48 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 99422
vary: Accept-Encoding
server: cloudflare
cf-ray: 774fe40b0ccab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=1&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&demand=unifiedPb&ts=1670275905305
200 OK 122 B URL HTTP/2 api.purpleads.io/x/b/?idx=1&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&demand=unifiedPb&ts=1670275905305
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1edbc68da9ebf1950f16a3655a5423a4
e2f5c0a407f493f01939c527964e2ef3fae7a875
0f3aa3ab60fe1c412be5845595d7533da3a407623f95a0c28225f6c137582035
OPTIONS /x/b/?idx=1&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&demand=unifiedPb&ts=1670275905305 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:48 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 063cf579-dc2f-4cb1-851f-e1dcc854aacf
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
200 OK 3.0 kB URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (8746)
Hash c31a3191f58521c95d4375dfcb1f1ce8
d95b94d5bad388bc9a2e12b0259e12d621fb5ef6
126e20d2ac171f42a7eeb654d4df5bffb36fde6aa9a3cf86c25d089bf6b01f3f
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
4.adsco.re/
200 OK 62 B IP
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 08a3e822214b32468eb7c31f331ac3c6
02e3e5f3f47e8bcc2c1b19d100f1950712013432
bd55f2aa440819e7109b29cf14b17918058e57beee8c794e06a9df082f3582ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD55F2AA440819E7109B29CF14B17918058E57BEEE8C794E06A9DF082F3582FF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8506
Expires: Mon, 05 Dec 2022 23:53:34 GMT
Date: Mon, 05 Dec 2022 21:31:48 GMT
Connection: keep-alive
qkg63m6fy8js.n4.adsco.re/
200 OK 0 B URL HTTP/1.1 qkg63m6fy8js.n4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: qkg63m6fy8js.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:48 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
200 OK 130 B IP
File type ASCII text, with no line terminators
Hash de8f12b06269733bdd135daf757cc067
1660b599ad5babbf56a92059411342c868e946e7
fa4d0f38f6374f54e818eeb0cfc358db80d47d80203757884c8edf444cd8eada
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Length: 1966
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2ac700f4345b8a632a29fa9fd8dceee
4a5924b0a38471ee69b22e6f801641d56062311b
ca893ca35eb16dceef8e0754927fb6579daa6b41d30ddf264b8b80b81832f9fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA893CA35EB16DCEEF8E0754927FB6579DAA6B41D30DDF264B8B80B81832F9FE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11169
Expires: Tue, 06 Dec 2022 00:37:58 GMT
Date: Mon, 05 Dec 2022 21:31:49 GMT
Connection: keep-alive
static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
200 OK 500 kB URL HTTP/2 static.a-ads.com/a-ads-banners/426618/300x250?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Size 500 kB (499628 bytes)
Hash e4eb2c4ec1794d4e05b77ec20607b881
4abdedcc14882e200a685cfd4240e69c60732aea
4f2c5f4d5efd47fd8d0fc9e0ceca3d637d907a682b748102378c2aa677395efe
GET /a-ads-banners/426618/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: image/gif
content-length: 499628
x-amz-id-2: 1RFZjfhVzhjXjfpb+N9U99N7Q5K1I1E1aJEdudB8+w82W/IoT/0fUvLweOJEwuLMbqOvJm7M/qA=
x-amz-request-id: KZEQXFYG02F1PQ3M
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 16:37:46 GMT
etag: "e4eb2c4ec1794d4e05b77ec20607b881"
cache-control: max-age=315360000
x-amz-version-id: aMmfct8jferkXctt.IjET.eVL2M61OoN
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
engine.4dsply.com/verify?sig=BAYAY45jRQFjjmNFgAGBAcAAIAuG5Kz0aw7RiuQYgQkcTLGBKHqNI7Wt7AIN8tp_8BQbwQAgN0jaIlmTPEP1WY--YHfOL4r0M16pdL05Mk3JLtYkjwk
200 OK 17 B URL HTTP/2 engine.4dsply.com/verify?sig=BAYAY45jRQFjjmNFgAGBAcAAIAuG5Kz0aw7RiuQYgQkcTLGBKHqNI7Wt7AIN8tp_8BQbwQAgN0jaIlmTPEP1WY--YHfOL4r0M16pdL05Mk3JLtYkjwk
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f9bf086d73f8b7cc483324aedb224ed0
be03b282679354a90df7b59b4c92da6e8caeaccc
39ca3c85734717cf31f55ab2e7d04d8ad2438a3bd9f6f46fae350d12506b4699
GET /verify?sig=BAYAY45jRQFjjmNFgAGBAcAAIAuG5Kz0aw7RiuQYgQkcTLGBKHqNI7Wt7AIN8tp_8BQbwQAgN0jaIlmTPEP1WY--YHfOL4r0M16pdL05Mk3JLtYkjwk HTTP/1.1
Host: engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:49 GMT
content-type: application/json
content-length: 17
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
x-adscore-status: bot
vary: Accept-Encoding
server: cloudflare
cf-ray: 774fe411cdc7b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
200 OK 62 B IP
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
qkg63m6fy8js.s4.adsco.re/
200 OK 0 B URL HTTP/1.1 qkg63m6fy8js.s4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: qkg63m6fy8js.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:31:49 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc5c3b63f06cc0b63a75d28961c0bc5b
0276b49e1d0bc604e0c8c5f27011197bc316eeb8
b6992f87f478ef0c2325dfc1b1c63244a1048a6e4355e51fbdd50ddef6a21f61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6992F87F478EF0C2325DFC1B1C63244A1048A6E4355E51FBDD50DDEF6A21F61"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11889
Expires: Tue, 06 Dec 2022 00:49:58 GMT
Date: Mon, 05 Dec 2022 21:31:49 GMT
Connection: keep-alive
imgdelnw.com/ie?v=4&c=GXpJBPOXmC2FOYVtAKVs_XTzQbO55YrIS2wyebufOXy_4sJWftjoShwSV-Gd400r_vR3J8nsyVBSTf0dzk17dVf5_KAMND7fWQXwgwUzMlSBPgxtcEpWul6hdOb89yA9TLo9J1ruNvAbV6IiTZnrtji0QAG40dUU9svZnWdAVq_1wdHZjN-gVaYFSqqv95O6D4F1MixgyTTYEJ_niAovcInhjvTMzbhMfq9vYHTYfZ1Rk0M1RHvGoS8Xl9PiVVVPVmLhL2iDAajUHLm7Hkr8RW8WkcUn00s78vxFkGRtLUIlynhYfbVY_VthZks-uCmI2zKgpwfrs-CEuYUe5dNjqi6xo0h5Sy6Z8ySexK4Aej8CxpTZtUcF9hKDzlnmG9QZDpPuy84m3YldaBQtYZ14TbCen7QA39G4yW48ptWkYGIygg==&v1=79&v2=70397
301 Moved Permanently 0 B URL HTTP/1.1 imgdelnw.com/ie?v=4&c=GXpJBPOXmC2FOYVtAKVs_XTzQbO55YrIS2wyebufOXy_4sJWftjoShwSV-Gd400r_vR3J8nsyVBSTf0dzk17dVf5_KAMND7fWQXwgwUzMlSBPgxtcEpWul6hdOb89yA9TLo9J1ruNvAbV6IiTZnrtji0QAG40dUU9svZnWdAVq_1wdHZjN-gVaYFSqqv95O6D4F1MixgyTTYEJ_niAovcInhjvTMzbhMfq9vYHTYfZ1Rk0M1RHvGoS8Xl9PiVVVPVmLhL2iDAajUHLm7Hkr8RW8WkcUn00s78vxFkGRtLUIlynhYfbVY_VthZks-uCmI2zKgpwfrs-CEuYUe5dNjqi6xo0h5Sy6Z8ySexK4Aej8CxpTZtUcF9hKDzlnmG9QZDpPuy84m3YldaBQtYZ14TbCen7QA39G4yW48ptWkYGIygg==&v1=79&v2=70397
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ie?v=4&c=GXpJBPOXmC2FOYVtAKVs_XTzQbO55YrIS2wyebufOXy_4sJWftjoShwSV-Gd400r_vR3J8nsyVBSTf0dzk17dVf5_KAMND7fWQXwgwUzMlSBPgxtcEpWul6hdOb89yA9TLo9J1ruNvAbV6IiTZnrtji0QAG40dUU9svZnWdAVq_1wdHZjN-gVaYFSqqv95O6D4F1MixgyTTYEJ_niAovcInhjvTMzbhMfq9vYHTYfZ1Rk0M1RHvGoS8Xl9PiVVVPVmLhL2iDAajUHLm7Hkr8RW8WkcUn00s78vxFkGRtLUIlynhYfbVY_VthZks-uCmI2zKgpwfrs-CEuYUe5dNjqi6xo0h5Sy6Z8ySexK4Aej8CxpTZtUcF9hKDzlnmG9QZDpPuy84m3YldaBQtYZ14TbCen7QA39G4yW48ptWkYGIygg==&v1=79&v2=70397 HTTP/1.1
Host: imgdelnw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
server: fasthttp
date: Mon, 05 Dec 2022 21:31:49 GMT
content-length: 0
location: https://img.vmmcdn.com/get/70455872/230378_icon.png
x-app-id: 12
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3829f148d31cce326dbffff777613ab4
45cbc9ae4b95455fe47656f4bc41d4ecac3dc1b1
024795dd9832eded600fd7635a79c4cd84b5f3da1c4a8bd1afd85689ce95fce1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "024795DD9832EDED600FD7635A79C4CD84B5F3DA1C4A8BD1AFD85689CE95FCE1"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10166
Expires: Tue, 06 Dec 2022 00:21:16 GMT
Date: Mon, 05 Dec 2022 21:31:50 GMT
Connection: keep-alive
img.vmmcdn.com/get/70455872/230378_icon.png
200 OK 78 kB URL HTTP/2 img.vmmcdn.com/get/70455872/230378_icon.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c03a6883cdc7bff7d164330ab7291ba
bd23919f7dc361c2db047742f23d06dc8259ad8c
20418be2827623572e087caebe40aa8825b449725057128b71a228b9835ca2d8
GET /get/70455872/230378_icon.png HTTP/1.1
Host: img.vmmcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.1
date: Mon, 05 Dec 2022 21:31:50 GMT
content-type: image/png
content-length: 77917
last-modified: Mon, 05 Dec 2022 12:08:38 GMT
cache-control: public, max-age=604800
etag: "638ddf46-1305d"
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
200 OK 8.2 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash afdbbbf58678a5d787afe7dd1b697eca
1e39091e0ab41dbb8c8d85e0f49d9c4fba5b3148
f6b03b8bf1594d80e14c4795932c701728f5b3debd15f47f4d605b84f72ac162
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=136281
expires: Wed, 07 Dec 2022 11:23:11 GMT
date: Mon, 05 Dec 2022 21:31:50 GMT
content-length: 8209
X-Firefox-Spdy: h2
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
200 OK 8.2 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash afdbbbf58678a5d787afe7dd1b697eca
1e39091e0ab41dbb8c8d85e0f49d9c4fba5b3148
f6b03b8bf1594d80e14c4795932c701728f5b3debd15f47f4d605b84f72ac162
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2BX48Z&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2028%2C2027%2C236%2C2025%2C2069%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=136281
expires: Wed, 07 Dec 2022 11:23:11 GMT
date: Mon, 05 Dec 2022 21:31:50 GMT
content-length: 8209
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 21:31:50 GMT
Age: 61220
X-Served-By: cache-lga13626-LGA, cache-bma1668-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 186428
X-Timer: S1670275911.924705,VS0,VE0
Vary: Accept-Encoding
b1h-euc1.zemanta.com/usersync/prebid
200 OK 26 B URL HTTP/1.1 b1h-euc1.zemanta.com/usersync/prebid
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /usersync/prebid HTTP/1.1
Host: b1h-euc1.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 26
Connection: keep-alive
Date: Mon, 05 Dec 2022 21:31:50 GMT
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 05 Dec 2022 21:31:50 GMT
Age: 61220
X-Served-By: cache-lga13626-LGA, cache-bma1668-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 38, 186429
X-Timer: S1670275911.946858,VS0,VE0
Vary: Accept-Encoding
eb2.3lift.com/sync?
200 OK 37 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /sync? HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:50 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: d8e02a3a-0b80-49f7-8339-3887c98bd6a5
Set-Cookie: uuid2=5768299825229235374; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 21:31:51 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: b98815be-29e2-4c6d-a798-112bf4bc42cb
Set-Cookie: uuid2=1151294700554499955; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 21:31:51 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5724cc1c-1dd1-4895-8cfc-dec7762810cb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: cd3e3809-9d8c-47ce-b897-2d976232e60b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 73a2e9cf-9380-4b7d-a646-2b33d6dc753b
Set-Cookie: uuid2=4917084226011915160; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 21:31:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: aa843638-8dd2-43c9-b7f5-a95d52f53b22
Set-Cookie: uuid2=4903611601712937621; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 21:31:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: ab1955fb-6cea-43ba-9f91-e66654dd8141
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 21:31:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9785a9c9-0367-49b1-a7f2-d11ce013a34a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00; _ga=GA1.2.815758058.1670275904; _gid=GA1.2.827424546.1670275904; _gat_gtag_UA_108868042_1=1; a=3tGgDOoXsQoxPQ5TkoAtHLgh88swhKL1; token_QlJAAAAAAAAArRMIRsGBk-hpXXMDyS9EWV8qBEI=BAYAY45jRQFjjmNFgAGBAcAAIAuG5Kz0aw7RiuQYgQkcTLGBKHqNI7Wt7AIN8tp_8BQbwQAgN0jaIlmTPEP1WY--YHfOL4r0M16pdL05Mk3JLtYkjwk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:52 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1670275903502
200 OK 0 B URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1670275903502
IP
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1670275903502 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztb8sh42u5PUBffeDSdOLrpKUuRk6uXhyw0H3Yky0764vspH5XpqTB2mUrbOJgWSRNHvcz%2BUcu0jdJG0vuq1i6r%2B%2FDJU2O2vd%2Bc%2BgZjI75Jl7nNx3aOQiAHdGDfyDNzF%2BpnbBa9L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe3fe3d78b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: mTE1kG5LEPtMMXXo/HLSUHQRF6hsRsFfkSuwO8Y/fkt0P22r+Flt3genZHm2NQBgFdhDua76mw77JoCV6/I3xw==
date: Mon, 05 Dec 2022 21:31:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
200 OK 0 B URL HTTP/2 megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
IP
GET /Tis6/FIFA.21.Ultimate.Edition.part09.rar HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=tj25aic4mt0cb6f70okl57ge00; expires=Tue, 06-Dec-2022 21:31:45 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1178
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 05 Dec 2022 21:31:47 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuVq26Loxpb%2FldtaNEFLJzDJZSf6krKmnRNUYdlk0xsofhnxnTOexYq4IJyfH9mIHao6o0etYfuRODEUqec2CMbKLlTe17TVHDVQpuAqevWR56UHxTKfJNMJvyD3zNM3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe401b9cc071e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
api.purpleads.io/x/v/?ts=1670275904161
200 OK 0 B URL HTTP/2 api.purpleads.io/x/v/?ts=1670275904161
IP
OPTIONS /x/v/?ts=1670275904161 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: c98a6f96-703a-4308-aa0c-42b6d5d2d780
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js?bFM4UWo3cQBiWFpgC3NGTnEUcwxYNwFkWwk3FWJaXGoVZVJbNRVpDFpmFWlbDmpZZl0JYg0yDE5%2EGjNSDjUONVoIfgxmCFp%2BDGJTVH4BNAxZfgBlD1hgCzNZXTJbZkhAcUsmSEBxViUCCSRXIwYIJBYzHxYpGn1IXWMWZEhANVk9GQl%2EXjAGHzYUNwsAIF0M
200 OK 0 B URL HTTP/2 megaup.net/sw.js?bFM4UWo3cQBiWFpgC3NGTnEUcwxYNwFkWwk3FWJaXGoVZVJbNRVpDFpmFWlbDmpZZl0JYg0yDE5%2EGjNSDjUONVoIfgxmCFp%2BDGJTVH4BNAxZfgBlD1hgCzNZXTJbZkhAcUsmSEBxViUCCSRXIwYIJBYzHxYpGn1IXWMWZEhANVk9GQl%2EXjAGHzYUNwsAIF0M
IP
GET /sw.js?bFM4UWo3cQBiWFpgC3NGTnEUcwxYNwFkWwk3FWJaXGoVZVJbNRVpDFpmFWlbDmpZZl0JYg0yDE5%2EGjNSDjUONVoIfgxmCFp%2BDGJTVH4BNAxZfgBlD1hgCzNZXTJbZkhAcUsmSEBxViUCCSRXIwYIJBYzHxYpGn1IXWMWZEhANVk9GQl%2EXjAGHzYUNwsAIF0M HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00; _ga=GA1.2.815758058.1670275904; _gid=GA1.2.827424546.1670275904; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPAEKyQxGgsw8atRnFVjGJScDcs85o%2FyW7pf7p3NiBRxuMWeTZwddRZ1yYwb2l3c6dYUJ5LFLZuV%2Bqp5wLVxLgJpGS1GER2kLdM0gdmVrkQ5%2FVpilqyxgzCOZ%2BJxf8nb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe401b9c7071e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: text/plain
set-cookie: csu=1289389896225763@1@1670275906; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vVBtCqE1sHHhIkgAicF%2BRnbq7UIyARCMoGs8dkx5nPeXjpt88FP48awkw1w%2FjjtAGuGq%2BcjrR4sLLtylVGwZg28BOaY2L42qdkaGBoEwkYgBjemd0Iui8VJbu5V3w0G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe4026aa4071e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ntheworldw.buzz/bk1TWFk1b2tra1h%2BYHp1TG9%2Eej9aKWptaAspfmtpXnR%2BbGFZK35gP1h4fmBoDHQyb24LfGY7P0xhcTphDCtlPGkKYGdvO1hgZ2tgVmBqPT9bYGtsPFp%2BYDpqXywwb3tCbyAve0JvPSwxCzo8KjUKOn06LBQ3cXR7X319bXtCKzI0KgthNTk1HSh%2EPjgCPjYF
200 OK 0 B URL HTTP/2 ntheworldw.buzz/bk1TWFk1b2tra1h%2BYHp1TG9%2Eej9aKWptaAspfmtpXnR%2BbGFZK35gP1h4fmBoDHQyb24LfGY7P0xhcTphDCtlPGkKYGdvO1hgZ2tgVmBqPT9bYGtsPFp%2BYDpqXywwb3tCbyAve0JvPSwxCzo8KjUKOn06LBQ3cXR7X319bXtCKzI0KgthNTk1HSh%2EPjgCPjYF
IP
GET /bk1TWFk1b2tra1h%2BYHp1TG9%2Eej9aKWptaAspfmtpXnR%2BbGFZK35gP1h4fmBoDHQyb24LfGY7P0xhcTphDCtlPGkKYGdvO1hgZ2tgVmBqPT9bYGtsPFp%2BYDpqXywwb3tCbyAve0JvPSwxCzo8KjUKOn06LBQ3cXR7X319bXtCKzI0KgthNTk1HSh%2EPjgCPjYF HTTP/1.1
Host: ntheworldw.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 29f3910b5967a989891743ce77f3a720=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-NbBVR1AjCgwD224ibjvJPkYROm0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1442347414%3A1670275906782928&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvByVEDNG0UUy5QlDupc28Sn_n7UAnz2tdX_cjg_FljQbn8quUTKn0b-1AOWWDEiF-TYcmNgQ
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1442347414%3A1670275906782928&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvByVEDNG0UUy5QlDupc28Sn_n7UAnz2tdX_cjg_FljQbn8quUTKn0b-1AOWWDEiF-TYcmNgQ
IP
GET /v3/signin/identifier?dsh=S-1442347414%3A1670275906782928&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvByVEDNG0UUy5QlDupc28Sn_n7UAnz2tdX_cjg_FljQbn8quUTKn0b-1AOWWDEiF-TYcmNgQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 21:31:46 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-a5GXlilEHKN0HuQBe8Lzrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.purpleads.io/x/init?ts=1670275903750
200 OK 0 B URL HTTP/2 api.purpleads.io/x/init?ts=1670275903750
IP
OPTIONS /x/init?ts=1670275903750 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version,x-request-url
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: authorization,content-type,x-purpleads-version,x-request-url
x-request-id: 42da267c-8c32-4ea7-a214-05340f536b94
X-Firefox-Spdy: h2
cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
200 OK 0 B URL HTTP/2 cdn.engine.4dsply.com/Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2
IP
GET /Scripts/infinity.js.aspx?guid=86ddec5c-b957-455f-87da-f034ba331fa2 HTTP/1.1
Host: cdn.engine.4dsply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:48 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=900
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Mon, 05 Dec 2022 21:30:21 GMT
cf-cache-status: HIT
expires: Mon, 05 Dec 2022 21:46:48 GMT
server: cloudflare
cf-ray: 774fe404786e0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
societingna.info/Rzl2Znk8GwURJjJLGkRDZVECEgk0A1lJFCJeFxMJaVcTElY0TlgMCmUVVBUUIRtMV1VlTRcBJi5dVFxbfwpEUEp0G1pECjJbKQ8ddRtMRB9zXU9TSCJdW1VJdwBbUkFwX1teH3EMW15IJQAXUU4iCEMFH2VE
200 OK 0 B URL HTTP/2 societingna.info/Rzl2Znk8GwURJjJLGkRDZVECEgk0A1lJFCJeFxMJaVcTElY0TlgMCmUVVBUUIRtMV1VlTRcBJi5dVFxbfwpEUEp0G1pECjJbKQ8ddRtMRB9zXU9TSCJdW1VJdwBbUkFwX1teH3EMW15IJQAXUU4iCEMFH2VE
IP
Analyzer Verdict Alert fortinet Malware
GET /Rzl2Znk8GwURJjJLGkRDZVECEgk0A1lJFCJeFxMJaVcTElY0TlgMCmUVVBUUIRtMV1VlTRcBJi5dVFxbfwpEUEp0G1pECjJbKQ8ddRtMRB9zXU9TSCJdW1VJdwBbUkFwX1teH3EMW15IJQAXUU4iCEMFH2VE HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 9372b024784ef38d23214825b0987e14=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0f4-mR8JEXX0Mh8XHi0Xshwf5LYpsT0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
pbjs.e-planning.net/pbjs/1/2e112/1/megaup.net/ROS?rnd=0.8851516360254501&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar
302 Found 0 B URL HTTP/2 pbjs.e-planning.net/pbjs/1/2e112/1/megaup.net/ROS?rnd=0.8851516360254501&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar
IP
ASN #49981 WorldStream B.V.
GET /pbjs/1/2e112/1/megaup.net/ROS?rnd=0.8851516360254501&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie: CT=1; path=/; SameSite=None; Secure
access-control-allow-origin: https://megaup.net
location: /hb/1/2e112/1/megaup.net/ROS?ct=1&r=pbjs&rnd=0.8851516360254501&e=300x250_0%3A300x250%2C300x250%2C200x200%2C250x250%2C300x100&ur=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar&pbv=7.22.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fmegaup.net%2FTis6%2FFIFA.21.Ultimate.Edition.part09.rar
x-sid: AMS-928
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU2BX48Z
200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU2BX48Z
IP
POST /rtb/prebid?cid=8CU2BX48Z HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1210
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Mon, 05 Dec 2022 21:31:47 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo3Qutt9gI80VRNEuFiLUnAKwqTJ33YsV90X%2BfKrnOk%2Ft2473MRtVgcbaALwGeajOW9M0QgtYDQXBkxRDe9i895KowcEKQEBXd5DpAXxuVOK1jv2E%2B2P0RcamfcH7e84"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fe401a9b9071e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.purpleads.io/x/b/?idx=0&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&ts=1670275904005
200 OK 0 B URL HTTP/2 api.purpleads.io/x/b/?idx=0&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&ts=1670275904005
IP
GET /x/b/?idx=0&pid=e0b917b1ea2847b19aec125e54209679&sizes=[[300,250],[300,250],[200,200],[250,250],[300,100]]&slotid=3ac7cbe2-dc12-4e36-9e05-9251ab4453a3&ts=1670275904005 HTTP/1.1
Host: api.purpleads.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: application/json
x-purpleads-version: 2.3.2
x-request-url: aHR0cHM6Ly9tZWdhdXAubmV0L1RpczYvRklGQS4yMS5VbHRpbWF0ZS5FZGl0aW9uLnBhcnQwOS5yYXI=
Authorization: Bearer 70f4c4ca797b70742cf152daf589f184:5f7ccce17707939b2685f0f8203bd1c265e05e479bbfcec98eda491d5ef6d2861ecfe05a883293e58ee42e74b0a74acb04a21203cd5fc2e8d8ec9e7b994f7655
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:31:47 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id: 466ccfa1-5a82-4e40-9b72-02ea38c49316
etag: W/"da1-YYok7g7QVXxvUsMVkDqpVyvu+yM"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S587858966%3A1670275906725379&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtPxoW811rBNXwK_lTElRCT-Qe2OBRhzPTdy6tRC8jS7ccbRLLJFzz4IVASEaTPN0LcU_HMsQ
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S587858966%3A1670275906725379&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtPxoW811rBNXwK_lTElRCT-Qe2OBRhzPTdy6tRC8jS7ccbRLLJFzz4IVASEaTPN0LcU_HMsQ
IP
GET /v3/signin/identifier?dsh=S587858966%3A1670275906725379&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAtPxoW811rBNXwK_lTElRCT-Qe2OBRhzPTdy6tRC8jS7ccbRLLJFzz4IVASEaTPN0LcU_HMsQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 21:31:46 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-ET4y-Uy5_yUPzS4dlFZ63g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:46 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/stylesheet.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/stylesheet.css
IP
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js
200 OK 0 B IP
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/Tis6/FIFA.21.Ultimate.Edition.part09.rar
Connection: keep-alive
Cookie: filehosting=tj25aic4mt0cb6f70okl57ge00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:31:45 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
91.209.70.182
104.21.96.100
143.204.42.228
136.243.22.74
185.200.116.90
23.109.170.51
157.240.200.35
23.36.77.32
93.184.220.29