Overview

URL megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
IP91.209.70.182
ASNFNK LLC
Location Russia
Report completed2022-09-30 19:48:36 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-30 2 societingna.info/U041VnYobEYhKSY8WXRMcSZBIgYgdBp5GzYpVCMGfSBQIlkgORs8BXFiFy (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (31)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS societingna.info (1) 978921 2020-01-01 12:45:00 UTC 2022-09-30 19:48:26 UTC 44.195.137.121
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-30 04:55:27 UTC 142.250.74.3
mnemonic passive DNS syndication.exdynsrv.com (2) 34243 2016-04-20 18:35:15 UTC 2022-09-30 19:48:27 UTC 95.211.229.246
mnemonic passive DNS s3t3d2y8.afcdn.net (1) 0 2022-08-08 22:22:56 UTC 2022-09-30 05:48:05 UTC 185.76.9.16 Unknown ranking
mnemonic passive DNS tsapphires.buzz (4) 0 No data No data 44.195.137.121 Unknown ranking
mnemonic passive DNS pogothere.xyz (5) 0 2022-09-04 19:11:25 UTC 2022-09-30 14:32:35 UTC 172.64.173.27 Unknown ranking
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-30 04:55:45 UTC 142.250.74.72
mnemonic passive DNS medadelem.xyz (6) 0 2022-09-18 06:47:09 UTC 2022-09-30 14:17:00 UTC 172.67.189.15 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-30 15:22:46 UTC 172.64.155.188
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-30 15:21:19 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-30 13:49:02 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 17:00:01 UTC 143.204.55.36
mnemonic passive DNS e1.o.lencr.org (7) 6159 2021-08-20 07:36:30 UTC 2022-09-30 05:21:06 UTC 23.36.77.32
mnemonic passive DNS accounts.google.com (4) 81 2016-09-05 09:39:47 UTC 2022-09-30 15:03:26 UTC 216.58.207.237
mnemonic passive DNS static.a-ads.com (1) 34827 2013-06-01 16:47:05 UTC 2022-09-30 08:44:46 UTC 148.251.53.118
mnemonic passive DNS img.vmmcdn.com (1) 36292 2020-03-06 16:44:32 UTC 2022-09-30 19:48:30 UTC 46.4.121.113
mnemonic passive DNS megaup.net (44) 179052 2017-09-01 18:45:15 UTC 2022-09-30 16:22:25 UTC 91.209.70.182
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.77.32
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-30 17:50:54 UTC 142.250.74.174
mnemonic passive DNS ad.a-ads.com (1) 26970 2013-04-19 21:54:57 UTC 2022-09-30 19:48:27 UTC 148.251.53.118
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS keydawnawe.com (2) 586690 2020-10-08 14:33:32 UTC 2022-09-30 19:48:26 UTC 172.255.6.199
mnemonic passive DNS fhisladyloveh.xyz (10) 0 2022-09-18 19:36:41 UTC 2022-09-30 18:43:31 UTC 108.157.214.123 Unknown ranking
mnemonic passive DNS platform.bidgear.com (2) 30367 2018-11-15 19:45:56 UTC 2022-09-30 19:48:26 UTC 172.67.74.36
mnemonic passive DNS imp9.bidgear.com (1) 34078 2021-03-15 11:09:09 UTC 2022-09-30 19:48:26 UTC 172.67.74.36
mnemonic passive DNS dmmzkfd82wayn.cloudfront.net (6) 0 2021-10-16 14:37:01 UTC 2022-09-30 19:48:26 UTC 143.204.42.115 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 52.39.126.109
mnemonic passive DNS hypoterian.com (1) 0 2022-07-01 15:44:19 UTC 2022-09-30 19:48:29 UTC 138.201.194.90 Unknown ranking
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-30 04:55:34 UTC 157.240.221.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 143.204.55.35
mnemonic passive DNS altowriestwispy.com (2) 951913 2021-02-24 10:44:10 UTC 2022-09-30 19:48:26 UTC 172.255.6.87


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 91.209.70.182

Date UQ / IDS / BL URL IP
2022-12-05 23:23:15 +0000
0 - 0 - 1 megaup.net/17wng/26.5.0.223.X64.rar 91.209.70.182
2022-12-05 23:01:26 +0000
0 - 0 - 1 megaup.net/2wo4k/Burnhouse.Lane-P2P.zip 91.209.70.182
2022-12-05 22:33:22 +0000
0 - 0 - 1 megaup.net/1asnu/Scarlet.Hollow.Episode.4.Ear (...) 91.209.70.182
2022-12-05 21:31:59 +0000
0 - 0 - 1 megaup.net/Tis6/FIFA.21.Ultimate.Edition.part (...) 91.209.70.182
2022-12-05 18:19:22 +0000
0 - 0 - 1 megaup.net/1Div0/Drift21-CODEX.part1.rar 91.209.70.182

Last 5 reports on ASN: FNK LLC

Date UQ / IDS / BL URL IP
2022-12-05 23:23:15 +0000
0 - 0 - 1 megaup.net/17wng/26.5.0.223.X64.rar 91.209.70.182
2022-12-05 23:01:26 +0000
0 - 0 - 1 megaup.net/2wo4k/Burnhouse.Lane-P2P.zip 91.209.70.182
2022-12-05 22:33:22 +0000
0 - 0 - 1 megaup.net/1asnu/Scarlet.Hollow.Episode.4.Ear (...) 91.209.70.182
2022-12-05 21:31:59 +0000
0 - 0 - 1 megaup.net/Tis6/FIFA.21.Ultimate.Edition.part (...) 91.209.70.182
2022-12-05 18:19:22 +0000
0 - 0 - 1 megaup.net/1Div0/Drift21-CODEX.part1.rar 91.209.70.182

Last 5 reports on domain: megaup.net

Date UQ / IDS / BL URL IP
2022-12-05 23:23:15 +0000
0 - 0 - 1 megaup.net/17wng/26.5.0.223.X64.rar 91.209.70.182
2022-12-05 23:01:26 +0000
0 - 0 - 1 megaup.net/2wo4k/Burnhouse.Lane-P2P.zip 91.209.70.182
2022-12-05 22:33:22 +0000
0 - 0 - 1 megaup.net/1asnu/Scarlet.Hollow.Episode.4.Ear (...) 91.209.70.182
2022-12-05 21:31:59 +0000
0 - 0 - 1 megaup.net/Tis6/FIFA.21.Ultimate.Edition.part (...) 91.209.70.182
2022-12-05 18:19:22 +0000
0 - 0 - 1 megaup.net/1Div0/Drift21-CODEX.part1.rar 91.209.70.182

No other reports with similar screenshot



JavaScript

Executed Scripts (53)


Executed Evals (1)

#1 JavaScript::Eval (size: 47, repeated: 1) - SHA256: 0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d

                                        window.fanfilnfjkdsabfhjdsbfkljsvmjhdfb = true;
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 2290, repeated: 1) - SHA256: d1aa777a27f5db4b1aa582f39076021ea0df6d1bb2daba1ecb187559eb860c78

                                        < div style = "display:none" > < /div><div id="bg_content"><div style="display:none"><img data-cfasync="false" src="/ / imp9.bidgear.com / rec ? t = 1 & z = 6192 & uuid = 35 d8136a3afd44528b2e35fde6379c7c & p = 28 & g = NO & token = 4 a44335432 & tbg = 1664567306 " rel="
noindex nofollow " referrerpolicy="
unsafe - url "/></div><div data-ifr=2 style=" - webkit - transition: width 0.5 s!important; /*background-color:#fcfcfc!important;*/
background - color: # e3e3e3!important;
opacity: 0.6;
color: #00aecd;font-family:Arial!important;height:15px!important;line-height:15px!important;overflow:hidden!important;position:absolute!important;left:1px!important;top:1px!important;transition:width 0.5s!important;white-space:nowrap!important;width:16px!important;z-index:99999!important; border-bottom-right-radius: 4px" onmouseover= "this.style.width='100px';this.style.borderBottomRightRadius='3px';this.style.opacity=1;"
onmouseout = "this.style.width='16px';this.style.borderBottomRightRadius='4px';this.style.opacity=0.6;" > < div style = "float: left!important;position: absolute!important;left: 6px!important;bottom: 0px!important;" > < a href = //bidgear.com/?ref=banner target=_blank style="color:inherit!important;font-size:11px!important;padding:0 5px!important;text-decoration:none!important;margin:0!important;text-indent: 0!important; display: inline!important;"><span style="/*background-color:#fcfcfc!important;*/display:block!important;height:14px!important;position:absolute!important;right:1px!important;bottom:0!important;width: 13px!important;text-indent: 0!important; padding: 0!important; border-bottom-right-radius: 4px"><img src=//platform.bidgear.com/media/img/b15.png alt=Ad by Bidgear style="width:100%!important; height: 13px!important;"></span></a></div><div style="float: left!important;clear: right!important; padding-left: 16px!important;"><a href=//bidgear.com/?ref=banner target=_blank style="color:inherit!important;font-size:11px!important;padding:0 5px!important;text-decoration:none!important;margin:0!important;text-indent: 0!important;">Ad by Bidgear</a></div></div><script async type="application/javascript" src="https://a.exdynsrv.com/ad-provider.js"></script> <ins class="adsbyexoclick" data-zoneid="4464186" data-keywords="keywords"></ins> <script>(AdProvider = window.AdProvider || []).push({"serve": {}});</script></div>
                                    


HTTP Transactions (134)


Request Response
                                        
                                            GET /TVnv/Rusted.Warfare.RTS.v1.14.rar HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         91.209.70.182
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 30 Sep 2022 19:48:25 GMT
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Fri, 30 Sep 2022 20:58:28 GMT
Date: Fri, 30 Sep 2022 19:48:25 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 19:16:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pPtVGEXqX_1cfH7KZO-FuCpUyw4HCfRsim4uy4rKF19vc9Oqpd-Z3w==
Age: 1936


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g16Fi0yZeXdA89z8lpmjTFaUH-aJf0KpyR7IIGYsF4INisWaqQfVaA==
age: 51598
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:25 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 19:48:26 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 30 Sep 2022 11:25:46 GMT
Expires: Fri, 07 Oct 2022 11:25:45 GMT
Etag: "94061fe3845fe46cc2491d27ba3218c8c5b40773"
Cache-Control: max-age=574039,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752f79dd594ab4f7-OSL

                                        
                                            GET /themes/flow/images/main_logo_inverted.png HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   7137
Md5:    5d15526be10b904a6b48d1af04a10cc3
Sha1:   c09b6874359ac6d71db95593618a9acb55baa984
Sha256: 894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
                                        
                                            GET /themes/flow/js/jquery.fileupload.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   32051
Md5:    30ff964fa0b3c31ab87b059376a21279
Sha1:   c039179d6d38b09738a1bdc76fe9dfadc61b4f90
Sha256: cebf08c16e54b9eeba9292bcf8ffda33759865a6cb409b5ffef51897012264bf
                                        
                                            GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6628
Md5:    76c00213ef4476e5bd4cf46e973b0a11
Sha1:   7b16c241b5d90fdd680b1f96a1403c693501e9aa
Sha256: d2f6e141ed8cb96763f196653aabc65893e7437a162f840c17177a933d90444e
                                        
                                            GET /tysaSHG1FMaM/18410 HTTP/1.1 
Host: altowriestwispy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.255.6.87
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 30 Sep 2022 19:48:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sat, 01-Oct-2022 19:48:26 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sat, 01-Oct-2022 19:48:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 19:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 20:08:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qJkS3PzZEWnQYdn38Q9jnlz5C3F2lBTxAZNF1DsfXzSSzJPiTyT9gA==
Age: 1133


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /gwZ1U5hjA8ii/32575 HTTP/1.1 
Host: keydawnawe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.255.6.199
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 30 Sep 2022 19:48:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Sat, 01-Oct-2022 19:48:26 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Sat, 01-Oct-2022 19:48:26 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
                                        
                                            GET /themes/flow/js/load-image.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2546), with no line terminators
Size:   5885
Md5:    19059a5486957a5b3cc70e068af4a724
Sha1:   6a4c9f902405e64f2c7de69839e959748f5d427f
Sha256: e3f57f4333c86f5c09826f0fa0fab2fbdd0a0baeaa70ea8af56bc73f91aae091
                                        
                                            GET /?kzmmd=761186 HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 188859
date: Fri, 30 Sep 2022 19:48:26 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6Owdw30et0Ns7BAMDKykDVbDLNoGvr6IUyGQukXBqC3aoUsPsyUJgA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15945)
Size:   188859
Md5:    7a8f82adabc65db23c5ac0ace084c443
Sha1:   00b6919bc4c01dee6509d7b8e459e40b187c71bd
Sha256: 286d7cc6e2f526abb5ec315ef63f0bdd6852307776fdc2556c7b10423fdf2484
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 413
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 19:48:26 GMT
Last-Modified: Fri, 30 Sep 2022 19:41:33 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   33698
Md5:    676c76240651478663285a785372b25a
Sha1:   c8123e0ec138480fb093142fa02a1c9c52abe9d4
Sha256: 1c261b859c6778a03a5b89e1ebd7c0b6c548ee164e7bcdac2aafbc0032ee3d7c
                                        
                                            GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   31994
Md5:    d2850734c9baac52087ee6ad9fb5a2e8
Sha1:   b3169fe7f04b8337fc3f13d36a8f4d46ec55df63
Sha256: 79caeba8f4079596e989ca24f36a9ca1794b098e42ad7ac3d16289a79b689634
                                        
                                            GET /themes/flow/images/loading_small.gif HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Size:   31980
Md5:    99ac81a158028ac2023fb3350d2497e7
Sha1:   f08c12c91ab29282a616c3ba8e533f49b5b433ca
Sha256: 92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
                                        
                                            GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Size:   20972
Md5:    cad75e2dacc6794c4e6b14727d4a989d
Sha1:   694d04c8f643df4100c23efc1463ac9f4e732f60
Sha256: ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
                                        
                                            GET /gtag/js?id=UA-108868042-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 19:48:26 GMT
expires: Fri, 30 Sep 2022 19:48:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 30 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42378
Md5:    beb37d3fb38fe376a84707f27ca4b575
Sha1:   c43e77af959c4de3e414ed72a0996d3dc4d31c37
Sha256: 7d6c05ef0fbb8c334a70a8eda583460b3321f4b2431881c5af34b8c7be9d35f5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 19:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "BDB8C13BE73E6D521C8A00AECFA51DB277D908562BF1D31C675055F08868F215"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7202
Expires: Fri, 30 Sep 2022 21:48:28 GMT
Date: Fri, 30 Sep 2022 19:48:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "BDB8C13BE73E6D521C8A00AECFA51DB277D908562BF1D31C675055F08868F215"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7202
Expires: Fri, 30 Sep 2022 21:48:28 GMT
Date: Fri, 30 Sep 2022 19:48:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "BDB8C13BE73E6D521C8A00AECFA51DB277D908562BF1D31C675055F08868F215"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7202
Expires: Fri, 30 Sep 2022 21:48:28 GMT
Date: Fri, 30 Sep 2022 19:48:26 GMT
Connection: keep-alive

                                        
                                            GET /tysaSHG1FMaM/18410 HTTP/1.1 
Host: altowriestwispy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.255.6.87
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 30 Sep 2022 19:48:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
                                        
                                            GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   6457
Md5:    646f8aa295122883be40973ff2927bee
Sha1:   6067394e2af85a5dccbfd8c6b14751bb98079430
Sha256: 7846bc9455bfec85aeb5a6ba234713f489c2a171753e8748bd045df8b6f7594f
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O4Ms9lrhZMO2/J5PJwqURw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.126.109
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BaSQne/Z9JBCJUCxa5+rqGwmBrI=

                                        
                                            GET /gwZ1U5hjA8ii/32575 HTTP/1.1 
Host: keydawnawe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.255.6.199
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 30 Sep 2022 19:48:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
                                        
                                            GET /a1dkT1BEaAc8bTpnC34fPGJXKREyFjIhBlwTNT82CDkTDBEtDkI7OQ9qU3lhWm9SaSACM1l+dhgjBTslGGpVaTkFMQtydh1qVWFjX3lWdn5bcRFyYU0jFC43VmZCPyQfO1l+Zl1jUXlnWGdXfWdS HTTP/1.1 
Host: medadelem.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.189.15
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TND7UhHD3%2FmYbtJOFv6IlpAvuKDzeYaZqCBQ2bZvKoY%2BzVVylCQGpZMEbtkSfeApvIrFaO3h5Ap8IhbWd5L%2BLjgPc%2BLBigcvg1xuUsQvkO%2BW0Rrq8QF3ZwPpFkMcnHz2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e29813b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /RlJDdE1pbSAHcAsVJ0EcEAcKIRhzKxolDxEBCzImB2N6OikBJWUAJCJvekB0fmR3Uj0vNn5FdWAhNxU5MyF+RWsvPCUbcGAkfkVjdnxxWn1gJ35FazIiIhNwd3QzADkqb3JCe3JndUN+dmFwRn0 HTTP/1.1 
Host: medadelem.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.189.15
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9ICgI7JeNvFVnWkGKipjj6n56aGyVmrGnf8RsoAwqxTY%2BU6hGz%2FAxXyaWQ8WwmVKkh349Ld%2F4jfp0M1hHNQhgrCpzb8ZMG%2BDLDoBEZimubu%2Fr1vlUJ99wyMOdqR1nQh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e29820b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /NzRqUTYYCwkiC1RwKyZ4TXItEHdQdysEe3B1Oxh8ZHUzGHJQdUwlX1MJUmYABAVSd0ZeUFdjDxFHHjBCQkdXYBBeWgw+CxFCV2AYBxpcYRgHEh9sBxFAGjBRCgVMIUJDWFdgAAEAX2cBBARZYgYP HTTP/1.1 
Host: medadelem.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.189.15
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iJ2vkqcrXosb0%2FdbQ0924hNaMMS1w%2Bj49%2B7NeMKFjw2YErICaBPRUITxkqL4%2F4JFLoC%2FvMHkQ2B8SHi0y3WyfuOKvSJHe5bzucbPNBPnjPP5Rc9%2BMdKdc%2Fo0wGhfdP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e29821b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "BDB8C13BE73E6D521C8A00AECFA51DB277D908562BF1D31C675055F08868F215"
Last-Modified: Thu, 29 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7202
Expires: Fri, 30 Sep 2022 21:48:28 GMT
Date: Fri, 30 Sep 2022 19:48:26 GMT
Connection: keep-alive

                                        
                                            GET /aFVuVDhHag0nBScDICNuPQQhDn0MJggFQAQHKQZAK2caEGIGZUggUQxoWWIMWWFfckgBMVNlHhshDyBNG2hfclEGMwFpHh5oX3oLXHtcbRZYcxtpCU4hHjVfVWRIJEwcOVNlDl5hW2IPW2VdZwta HTTP/1.1 
Host: medadelem.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.189.15
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WJAbC3yQyLBiRV3W47jpufWad5ut5BLXoucUNp%2F686IgxS7Kfp8wJyVuX6Bo4PYTrEwJY37ppOqVmkHQQVlpXMZ1WrspaNgo7%2Bo8rx4ILvWX3wUIKWp1pfCMdPIjpo9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e2c871b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /NHNUbncbTDcdSnokLD0jWRQaOTBmSgMvPWEqOh4TdkI4HBJiNnIaHlBObFxCDUJlSAddF2ldRRIAIA8DQQBpX1FdHTIBShIFaV5ZDF1lXlkEVSFTRhIHJA8QCUJyHgNAH2lfQQJHYVhAB0NnXE4A HTTP/1.1 
Host: medadelem.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.189.15
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08uI3XALQuJf1SkHMUNI7D4ppVXvh7baYTz2efUg1kijy26IF1WiKVkZg0y7HU864BeP%2Bp%2FAw3XlKysJwwq5ZqKKwwudgGAPX5vjb6C5YwcQzM9Eoxfyq1wL3RH9c%2Bdx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e2c868b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /dnVhYTRZSgISCRIhOyh6REAvIFpCMDkKfTkQIC9WJAIvGXUwFkcVXRJIWVMBT0RQR0QfEVxSBlAGFQBAAwZcUwRGQkcIWhAaXFMSAEhRTwxYRFFPBFAAXFASAgUABglHUxEVQBpIUFcCQkBXVgdGRlNYAg HTTP/1.1 
Host: medadelem.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.189.15
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juDhn2p4qcRvU348hrQH6a6%2FGPNIIlgOLxaUy96Ea73Ch9yTUxLjMLvBDk71GQM3No5T267al5ITcLrwj9Iq2uwCLVl3gtbhJXzHJIjAHOEMrUkrqNJzrS9q70HGf5uU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e2c86fb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3720
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 19:48:26 GMT
Last-Modified: Fri, 30 Sep 2022 18:46:26 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /TEpXZUEtKDQIfi13NUM0PiZqQHMKb2UjJSEnLQ4nKHJlEiA1JHkGLSM/MwMzIyQjSy8pPnJXBzUpOScSHXhvNwk2PTswABUQGQt0FBgCPykvJjMwBiUPJCQQBgQUIRA9BAMwKgMeAhcLIhtkIxMWBA4IFAgPL1FwKiE8PQkmDHJXAxQmBjcPJQwENy0VJxoSABYeAzwoDjIWBg41IRUiAAZ6GQJ0HAIDVXQOImMGDH4QMysEGnI0VTENGx8KdhQhGTMYHQwcNAQNb2UnCisPHyYJKDIPEjEFEBUdGx4mAQ0AGToWNAINewQOBDQrZDMDHSY7ViIacgEjFWEPOCQHKAkRLQcqG2cnKC8mbiEXGwgtJhM/CRkcFA0JOzMmDhwNIBkhADsiKnUIcQ8yIyQnWBs7DxAgNzYQDjM HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1171
date: Fri, 30 Sep 2022 19:48:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: lcXsp9pVW_PyiejDQgU2hPkjRZnuErLNCBlRI6c8D036e1YmoFf_LQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3012), with no line terminators
Size:   1171
Md5:    4b6e42bc2d0de58336290ac8a5cff4eb
Sha1:   1943621c67e38a9187d326090453cb9b28a15861
Sha256: 494fd9ae4ce5337dfc3c83f0dbcae58b9c962f72f31426d0acf7ceb752826767
                                        
                                            GET /imageads/012.gif HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
content-length: 498127
last-modified: Mon, 29 Mar 2021 20:01:24 GMT
vary: Accept-Encoding
etag: "60623214-799cf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   498127
Md5:    008597da36f68c5f0a6324833164297d
Sha1:   bf10c016b0938ad06e51e416d063805d40b0265a
Sha256: 16628c257f8fea93d55efb135f326d1c7bca14645f353abe1a67ca289595ef2f
                                        
                                            GET /NU10OTdULxdUCFRwFh9CRyFJHAVzaEZ/U1ggDlJRUXVGTlZMI1paW1o4EF9FWiMAF1lQOVELcXEZMXdDYRUfT3t0AAZrXVI8N2F1dCg8SWFQfUVIfGd5HX9NTWhGe3RfdRZ3f1oHMmhycgoDYxIHDyduWAYLDVVyUwohe3t3LgZfXEYiMkAOEH82YXBGFD96cWQoIgECfCE1XnFfFAV4ZHAUFWFyRygyXQ9vIU0AYmEfDWFwXQYwVG1TKyZsW3kfEwhvfXgOf29jHTEKYW8sMVZ4byFNAHRPPRlhUE0MEVQGURcyQRIHDxdOWFoKHVpEZgVMHAVzKxp3VFMYGABUBGAMVmQGOhh7cw0uP1BAYywxSnxQIQBTZGIiRmx/QmseSlhbPUleRVc1TV1vTQcsUgQF HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1157
date: Fri, 30 Sep 2022 19:48:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: zCFytRlguTEUtdy0-qdIyhwIBgPA-BgkKFYq9Ob48PC3v98jIGyNlw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2998), with no line terminators
Size:   1157
Md5:    ad18a636a70334a473ef78cdb4492666
Sha1:   e616584f0d1eca05cc8d9057dc3cb2df01687da4
Sha256: c644e0f3fee9cb131f44033492dee8df9e0414fcf09a0ef308e6a9f726d306c1
                                        
                                            GET /cWJNaGUQAC4FWhBfL04QAw5wTVc3R38uARwPNwMDFVp/HwQIDGMLCR4XKQ4XHgw5RgsUFmhaIzg2CllWEggAHiQZCRgsIRYnCFhdPQQhACogFQcZJwYzKTAxCTMEOhEyKyEHUDcPPiIjCFYXDlZELgwfDSkBG1k3OQ4EASYaEhg+DDgtHgMoJy4cAzMlFSkZIiABKT8tNDsKOj8mKSo5PzdTKRkiMzgdMAw8OgUAUBcuGAAjPyMXAT0nKAwpVyA0HwMoJgQ0UTYgIwAPJzMJBTtXHQQfHwo9ByciJyMKF01XNy58IiQwGHkKMBokNAwzBTgcABUBOn1FBic0JFAiNiQuKiYdWwU5Ej9aFS0BNSQjXQE0MDkqLiARFCsNK0d/Ki5BVwggPQkuDANdMkQnGwofEnA+DAAMeiYBKSc3MQ49UA HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         108.157.214.123
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1179
date: Fri, 30 Sep 2022 19:48:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: U4kEclVcTcbDBaXVkIrPKZFaVc9DQ6DsPIZxoRf_5yYSFL8rb6fUWw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3020), with no line terminators
Size:   1179
Md5:    41ab18fd08161c23b739862b9dea5a8e
Sha1:   58d57b47a8e0019aec7e0f40d557273e887125c7
Sha256: 79db1c0bc6929d3d8b6712d043e8e581acc1164ba4dc5ad4518a530764030a4c
                                        
                                            GET /bXNWWGYMETU1WQxONH4THx9rfVQrVmQeAgAeLDMACUtkLwcUHXg7CgIGMj4UAh0idggIB3NqIBsXZBYTODQ1DSIsMmQPJyA4FTVXPCIAPAA3NQwKJT9Dc2ogLiIyPSoXFDMRDDxDGDEsJTQFAgwkHxMAICkhNwpWODAbCQ08Kz0/Vy4hBD0+XioRHRErJwwdIyk2IR1ROhsbGyQHOhoQAQYyGTAwPzUxYRIuGzECJBcEGh4NNxAQNCw3JmYsDztCbjo+XzUVCiUrPw80BQ8wMRkKJUIcCj4EGzAJMhUqDB0sKDoDLA87BAMONV8+OwwKOzIPHVM+JgB1Ul4yPgkvLCsADis7NTMBMAk7AzRTBSI9DjIuNz0OIwomFBMjJzUcDgIAIAM8ICpBZw9ABwA5NhZQMj4hMzopMB1WFztlHQ HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1176
date: Fri, 30 Sep 2022 19:48:26 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: GtsVZwYFdY7bgeaNgHHbkBGsbW6E0gW6WefEdXLLVrxP-5JGZEvJhQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Size:   1176
Md5:    2020ab69a4eaea11ccaa3b1b2381de0e
Sha1:   6e4dd3e79aa796dc16945ce9dab93dd7cad8055a
Sha256: 076088d29581135604946f257c3f68a7673e451e9d4b790b188c0670f422d52a
                                        
                                            GET /media/img/b15.png HTTP/1.1 
Host: platform.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.74.36
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 30 Sep 2022 19:48:26 GMT
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Sun, 23 Oct 2022 09:44:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 640993
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa2OA03Lg33fHYr%2FolBOAm5JkBrPMMWP7z2m8vyrNYVioGOzV4C7n1wgedUSozcNKRYwOUONUEw4PoBH6%2FJSea%2B1KjBDnZktf50PQCH4RMCGGhfv3OPGBoeB4LoPeboVDKix%2FLpH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752f79e49b31b509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size:   649
Md5:    d832fb80c97ff291b952757bb98240d2
Sha1:   63732e61a0784ed68fde494f83e4686a5c4bf7fa
Sha256: 7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
                                        
                                            GET /EV0o2TE00JVgqciMjUnF6YXsHdHtxIEUjIyd3UD95IRADIB8VLwY5K3E+TChwZ2xaLSMwdxApIzR3B2osMygLeGsjOlkncDMrXi4hPiBYJj9xP1dxIDgwXyAhNm8ECnh5ehN+fX8yB31oZAgTfn07I1g5NXJ4BjR1YRUAeGhkCBN+fSU8E38MbnwYfGRyeA-YrKDQhWWl/EXgGfX1newZ9aGV6UCU/MixZNGhlDA96Y2dsQ3F8 HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 590
date: Fri, 30 Sep 2022 19:48:26 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: A92M5YyRP3wO1rOBojqW6K0_iFNqQYcenEVOvAcuWyjwbx0arthF7A==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (833), with no line terminators
Size:   590
Md5:    72e7b3bcbeb56b5c75e04617d73895d5
Sha1:   49ed5708c5f072955c943013b89d1307e319479c
Sha256: de9b2e6e7f3a9ff48235dc2582238a9ec45a9e80569d7efb0de5a1db4ad03b5a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "805C0543D34EBB9710B2AA73D0CB38358831C630E7361FC38079B0C6EDE4C3D1"
Last-Modified: Thu, 29 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=725
Expires: Fri, 30 Sep 2022 20:00:32 GMT
Date: Fri, 30 Sep 2022 19:48:27 GMT
Connection: keep-alive

                                        
                                            GET /ycnBSQ28RHzwlUAYZNn5XRUZhcldUGiEsAQJNCDQqNTUkOTUrJnQ3FRZNYmUDEx41fkkXHjF+XlQRNiFSRlYmMwAZTTYiBxAcOykBGAJ0Ng5PHT05Bh4cM2ZdNEV8c0pAQHo7XkNVYQFKQEA+KgEHCHdxXwpIZBxZRlVhAUpAQCA1SkExa3VBQll3cV8VFT-EoAFdCFHFfQ0Bicl9DVWBzCRsCNyUAClVgBVZEXmJlGk9B HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 454
date: Fri, 30 Sep 2022 19:48:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HbYr_CDt8Gl62CRDgMsvM7rt2rBLFlT_hg2Jl3p9ijBriniRZcfQhw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (594), with no line terminators
Size:   454
Md5:    fd4bcd7d93d41b059092fb5ca0c9e205
Sha1:   51ef4e71b30abd328000056cade1f786dab9dd93
Sha256: 676a216702b94ae493afceadc699e2d4f9d01ccfc665027155cfb50ad873821f
                                        
                                            GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1664567303492 HTTP/1.1 
Host: platform.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.74.36
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 19:48:26 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxHMSuspLuur3K2mXDD3dMXqPsVfaCe%2BReO0%2FO2apo9lL7F5Hl7Nfs02wH8TPGnt97dsl3ZzmrnKEB8cYVIjKiTV1ItE5M7iYlbewIsk%2F154E3aW4OMyhj9LgKz1m2HvPWIiWAAC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e3ba14b509-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Size:   25464
Md5:    832a2bc5bff16589bcbf163c0fad338f
Sha1:   1efb927ade240b1277e5a99d94ff5d5144fc31c7
Sha256: 64543209e082f3e5d60b2b21a2f78048b9c44989e1d5e5a261b71703e0ab2778
                                        
                                            GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:27 GMT
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Size:   951
Md5:    76852bc6b2c028db97322a74e85bd020
Sha1:   ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
Sha256: 8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
                                        
                                            GET /ITG13cjMvAhkUDDgEE08LflhOQwJqBwQdXTxQIRtCIlo5FmsJFy4Zf35LAwhXcV1RHlIiCkpUViIOSkMVLQkVTwdqGQcdWHEYGRZWKgQZF1dqGBZPXiMXHh5fLUhFNAZiXVJAA2QVRkMWfy9SQAMgBBkHS2lfRwoLejJBRhZ/L1JAAz4bUkFydVtZQhppX0-cVVi8GGFcBCl9HQwN8XEdDFn5dERtBKQsYChZ+K05EHXxLAk8C HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 356
date: Fri, 30 Sep 2022 19:48:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 25X-BaUHIQub7kPEI52x-oqRu_idHJy3AsfEH1elQNy3W-c5sQmdFw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (454), with no line terminators
Size:   356
Md5:    a715a162407375d824f498015ba1f0f2
Sha1:   088b578a133291a916645b7fbb3f1ab4f69d8603
Sha256: 8e93a892bd53ddf1fa10d4364a261970e3362db3ca3a7fcff651bd49df657fb2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 19:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /rec?t=1&z=6192&uuid=35d8136a3afd44528b2e35fde6379c7c&p=28&g=NO&token=4a44335432&tbg=1664567306 HTTP/1.1 
Host: imp9.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.74.36
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAtFJJGxI4Ydtg8y%2FFAx181RA9%2FF1wRDlQowfIIGvmBiCWodNXYcCXjY7p%2BgnAvoeoC3yGtbylN9JrpQuVbd7OUHLnk%2BXJqOtNWzFj%2FVkhMaivYK1rgqXHxm9CmC%2FXhaYI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e49b32b509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size:   599
Md5:    ca49a7e783b806a4e8576ea80346203d
Sha1:   6fe9d083221dae98f6c76f7121c37bc884b02d82
Sha256: 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
                                        
                                            GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (971), with no line terminators
Size:   8786
Md5:    3b0c63c50fefbf41d2b1848f385eee09
Sha1:   5d2771f7e66ca72f66faddf2359e32a52aa5944e
Sha256: 30132b972948c63e880061d03eab90442983767dae19802bc6ba4407ea98f3e8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5591
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 19:48:27 GMT
Last-Modified: Fri, 30 Sep 2022 18:15:16 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   23333
Md5:    0f932c6de0b8b2ae4505dacb073b01dd
Sha1:   3ab44f438183d3be1da57bf691b3dc4f484cd2bc
Sha256: a24aad70550afc8556669728b73fe3182b3c5036eb8c06b4cb1802922908a1d5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 19:48:27 GMT
Content-Length: 281
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 09:53:49 GMT
Expires: Tue, 04 Oct 2022 09:53:48 GMT
Etag: "9909ca4abe48a9eeca2da7e5cd7db89a05c76fb0"
Cache-Control: max-age=309320,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 752f79e44c7bb4f7-OSL

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "2E125AF5A9CD56C5DAA6145CAAAD1DAC94E468FAF69CE26E9D39C6418445122B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4950
Expires: Fri, 30 Sep 2022 21:10:57 GMT
Date: Fri, 30 Sep 2022 19:48:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "2E125AF5A9CD56C5DAA6145CAAAD1DAC94E468FAF69CE26E9D39C6418445122B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4950
Expires: Fri, 30 Sep 2022 21:10:57 GMT
Date: Fri, 30 Sep 2022 19:48:27 GMT
Connection: keep-alive

                                        
                                            GET /DTENtTXkvLAMrRjgqCXBAeHpVe01qKR4iFzx+Cj8bNHoJFQEGGwZ+SWo3FylEfGUBLBcrfksoFy9+XGsYKCFQeV85IlAgFjYqASEYaXEreFd8Zl99UTRyXGhKDmZffRUlLRg1XH5zFXVPE3VZaEoOZl99CzpmXgxAem1dZFx+cwooGicsSH8/fnNcfUl9c1-xoS3wlBD8cKiwVaEsKeltjSWo2UHw HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fhisladyloveh.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 185
date: Fri, 30 Sep 2022 19:48:27 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ohpJGFo3Ta3z0xnk44GAgDWhSbAPb_rDA530v_I4LNWGtZiu1UvGqA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   185
Md5:    c975570b7d9883e765297e2b20c8615f
Sha1:   8a5fc2a78a8b13463b5551c1253f89759a5d1aea
Sha256: 48ce66b715d215d5e4b429852ac2bc0c0ef4995beb532c36f1728ac146889722
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 19:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 Sep 2022 19:48:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1022866715%3A1664567307147056&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrmofK0yvLH9cMNZAT7UmYPHLZHUzPiixCTyo-li0rr4bDUl1cak8_BMIpwhSdky7cm5r5n
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-gvdnu9nlRioHUwKqwWvv8w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:hcoA7KOyJ_5h_IAzgoTp2Vjq5wfM_A:PMeoTjxXceegUEhx;Path=/;Expires=Sun, 29-Sep-2024 19:48:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Size:   394
Md5:    746ce2ebe94ae9fb415c25b6d2e4c53d
Sha1:   77bd89111f2c276b8d9fb6b50fd691b54d861704
Sha256: c200ee5f7dee9e98d3f9969ed206e482877112eaea8d8f5d72964496140b9369
                                        
                                            GET /utx?cb=rCLEQaTbk6v6&top=megaup.net&tid=825911 HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 30 Sep 2022 19:49:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7rt95oSjlJOGXf64EOmMIxEdYPiQ_Cl3zD4dAZtYpbeXEqk61VbGsA==
X-Firefox-Spdy: h2

                                        
                                            POST /j/collect?v=1&_v=j97&a=244582720&t=pageview&_s=1&dl=https%3A%2F%2Fmegaup.net%2FTVnv%2FRusted.Warfare.RTS.v1.14.rar&ul=en-us&de=UTF-8&dt=Rusted.Warfare.RTS.v1.14.rar%20-%20MegaUp&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=2041032788&gjid=1249243463&cid=1735381073.1664567304&tid=UA-108868042-1&_gid=729016047.1664567304&_r=1&gtm=2ou9s0&z=876413042 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain
Content-Length: 0
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://megaup.net
date: Fri, 30 Sep 2022 19:48:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /utx?cb=wdo3JeWm0BO0&top=megaup.net&tid=876318 HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 30 Sep 2022 19:49:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: _UGP5WwGJUtng72XUEoGv-I7RHQOLKhYYpaIVWisEProYsTAE-x5ng==
X-Firefox-Spdy: h2

                                        
                                            GET /utx?cb=iTHeXVbjJN4x&top=megaup.net&tid=764141 HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 30 Sep 2022 19:49:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: E99S01HVnBMwnVnXPXO-NN0h_L5X63G3oMAHck8o2mgxhQKWKBu35w==
X-Firefox-Spdy: h2

                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 Sep 2022 19:48:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-267437022%3A1664567307192961&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr126nE5cFwkZP7oOVgiz60ED9xFkhpOglX4kpSK8ub2Lnr0GFEEf_I1LWzoIhRu_rbQjVM
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-F2CYpeSkfRh43rraHLzmDw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:aPv4cE7JQ-Rs6oY7oVTbbdVyFhKGtA:bQTSiJwfsgyoFcp9;Path=/;Expires=Sun, 29-Sep-2024 19:48:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Size:   398
Md5:    4a8fe2d9e41ea1910c1f9e465f8964db
Sha1:   c471a3baf4d3d8c77cdf831eb28c67284411601f
Sha256: c631900fd935132f45a45147ccbe99d71a830e44092d9ec7b32211d7ff2788c8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 19:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 73
date: Fri, 30 Sep 2022 19:48:27 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pWXPVQ-Cn6pl8Zn31iVdDHwNIdTHdtyumkIzP-iaNYHzSUdJ83P9pQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   73
Md5:    de37377b72195a4f064edf7ec8a76676
Sha1:   ed544d5b6a37acad78498099407c648a93316ddb
Sha256: b3209cc0b1d1b71e85af4e843afe00a3079f3286d52b3fb47e72c6c5c48b8399
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "2E125AF5A9CD56C5DAA6145CAAAD1DAC94E468FAF69CE26E9D39C6418445122B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4950
Expires: Fri, 30 Sep 2022 21:10:57 GMT
Date: Fri, 30 Sep 2022 19:48:27 GMT
Connection: keep-alive

                                        
                                            GET /utx?cb=Jgv1t37efRfx&top=megaup.net&tid=761186 HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 30 Sep 2022 19:49:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 9Eqbk_GguwQiRUbpwDiucY1RpgwOdhowHlKtYIZV7g4yRS6cUUkWsQ==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5591
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 19:48:27 GMT
Last-Modified: Fri, 30 Sep 2022 18:15:16 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /a-ads-banners/417662/300x250?region=eu-central-1 HTTP/1.1 
Host: static.a-ads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         148.251.53.118
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:27 GMT
content-length: 82668
x-amz-id-2: ChxpVYsR4ROQ86z8cjw+wdIdXDYun7Fa8MW9dhsV1W8duxVI1J4XeNouwXoAJJhyIItOWro8nVg=
x-amz-request-id: X9CDZ5Y23NAW4J1Z
x-amz-replication-status: COMPLETED
last-modified: Mon, 26 Sep 2022 09:29:28 GMT
etag: "ddabd18d03a853c6762d47b5b57dd80b"
cache-control: max-age=315360000
x-amz-version-id: mFCfYdfSnNSMJrbgc1nGSlMuVlXTBX_b
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Size:   82668
Md5:    ddabd18d03a853c6762d47b5b57dd80b
Sha1:   6f05cf6210bf768b0d04ac7dc29f5ec743d6cf05
Sha256: 497c940df27692a80de454a0e450f56e14825283570ce2ae53078e3bd2545dc3
                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.exdynsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 290
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.246
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Fri, 30 Sep 2022 19:48:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226337480b500f35.831794532866916398%22%3B%7D; expires=Sun, 29-Sep-2024 19:48:27 GMT; Max-Age=63072000; path=/; domain=exdynsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5240), with no line terminators
Size:   2355
Md5:    fbc3176c3ee2d6b51885026eaf499443
Sha1:   838f9727c420eab9082d92b81055d52ce3aa926f
Sha256: 1d2c5ec30f5a5b44724987046983105111bc3694010b5b31b50fcf945b84f8ab
                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OW0oEQQy8iheYppJOujv77beC4gFmZ3r8chFUUKjD2zOLiykS8qikolCdEFPGnfjJ2kkrQ1IgmSZx48PjE0341l/nr/d06Z90F0NhiYA1RramhWbFpBW6CF1DYzCqZ0epRnFmYkA9m+1ZAiBS2cCX5/vDZUDBEXdJauNYJL73vWhtlZhj8bNsW802Q7YhCESrtetO/P8irkiQXZ3612AWy2rKSW6FcRh4jOePn8tC3ujXZ+nHhUwxwzi32CK1rHVbtUbpq2+lmyI09+Us7fwL6tTU11QBAAA= HTTP/1.1 
Host: syndication.exdynsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226337480b500f35.831794532866916398%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 30 Sep 2022 19:48:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226337480b500f35.831794532866916398%22%3B%7D; expires=Sun, 29 Sep 2024 19:48:27 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none __upt=%7B%22v%22%3A1%2C%22id%22%3A%226337480b500f35.831794532866916398%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22511.0199%22%7D; expires=Sun, 29 Sep 2024 19:48:27 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /multi?cs=MHhEM0gGSHwGeANOdQZwCE58Cnk&abt=0&red=1&sm=76&k=download%20file%20rusted%20warfare&v=1.0.60.0&sts=0&prn=0&emb=0&tid=876318&rxy=1280_1024&fs=1&mbkb=143.47202295552367&ref=https%3A%2F%2Fmegaup.net%2FTVnv%2FRusted.Warfare.RTS.v1.14.rar&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_k1HD=1664567304047&crc=1 HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 1559
date: Fri, 30 Sep 2022 19:48:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=747bea0f-1503-438a-9ee5-f05bb5250c9c
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 8ZVlDpbJdOR3zDleLF4urwES2ppk7viJEDTzTO6zoL9fkVoBm6J8kA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3243), with no line terminators
Size:   1559
Md5:    014f580e4baa45b231003fbd3405e469
Sha1:   47d766ae7bb622cab9a2f84370b040491611c7bc
Sha256: 6375875113e96263217d0e71a2bcad637acdb8f6964e4fde143de7dcd271de43
                                        
                                            GET /utx?tid=832633&top=megaup.net&cb=Rod2IY74tx94 HTTP/1.1 
Host: fhisladyloveh.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         108.157.214.123
HTTP/2 204 No Content
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 30 Sep 2022 19:49:27 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: yDqW3GIVnCWJe2I4pe9_YUzsRenxrSRv1pAFIo1_6P4dMmFKvnNnVg==
X-Firefox-Spdy: h2

                                        
                                            GET /library/551406/bf45fdb4f306fadbd08d76fb08ee9617adecc6c5.jpg HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.76.9.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
content-length: 18723
last-modified: Wed, 08 Jun 2022 05:29:20 GMT
etag: "62a033b0-4923"
expires: Fri, 30 Jun 2023 11:15:26 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688198998
server: CDN77-Turbo
x-77-nzt: AblMCQ3+7Rv/NZx4AA
x-77-nzt-ray: blXWTkU1CHU
x-cache: HIT
x-age: 7904309
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size:   18723
Md5:    a22bae949b684bf348010f5764820bb1
Sha1:   bf45fdb4f306fadbd08d76fb08ee9617adecc6c5
Sha256: 4b07c49f760a589f755c58fe79044b80bda6a9b959117951be72671510702f35
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B877DB561B7A5B4EB8BAE184A7608C30D5674820B430C1985676E968137DBEF"
Last-Modified: Thu, 29 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19290
Expires: Sat, 01 Oct 2022 01:09:57 GMT
Date: Fri, 30 Sep 2022 19:48:27 GMT
Connection: keep-alive

                                        
                                            GET /U041VnYobEYhKSY8WXRMcSZBIgYgdBp5GzYpVCMGfSBQIlkgORs8BXFiFyUbNWwPZ1pxOlQxKToqF2xUa30HYEVgbBl0BSYsaj8SYWwPdBBnKgxjRzYqGGVGY3cYYk5kKBhuEGV7GG5HMXdUYUE2fwA1EHEz HTTP/1.1 
Host: societingna.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         44.195.137.121
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
set-cookie: 532ba5124c28626694db38376aa1d0e2=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0fa-CNXVc7q0INu0P8O11bwwgDhwPVU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63161), with no line terminators
Size:   26579
Md5:    7cc7af75988c7e2047097e47008aea38
Sha1:   c6220ca6d04dbbd77b14a7fddb96774d7eeaf34a
Sha256: ad85c8e61b1fd21d9ed3ab56d4294e4488ee2f6e98cb16b37c547d220eaf4695

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: tsapphires.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 382
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         44.195.137.121
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57; _ga=GA1.2.1735381073.1664567304; _gid=GA1.2.729016047.1664567304; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:27 GMT
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Size:   31568
Md5:    e0c4ac0e73196bd0469c5c33304b7773
Sha1:   bb071565f82907d117b0732dca8013409162c67d
Sha256: ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6349
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 19:48:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6349
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 19:48:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6349
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 19:48:28 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6349
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 19:48:28 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 79393
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10380
Md5:    139a144f8cb04ac8aae65f4bad1473e7
Sha1:   265840b2d2fc6eb764cc6409b05deee8d77a19c2
Sha256: 6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 23:45:42 GMT
age: 72166
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7810
Md5:    456968f691ae9464d69a37bffe9bd7ce
Sha1:   31b8538deb0f00d5b4182739a4a2fcc1b956a998
Sha256: 5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QKHN1asEv6w1mTLxsmn7Oj5AZTsPcg0H8zv5_qQ1BYptjL254kCZdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:20:36 GMT
age: 77272
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16011
Md5:    1389b1d624b44706c7a6f6b7eb769241
Sha1:   78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
Sha256: c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11dc66d9-c0dc-4009-bc21-1bc7de4d071d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7537
x-amzn-requestid: e4f3306b-5d8c-4257-8b1c-042227c802d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbFHE4oAMFc3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f79-691ce35a37178a0a189879c6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qLUYGKeXkYVpH-oleaqCadfIgRE66QXj-uK_YccpQUeJYnsFq7GaUQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:12:16 GMT
age: 77772
etag: "126d8bfe9e913c8ea665089270d0d524ed5a1234"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7537
Md5:    cab91ea6d86b9d8af67590ec8638c35e
Sha1:   126d8bfe9e913c8ea665089270d0d524ed5a1234
Sha256: cec04f205ed6397a11cea16a3370d1cbac52cf63f65742bea1a43232ea61a993
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: op_2CSOAx9-hqXvj1nOyitq0UXqIyItmquWjMkmMdKWnwoTIA_SA6A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:26 GMT
age: 79382
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5106
Md5:    13a12db696bc2bf6a6ea2f48f4c1428e
Sha1:   3481dce8ab711111fc8863d88bee1a887cfd43ac
Sha256: 6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 06:34:26 GMT
age: 47642
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8059
Md5:    d21d2bdcedbd619a80017054076319f9
Sha1:   86dd3bf133e9eddf8852f39e1ee695ee599ac886
Sha256: fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d
                                        
                                            POST / HTTP/1.1 
Host: tsapphires.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 351
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.195.137.121
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: tsapphires.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.195.137.121
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C1EB11676BE96864E255FC4D2B78757621F1EF94CB12E59A7C7F67C4C586B500"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20456
Expires: Sat, 01 Oct 2022 01:29:25 GMT
Date: Fri, 30 Sep 2022 19:48:29 GMT
Connection: keep-alive

                                        
                                            GET /ie?v=4&c=kgptMZSLie8-xqx3V-4PEPWlHRnYlqCPXzEbjslnHfzfWFKYlCEoQf_8NLYpLM7j3zTj7d5LmsvL4yhAnwnYAEjZi5JfsuKxb9-QEVWHOEgpnCdVdiXfSFG24XOG3Za3O4Z7ge86Z5zBWr4YHIjCrXgCfOFDKgjOIXix6acM2ro8b2UBnASefK53sdkHLstCVYwoFRWGBUXehoaVCBlk8_oCyVFpQB8ufzvfIP2-NVLB5Dx9ya4V_mdO093kw7Th_Jcg5UOq1Z4S47uHwRPtZbwjjQG1F9yBZiC3jvtOCGQm1SHfUTl7f1rny5zBnHb2mTFZMxtyOzt8-czGQl_Q8coDdbWkD8VDf-_ZYpSwBCgViVEFQYNPT8jUGKc_MDiw9kUHVBwUkBpZX2Mv1mdVDK_-zlA0oB621LCO3fHeiUeRMvqOCRkhiRPXDXT8BZ_JTnhDhsY-C6QxOzo=&v1=79&v2=65870 HTTP/1.1 
Host: hypoterian.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.194.90
HTTP/1.1 301 Moved Permanently
                                        
server: fasthttp
date: Fri, 30 Sep 2022 19:48:29 GMT
content-length: 0
location: https://img.vmmcdn.com/get/24774995/158563_icon.png
x-app-id: 14

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0318321DB0C126E3921F282C1EE53C5B0E136B6315CAA633FFC9D5B7D079CEB9"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4191
Expires: Fri, 30 Sep 2022 20:58:21 GMT
Date: Fri, 30 Sep 2022 19:48:30 GMT
Connection: keep-alive

                                        
                                            GET /get/24774995/158563_icon.png HTTP/1.1 
Host: img.vmmcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         46.4.121.113
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.14.1
date: Fri, 30 Sep 2022 19:48:30 GMT
content-length: 85295
last-modified: Mon, 26 Sep 2022 14:32:00 GMT
cache-control: public, max-age=604800
etag: "6331b7e0-14d2f"
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   85295
Md5:    4397ca1d2de94217ca00501f17c1855f
Sha1:   02ef3ef9a78fd27d8d6cfc2ab2115b5e5886d814
Sha256: acf163d19802e3624960dbad8ef3f29be501af46d4e2ffdd7863eb47eff15b53
                                        
                                            GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57; _ga=GA1.2.1735381073.1664567304; _gid=GA1.2.729016047.1664567304; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:32 GMT
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Size:   31900
Md5:    1b285c8e5b7445a8e434b2cdf036bab2
Sha1:   c97d4772fbb5c5637d466b5f991bc7ec28830b32
Sha256: 09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
                                        
                                            GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.173.27
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3496
last-modified: Fri, 30 Sep 2022 18:50:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyeV4Vyd4qbFCIxI%2FXwQ8comOduUN7OqxY5LSC5DRoLGFS%2F8XpdGn%2B%2Fjk1XronV0J7vgqkmxYyWHGpfgwNqKkNq3fKLJkUre9UYsVr7VQnUnwqFdjcJrpN7SzE%2FEvUjV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752f79e5dd9b88ad-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1811811?size=300x250 HTTP/1.1 
Host: ad.a-ads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         148.251.53.118
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:27 GMT
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.35
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: 7ZKtTqsApErJPhOSHYYzx/dZdPiGYkaq8hN4/VZCzwLWFUWEOFUoQEz6nN5FpHhyjZ9udFWvvbqaIxMEkJdvyA==
date: Fri, 30 Sep 2022 19:48:27 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:27 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery-ui.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S-267437022%3A1664567307192961&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWr126nE5cFwkZP7oOVgiz60ED9xFkhpOglX4kpSK8ub2Lnr0GFEEf_I1LWzoIhRu_rbQjVM HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 Sep 2022 19:48:27 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-JfgK0qECzBBjXlAkkGA21A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=dHVDjWk1dTn0ixaUWQ606zRf-oR5TSilLtrCavfBOJL4P6aV6NbeOwP1_M0rWsEIbK_eMH7AnAKOkC1AYpbXTi_iNLx-B7kPRuRzaSRH5mhqpzoZZUTF27IlPCXot39hHxws-7d6mhc-dR9WI6oYnjEf1ryp-BhN2MpH3lm9wqc; expires=Sat, 01-Apr-2023 19:48:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /TlhaQ0IVemJwcHhraWFubHp2YSR6PGN2cys8d3ByfmF3d3p5Pnd7JHhtd3tzLGE7dHUraW8gJGx0eHQmL2w8dHsqdTt2IS91bnJ7d3U4cCB9dWJweig%2Ba3YkLGo4cmBieik0YGJ6LjAjPigyKjArK3QhNzQieG9gf2h0dmBiPjsvMSt0PCIuPT12JSMiKz8e HTTP/1.1 
Host: tsapphires.buzz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         44.195.137.121
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
set-cookie: 83c6d40d2ca7be48848b6e6bd434947f=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-fgB9PHarSIH/hNGt2pRElheLmvk"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.173.27
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3496
last-modified: Fri, 30 Sep 2022 18:50:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSoCNRi96518WdGu3ZPFEGwrFUUJxEspYwZIGtXHFVqFXGxWsFT1exzMccIQ3JTUiVZxb48RxGE3Q0BtV3mnp16RGS3fOzkG6nquZ82ylqRu8D85VFvZ8DKLxdb6XikU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752f79e5edc388ad-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.173.27
HTTP/2 200 OK
content-type: text/plain
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
set-cookie: csu=879461189695944@1@1664567307; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFVea2V1t8V%2BJnHNH1%2FlDYVoWm904biPkd8OuubbE0tPLybiszxpXLnivAU1oDS5HADlPvI4O5SZMI%2FKuxCPvvSdS1dcJiOevhBtLgBe42YqwPyirwJnz%2F484ApSGNAa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752f79e5edbe88ad-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js?bTNCMHo2EXoDSFsAcRJWTxFuEhxZV3sFSwhXbwNKXQpvBEJaVW8IHFsGbwhLDwojB00IAndTHE8fYAceDAckB0MJHiMFGQwedgFDVB4gAxheHnoDQgtVcwUcDwEgAVhBETFHWEERNkMbHUMqWQgIQGxSDxdJYBxYXANsBVhBVSNcCQgfJFEWHlZuVhsBQCdt HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57; _ga=GA1.2.1735381073.1664567304; _gid=GA1.2.729016047.1664567304; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:27 GMT
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/styles/file-upload.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/global.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.173.27
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3496
last-modified: Fri, 30 Sep 2022 18:50:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxL787lslothgbo3HKUIl%2FsUIxTQwdZUyHZ9Fjl%2BH1jqnePsHk23w%2BxsNBuxibv5qWsg7t5m81Vg0UUGR4D5ITLhW%2FWc%2BpUysq0nWc5L27UZGdSiQnkLrEFxZqLncUTc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752f79e5edc688ad-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /v3/signin/identifier?dsh=S-1022866715%3A1664567307147056&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrmofK0yvLH9cMNZAT7UmYPHLZHUzPiixCTyo-li0rr4bDUl1cak8_BMIpwhSdky7cm5r5n HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 Sep 2022 19:48:27 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-2IA8ubg1CcNQPeQBwitNvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=Fdh1r7NaC6s8tqJW1dvE1aG6FwvD4Rq1PZwkid77jkGcz1nzaFR6UxJgc4rBlZIdnfCRX4NYd9X0ZE7GPyNTZWyD3By7H3vp7_1pL_tdLVaTSHRoII0PHc4BEpSnX3RQcSAdMqaqE3Db4rkzErbzkPKjCyfkltUfah2tAUpI7gs; expires=Sat, 01-Apr-2023 19:48:27 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: pogothere.xyz
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.173.27
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Fri, 30 Sep 2022 19:48:27 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3496
last-modified: Fri, 30 Sep 2022 18:50:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCfnnGLMQk4W6GS6fjPjLyaWDOABjGJe%2F6B9f5JdEBDZAUR8QCra5wdQLuW0STzJA5VAwgTu3pcTjcjCXJ5hoM858ebmMsfCEX%2BSD87Do6DTzEaPsj3XS%2BgJX4xKkrR3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752f79e5edb988ad-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /TVnv/Rusted.Warfare.RTS.v1.14.rar HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
vary: Accept-Encoding
set-cookie: filehosting=kei4ikirav8eajh9me9diahn57; expires=Sat, 01-Oct-2022 19:48:26 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/TVnv/Rusted.Warfare.RTS.v1.14.rar
Connection: keep-alive
Cookie: filehosting=kei4ikirav8eajh9me9diahn57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 19:48:26 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---