megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
301 Moved Permanently 162 B URL HTTP/1.1 megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 29 Aug 2022 10:28:52 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 29 Aug 2022 10:25:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XELE7XFlzQopxgZO-34ybzqfbCiRUVD1eEhArF41zgAdLe8ZtAdZLg==
Age: 215
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 21b1296f31569e4fb94048c52df34904
3e3194f640d71b9da28e809660443e332bdba310
7ebe5d06efe28c8507b4cdfbf68c6e5bbd9919ba776990fb8a22d90cca0c1c1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9212
Expires: Mon, 29 Aug 2022 13:02:24 GMT
Date: Mon, 29 Aug 2022 10:28:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QnhahTY5gBnlw4VeC7qDm_Or4A2ZWG3Df3zbB-xIy0X6slhhzg0Q5Q==
age: 42774
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 29 Aug 2022 10:17:12 GMT
Cache-Control: max-age=3600
Expires: Mon, 29 Aug 2022 10:55:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YQuxC3TkMZkI_T8Zgg9ktEFb6qQRzo_feMXLbYv5nK6k6fPbu39DlA==
Age: 700
ocsp.digicert.com/
200 OK 471 B IP
Hash 482aaffff49fe5727a2771a30d1a5a51
f615becd41a1e28054d6f213db9646d26b48253a
0c9687ceab24c778de0010ff6d03991fd789a93290bf09e4026165decdf356b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3255
Cache-Control: max-age=167523
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:53 GMT
Etag: "630c7391-1d7"
Expires: Wed, 31 Aug 2022 09:00:56 GMT
Last-Modified: Mon, 29 Aug 2022 08:06:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e5qt7g1WB1axVT/EdEZ3xQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ztDbro+9yutqntySktmJWCrEd1g=
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0a7e5dd96a0b98da6c22446fcdca5977
3184be527c6d32edfdeab7fa49e481829e91d0ab
0fe3a46f7f98a6b4168b4678e48ce5f4ce92a4a8b068069923409c13df7c369d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 10:28:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 00:41:15 GMT
Expires: Fri, 02 Sep 2022 00:41:14 GMT
Etag: "3184be527c6d32edfdeab7fa49e481829e91d0ab"
Cache-Control: max-age=309740,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74249a34b926b4f4-OSL
megaup.net/themes/flow/images/main_logo_inverted.png
200 OK 7.1 kB URL HTTP/2 megaup.net/themes/flow/images/main_logo_inverted.png
IP
File type PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d15526be10b904a6b48d1af04a10cc3
c09b6874359ac6d71db95593618a9acb55baa984
894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
GET /themes/flow/images/main_logo_inverted.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: image/png
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2985715d932e128e4567d855a7ef68ce
7f099bef9c54c907a5a5be6c1bf8ac8ea054bc4a
12d0b41bbbb9e2db4be336899d067be1fbaa93517aeab89c7a45320a45f2e6e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 23c24dc68eb4822b84e251e36d579619
60419f3de8d5a549ebff5a307aeb0f9ed78100c4
ca4ace4da2d33aec3d90c29f068b653b72b2012f8179433d159b92c85624b0e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA4ACE4DA2D33AEC3D90C29F068B653B72B2012F8179433D159B92C85624B0E5"
Last-Modified: Sat, 27 Aug 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17733
Expires: Mon, 29 Aug 2022 15:24:26 GMT
Date: Mon, 29 Aug 2022 10:28:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4e04c8f8599c4ece92c139124eb97c1d
a2869a73b402eba172a663ebc75e1806de2cac9a
2b613f16c919ff2316575e807e877a6e045083e3804279b9b847f1a67e0683f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B613F16C919FF2316575E807E877A6E045083E3804279B9B847F1A67E0683F8"
Last-Modified: Sat, 27 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5577
Expires: Mon, 29 Aug 2022 12:01:50 GMT
Date: Mon, 29 Aug 2022 10:28:53 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-108868042-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-108868042-1
IP
File type ASCII text, with very long lines (1615)
Hash c5e7f333b767bee1f1afeb5126bbed49
35d07d17d844bc6fddc366e0c983f96731e6d7d4
abb8a28741cf536cf7ff7363118314c239c35d544690f1850844a32695d478e7
GET /gtag/js?id=UA-108868042-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 29 Aug 2022 10:28:53 GMT
expires: Mon, 29 Aug 2022 10:28:53 GMT
cache-control: private, max-age=900
last-modified: Mon, 29 Aug 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42035
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 10:28:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 10:28:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
200 OK 1.7 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.scrollTo.js
IP
File type ASCII text, with very long lines (2241), with CRLF line terminators
Hash 606c2bea154362c591f42cbd53695fe8
98d13d968704c9552be28c864e13274b4ef91645
d799806b21bb6d473c865eb682899b7c183023b2ec4ea1c6caf1ade0a4362844
GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
200 OK 189 kB URL HTTP/2 dmmzkfd82wayn.cloudfront.net/?kzmmd=761186
IP
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 189 kB (188782 bytes)
Hash a0c3c74303c201c644436723559356a1
769499bc0fffed68f5ed004f8f24c955eb26737b
5e9f4d8f43ceef1fea9287e5c162f40b4b3e4447ab59a364e8acd33e1ef18d34
GET /?kzmmd=761186 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 188782
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iEoRibwhNYKnn9zUAqNySjVYVUHleVcV0tUgir0NE6sj_hmIaIatpA==
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
200 OK 31 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_extrabold.woff
IP
File type Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Hash 21f79e4c0fbe54a555170aa70bb4c8b7
9d4aaf2016cd21f16bc45089a48de84dba951fa7
2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: font/woff
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_semibold.woff
IP
File type Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Hash 99ac81a158028ac2023fb3350d2497e7
f08c12c91ab29282a616c3ba8e533f49b5b433ca
92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: font/woff
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
200 OK 21 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff
IP
File type Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Hash cad75e2dacc6794c4e6b14727d4a989d
694d04c8f643df4100c23efc1463ac9f4e732f60
ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: font/woff
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
altowriestwispy.com/tysaSHG1FMaM/18410
200 OK 25 B URL HTTP/1.1 altowriestwispy.com/tysaSHG1FMaM/18410
IP
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tysaSHG1FMaM/18410 HTTP/1.1
Host: altowriestwispy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 10:28:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
keydawnawe.com/gwZ1U5hjA8ii/32575
200 OK 26 B URL HTTP/1.1 keydawnawe.com/gwZ1U5hjA8ii/32575
IP
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /gwZ1U5hjA8ii/32575 HTTP/1.1
Host: keydawnawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 10:28:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
200 OK 4.2 kB URL HTTP/2 megaup.net/themes/flow/js/clipboardjs/clipboard.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (8746)
Hash b77513887e3bb6e2b55669b3d80c8857
88f7104b6835f04dad5cfd4f95070fbc76fbc6dd
079f30fbc76aeb732a39d500b21ce845bd9af7621e6375bbb43ccfb649685b95
GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
oulukdliketo.shop/alI5MzQLMFpeCwtvWxVBGD4EFgYsdwt1UAc/Q1hSDmoLRFUTPBdQWAUnXVVGBTxNHVoPJhwBcl8xbldDJAdOYHcoZ21QQz8df3JcWgBVdXAoGmtrcDscWHpTLDN7AW0LHFAHDD0AaERyEwN6V2ZeHG9YcVgUb0N1Lyt4Ync4MXBSXDsYfERcUwROamE8YX91ZTsAf3pMGjN7AlMeEHhcbDIoXlJyLAh4f2EdGXEDDAYaaEBmLxoNAGEGZn9SYSQKbnYFUwN8eXAOYFV3YhIqWnpTOzRvYlBSEW8Kcws8SXVlARwKUmEkCnhYehoDUGl+K2BzcWAGf2x7UigLenYFXjhvdWFYEApLdTxieHZSLxB6YlM/I35xYTwHQH5+OzlzSVA/NnNididnbXVtTDhKXFoab05gYi0bdV9sKyJtBA0FOA
200 OK 1.2 kB URL HTTP/2 oulukdliketo.shop/alI5MzQLMFpeCwtvWxVBGD4EFgYsdwt1UAc/Q1hSDmoLRFUTPBdQWAUnXVVGBTxNHVoPJhwBcl8xbldDJAdOYHcoZ21QQz8df3JcWgBVdXAoGmtrcDscWHpTLDN7AW0LHFAHDD0AaERyEwN6V2ZeHG9YcVgUb0N1Lyt4Ync4MXBSXDsYfERcUwROamE8YX91ZTsAf3pMGjN7AlMeEHhcbDIoXlJyLAh4f2EdGXEDDAYaaEBmLxoNAGEGZn9SYSQKbnYFUwN8eXAOYFV3YhIqWnpTOzRvYlBSEW8Kcws8SXVlARwKUmEkCnhYehoDUGl+K2BzcWAGf2x7UigLenYFXjhvdWFYEApLdTxieHZSLxB6YlM/I35xYTwHQH5+OzlzSVA/NnNididnbXVtTDhKXFoab05gYi0bdV9sKyJtBA0FOA
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 7b8b3ebfa5d0415630a22028ceb22c7b
46de9d45a10cfc24b6317562cdae1375bab5edac
4ca066689152bfc8e459fba40299d5597c3239b6fc7e6f21500dd7398714f53c
GET /alI5MzQLMFpeCwtvWxVBGD4EFgYsdwt1UAc/Q1hSDmoLRFUTPBdQWAUnXVVGBTxNHVoPJhwBcl8xbldDJAdOYHcoZ21QQz8df3JcWgBVdXAoGmtrcDscWHpTLDN7AW0LHFAHDD0AaERyEwN6V2ZeHG9YcVgUb0N1Lyt4Ync4MXBSXDsYfERcUwROamE8YX91ZTsAf3pMGjN7AlMeEHhcbDIoXlJyLAh4f2EdGXEDDAYaaEBmLxoNAGEGZn9SYSQKbnYFUwN8eXAOYFV3YhIqWnpTOzRvYlBSEW8Kcws8SXVlARwKUmEkCnhYehoDUGl+K2BzcWAGf2x7UigLenYFXjhvdWFYEApLdTxieHZSLxB6YlM/I35xYTwHQH5+OzlzSVA/NnNididnbXVtTDhKXFoab05gYi0bdV9sKyJtBA0FOA HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1178
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DJjiScS2fFzTQ0QtixWTaIfWaZbynCESs2tUycqbdCfv_tls33llTg==
X-Firefox-Spdy: h2
atebilaterde.one/cEdRaHFfeDIbTBMTG1orNwkWKSQ2FAYDFjgWFzImIhYbKSQ2KHccGBR6aVpESXZgTgEZI2xbQ1Y0JQkFBTRsWkFAcHcBHxYobFpXBnphRklefn9YVwV6YE4FACY2VUBWNyUcHU12Z15AR3FpUUJEdmFc
204 No Content 0 B URL HTTP/2 atebilaterde.one/cEdRaHFfeDIbTBMTG1orNwkWKSQ2FAYDFjgWFzImIhYbKSQ2KHccGBR6aVpESXZgTgEZI2xbQ1Y0JQkFBTRsWkFAcHcBHxYobFpXBnphRklefn9YVwV6YE4FACY2VUBWNyUcHU12Z15AR3FpUUJEdmFc
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cEdRaHFfeDIbTBMTG1orNwkWKSQ2FAYDFjgWFzImIhYbKSQ2KHccGBR6aVpESXZgTgEZI2xbQ1Y0JQkFBTRsWkFAcHcBHxYobFpXBnphRklefn9YVwV6YE4FACY2VUBWNyUcHU12Z15AR3FpUUJEdmFc HTTP/1.1
Host: atebilaterde.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GANGhFK3%2B8XS4PxO1URVKgQ8Qrl6dWGSG568uTv5PrqPSS3A59JuuCxgFzpBKofrq%2Bji%2BL9Jfhfe9DvTrGG%2FhNwq6YpM7W8blAKUICaS%2Bbt%2BSt7nAu4jUb2QDzel3zgJG%2B9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3ebe1ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oulukdliketo.shop/VEpFZVE1KCYIbjV3J0MkJiZ4QGMSb3cjNTknPw43MHJ3EjAtJGsGPTs/IQMjOyQxSz8xPmBXFywuKFQ6BhwmMxAzJS8EEB0PBC05IhgDDTUwDR80EywpNCoADhsACwRtBxddIgQwIjYGAQM9KQMeGxMiHGMMMigVMQIAMRAjLnE/PRUHBCY1JRsuFgAaHiIBBBYPNygpGQYBNiItDy4WAx4NKgcQPH42Kik7BxQ9MgYbdSsEDQ0TIgMGMnU/PRovDwgTOBgiIB8fMwwqAhIQdClhYSgKVh8+H3RRPA0NEyIZLAAiPxUwHxAIJToSdQ0GMB4EMRUzZ30UMj8bNzM/AicXCWACLhI/BQx7FA8BMxsMJDg7PBBUaT0sAiMIDB8MEjA/KWMPIjskNVgnZCACFxkuJSFR
200 OK 1.2 kB URL HTTP/2 oulukdliketo.shop/VEpFZVE1KCYIbjV3J0MkJiZ4QGMSb3cjNTknPw43MHJ3EjAtJGsGPTs/IQMjOyQxSz8xPmBXFywuKFQ6BhwmMxAzJS8EEB0PBC05IhgDDTUwDR80EywpNCoADhsACwRtBxddIgQwIjYGAQM9KQMeGxMiHGMMMigVMQIAMRAjLnE/PRUHBCY1JRsuFgAaHiIBBBYPNygpGQYBNiItDy4WAx4NKgcQPH42Kik7BxQ9MgYbdSsEDQ0TIgMGMnU/PRovDwgTOBgiIB8fMwwqAhIQdClhYSgKVh8+H3RRPA0NEyIZLAAiPxUwHxAIJToSdQ0GMB4EMRUzZ30UMj8bNzM/AicXCWACLhI/BQx7FA8BMxsMJDg7PBBUaT0sAiMIDB8MEjA/KWMPIjskNVgnZCACFxkuJSFR
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3011), with no line terminators
Hash dd4745243b3580e1b86897792d0e9f9c
4f248cb60349015968e36a0d553a312342064afe
55df50afee7b067a4160fdedf6db83bd14592f585fe5ced7941fd169163321f3
GET /VEpFZVE1KCYIbjV3J0MkJiZ4QGMSb3cjNTknPw43MHJ3EjAtJGsGPTs/IQMjOyQxSz8xPmBXFywuKFQ6BhwmMxAzJS8EEB0PBC05IhgDDTUwDR80EywpNCoADhsACwRtBxddIgQwIjYGAQM9KQMeGxMiHGMMMigVMQIAMRAjLnE/PRUHBCY1JRsuFgAaHiIBBBYPNygpGQYBNiItDy4WAx4NKgcQPH42Kik7BxQ9MgYbdSsEDQ0TIgMGMnU/PRovDwgTOBgiIB8fMwwqAhIQdClhYSgKVh8+H3RRPA0NEyIZLAAiPxUwHxAIJToSdQ0GMB4EMRUzZ30UMj8bNzM/AicXCWACLhI/BQx7FA8BMxsMJDg7PBBUaT0sAiMIDB8MEjA/KWMPIjskNVgnZCACFxkuJSFR HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1168
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IHGZEcZIc0wNVcsxLglxHCMklEhT0ZPGB-VYkNJvkdgYfsCJ-VBzUA==
X-Firefox-Spdy: h2
atebilaterde.one/RXo2Yk1qRVURcB9IDzMedyxgNH8fTWMOCyQjfg4VEzxSDCh0NxAWJCFHAVR8dEIARD0sHgtTazYOVxY4NkcHRCQrHFlfazNHB0x+cVQEWmN1XENffGMORgMqeEsQEjkxFgtTe3NLAVR1fEkCUnV8
204 No Content 0 B URL HTTP/2 atebilaterde.one/RXo2Yk1qRVURcB9IDzMedyxgNH8fTWMOCyQjfg4VEzxSDCh0NxAWJCFHAVR8dEIARD0sHgtTazYOVxY4NkcHRCQrHFlfazNHB0x+cVQEWmN1XENffGMORgMqeEsQEjkxFgtTe3NLAVR1fEkCUnV8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RXo2Yk1qRVURcB9IDzMedyxgNH8fTWMOCyQjfg4VEzxSDCh0NxAWJCFHAVR8dEIARD0sHgtTazYOVxY4NkcHRCQrHFlfazNHB0x+cVQEWmN1XENffGMORgMqeEsQEjkxFgtTe3NLAVR1fEkCUnV8 HTTP/1.1
Host: atebilaterde.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNvKOMrILoZKrfA2ALNr%2F1FP2AcE%2BAjhCJKX3XX2NvjoQtc5VBbTmT5AM%2FyuOvuOHyzyvjnIwo84pT2vy%2Fb99eCHxrARSyuSg3dTWhu0P6IG2zEBzk8zTNHTorW78qO%2Fp1%2BK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3ebe18b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
atebilaterde.one/aUdtWWlGeA4qVDMTPzUKBQk+G1gjAgw1HisSXRsEPBY/DTsEKEstAA16VWtcUHZcfxkAI1BqW080GTgdHDRQaE8AKQs2VE8xUGlHUWlUd1lPMlBoTx03DD5UWGEdLR0FelxvX1hwW2FQWnNcaVs
204 No Content 0 B URL HTTP/2 atebilaterde.one/aUdtWWlGeA4qVDMTPzUKBQk+G1gjAgw1HisSXRsEPBY/DTsEKEstAA16VWtcUHZcfxkAI1BqW080GTgdHDRQaE8AKQs2VE8xUGlHUWlUd1lPMlBoTx03DD5UWGEdLR0FelxvX1hwW2FQWnNcaVs
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aUdtWWlGeA4qVDMTPzUKBQk+G1gjAgw1HisSXRsEPBY/DTsEKEstAA16VWtcUHZcfxkAI1BqW080GTgdHDRQaE8AKQs2VE8xUGlHUWlUd1lPMlBoTx03DD5UWGEdLR0FelxvX1hwW2FQWnNcaVs HTTP/1.1
Host: atebilaterde.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQ%2FKs00eJ5IvKgZSNpy0Kqzk2fvQOeEXPn7JH4SS4mtuElW9cgOmR1XTGUWxPPnitnEFlB6uZkWuMWBri3m8NvHStEanht4uEiqPuqr16UrKW6t1OA2rK7JDRUmTWqla5rp2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3ebe19b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 400d0331e2ce9059b7bd6530d5918478
68ac58fdbb14089d00f0611c0952b10e389c6aa3
fdc17d482410fdb20c55acdf96bf5fd9817fd47b46d3dede276fb54a46c2c4a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4088
Cache-Control: max-age=153258
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:54 GMT
Etag: "630c3898-116"
Expires: Wed, 31 Aug 2022 05:03:12 GMT
Last-Modified: Mon, 29 Aug 2022 03:55:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
oulukdliketo.shop/SDBoVWopUgs4VSkNCnMfOlxVcFgOFVoTDiVdEj4MLAhaIgsxXkY2BidFDDMYJ14cewQtRE1nLBh9AwclGl4EByExcQ8HARFEIzseCXIGZFgrdVgAJiIAGBNaAgUsFyc7cREAJA5IJhEOPwAuHgQjZSZnKwZjKxcQLFxRMCAbcQAHKBlYIRY8DXFaHBwBWBsFCQ9XEhIrcEAhAR0ZaAEyHBEAHGUJH3JaDSsKADI/XwFxWhNTCnYfFA4LeR4TWisICWY4AmMGLV4PZVASMxAALQ0rCgA4ESgrcTkDWSt2CxYIH0RYBjwdWCQGWh92WwwjLHUDEQ4AHV1mORl+ADMiEVY/LzM6eSoPIRFoHxQ7CWIZMwcJfSxmP25aGzoEOA0qAD95USsEADkDKxY5A2AR
200 OK 1.2 kB URL HTTP/2 oulukdliketo.shop/SDBoVWopUgs4VSkNCnMfOlxVcFgOFVoTDiVdEj4MLAhaIgsxXkY2BidFDDMYJ14cewQtRE1nLBh9AwclGl4EByExcQ8HARFEIzseCXIGZFgrdVgAJiIAGBNaAgUsFyc7cREAJA5IJhEOPwAuHgQjZSZnKwZjKxcQLFxRMCAbcQAHKBlYIRY8DXFaHBwBWBsFCQ9XEhIrcEAhAR0ZaAEyHBEAHGUJH3JaDSsKADI/XwFxWhNTCnYfFA4LeR4TWisICWY4AmMGLV4PZVASMxAALQ0rCgA4ESgrcTkDWSt2CxYIH0RYBjwdWCQGWh92WwwjLHUDEQ4AHV1mORl+ADMiEVY/LzM6eSoPIRFoHxQ7CWIZMwcJfSxmP25aGzoEOA0qAD95USsEADkDKxY5A2AR
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3005), with no line terminators
Hash fe9c33a210d1160a51bd64e178d655ab
fbfb5b9eb62f6a8f0b7e3d65f4555f4dc5ef057c
2282c321cfb798c0e3df0d804e180ddd4938973773464aef2ee8cc8b0e0b7ad8
GET /SDBoVWopUgs4VSkNCnMfOlxVcFgOFVoTDiVdEj4MLAhaIgsxXkY2BidFDDMYJ14cewQtRE1nLBh9AwclGl4EByExcQ8HARFEIzseCXIGZFgrdVgAJiIAGBNaAgUsFyc7cREAJA5IJhEOPwAuHgQjZSZnKwZjKxcQLFxRMCAbcQAHKBlYIRY8DXFaHBwBWBsFCQ9XEhIrcEAhAR0ZaAEyHBEAHGUJH3JaDSsKADI/XwFxWhNTCnYfFA4LeR4TWisICWY4AmMGLV4PZVASMxAALQ0rCgA4ESgrcTkDWSt2CxYIH0RYBjwdWCQGWh92WwwjLHUDEQ4AHV1mORl+ADMiEVY/LzM6eSoPIRFoHxQ7CWIZMwcJfSxmP25aGzoEOA0qAD95USsEADkDKxY5A2AR HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1163
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2XKHKzQydXxVGnFzmKuNhlkAFKOQydIiLfSwyvcCi4NLmC15BWI0vw==
X-Firefox-Spdy: h2
oulukdliketo.shop/aVh3MDUIOhRdCghlFRZAGzRKFQcvfUV2UQQ1DVtTDWBFR1QQNllTWQYtE1ZHBjYDHlsMLFICc1oNMVwFOzUmSnsBNxBnTDgvMnhBPQIaAXMKNCECeB47B3NcKzM9WUI+EzN9cC0KQ1R9DhU8e30wLDNZfzMBPwhsIy8YA28vER1zXyczJWd0LxYzRH8KMz5bfjsrA2dmCmgxZHgjFg19dCUKEwJ5Kw5Ac2FRMj9jWiAVL0hyKB4xFQcrOSF2BT8QEFhnMTw1aU0dChN2ZFEVNV9PIRAhQmctbRRqUjMbFFtzAx9GdgU/Gz5GYDENG1FiUDkTWwRYOUcdZAEZI31MLmo5Z3MELDJUBDs/FnVnWgkgekUsMU9nez1gFWBeLzE/AAQeCxpyEFseNmhBP34dQ1oHKEpiXxsgHUB+ExUwR3kl
200 OK 1.2 kB URL HTTP/2 oulukdliketo.shop/aVh3MDUIOhRdCghlFRZAGzRKFQcvfUV2UQQ1DVtTDWBFR1QQNllTWQYtE1ZHBjYDHlsMLFICc1oNMVwFOzUmSnsBNxBnTDgvMnhBPQIaAXMKNCECeB47B3NcKzM9WUI+EzN9cC0KQ1R9DhU8e30wLDNZfzMBPwhsIy8YA28vER1zXyczJWd0LxYzRH8KMz5bfjsrA2dmCmgxZHgjFg19dCUKEwJ5Kw5Ac2FRMj9jWiAVL0hyKB4xFQcrOSF2BT8QEFhnMTw1aU0dChN2ZFEVNV9PIRAhQmctbRRqUjMbFFtzAx9GdgU/Gz5GYDENG1FiUDkTWwRYOUcdZAEZI31MLmo5Z3MELDJUBDs/FnVnWgkgekUsMU9nez1gFWBeLzE/AAQeCxpyEFseNmhBP34dQ1oHKEpiXxsgHUB+ExUwR3kl
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash bf4cc23be5009d60f6b7baca8a1d8426
044767f20b4bd5430a7e6ce34b31f0bc08b40396
eda9a6b87003ec493ebe979801fee6d0d6ecadacc516b1300c1cd6ede07dacbe
GET /aVh3MDUIOhRdCghlFRZAGzRKFQcvfUV2UQQ1DVtTDWBFR1QQNllTWQYtE1ZHBjYDHlsMLFICc1oNMVwFOzUmSnsBNxBnTDgvMnhBPQIaAXMKNCECeB47B3NcKzM9WUI+EzN9cC0KQ1R9DhU8e30wLDNZfzMBPwhsIy8YA28vER1zXyczJWd0LxYzRH8KMz5bfjsrA2dmCmgxZHgjFg19dCUKEwJ5Kw5Ac2FRMj9jWiAVL0hyKB4xFQcrOSF2BT8QEFhnMTw1aU0dChN2ZFEVNV9PIRAhQmctbRRqUjMbFFtzAx9GdgU/Gz5GYDENG1FiUDkTWwRYOUcdZAEZI31MLmo5Z3MELDJUBDs/FnVnWgkgekUsMU9nez1gFWBeLzE/AAQeCxpyEFseNmhBP34dQ1oHKEpiXxsgHUB+ExUwR3kl HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1177
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J4I4ZSatRtRtQ5UmpdB6rZMH2JUYJvsjsEktxsJ4P8vmDnC8lZEb3Q==
X-Firefox-Spdy: h2
atebilaterde.one/Zm50blZJURcdazMFTTgFCiwfCAEsS0YsDAssQjc4KAktNm8BC0YNcBIHEFNuUVhHX25AHh0Ka1RXUh0iBxoBHWtXSB0AMAlTUhhrV0BEQGNfQERII1tfUhomBwlJX3AWGgACa1dYQl9hUFZNXWJXX0U
204 No Content 0 B URL HTTP/2 atebilaterde.one/Zm50blZJURcdazMFTTgFCiwfCAEsS0YsDAssQjc4KAktNm8BC0YNcBIHEFNuUVhHX25AHh0Ka1RXUh0iBxoBHWtXSB0AMAlTUhhrV0BEQGNfQERII1tfUhomBwlJX3AWGgACa1dYQl9hUFZNXWJXX0U
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Zm50blZJURcdazMFTTgFCiwfCAEsS0YsDAssQjc4KAktNm8BC0YNcBIHEFNuUVhHX25AHh0Ka1RXUh0iBxoBHWtXSB0AMAlTUhhrV0BEQGNfQERII1tfUhomBwlJX3AWGgACa1dYQl9hUFZNXWJXX0U HTTP/1.1
Host: atebilaterde.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfm3Yk2zaFAQExY7wiprg9fr5PYf534wtSf0BRnMLt3yDsiif7wM%2F5NmhrYhSqATKS0zh77ItuJnkm8VeisvaYofA6abXt%2FPAh73SO%2BdFCHVAmdaFglGYiK%2FMLhf2EaNEQIq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3ece37b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
atebilaterde.one/cEpINFFfdStHbCkkJHIHJ3scYGI6Jx9iBzkuJX4wJQ88BAsmIW5AOBR3cQBoSHx8EiEZLnUFaVY5PFUlBTl1BXcZJC5bbFY8dQV/QGR5GmNWP3UFdwQ6KVNsQWw4QCUcd3kCZ0F9fgxoQ355BWk
204 No Content 0 B URL HTTP/2 atebilaterde.one/cEpINFFfdStHbCkkJHIHJ3scYGI6Jx9iBzkuJX4wJQ88BAsmIW5AOBR3cQBoSHx8EiEZLnUFaVY5PFUlBTl1BXcZJC5bbFY8dQV/QGR5GmNWP3UFdwQ6KVNsQWw4QCUcd3kCZ0F9fgxoQ355BWk
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cEpINFFfdStHbCkkJHIHJ3scYGI6Jx9iBzkuJX4wJQ88BAsmIW5AOBR3cQBoSHx8EiEZLnUFaVY5PFUlBTl1BXcZJC5bbFY8dQV/QGR5GmNWP3UFdwQ6KVNsQWw4QCUcd3kCZ0F9fgxoQ355BWk HTTP/1.1
Host: atebilaterde.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JYWwy29tSKVLSlBhvC0qmFMrpWGpkTB55Qjui1hP4vofTP6KFMGehCndiIr8NB8U7z3ciy926rBVXcAWfN%2F1UsGqkQei%2BlQrlQD0dXpOi3OpTsWqZPuR9KDRZMIbvl%2FVchu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3eee5ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/imageads/007.gif
200 OK 286 kB URL HTTP/2 megaup.net/imageads/007.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 286 kB (286260 bytes)
Hash 22cf30a617a5dd2c867ab79ac53e6e2f
6e9a4c81ff41c74252cd08f50977d38d1b97de84
c42588d86df4e614bd8f60fef733e95b9a49b35668fe3f1294308bcd13c33eb8
GET /imageads/007.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: image/gif
content-length: 286260
last-modified: Thu, 01 Apr 2021 04:06:40 GMT
vary: Accept-Encoding
etag: "606546d0-45e34"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
atebilaterde.one/bk1vVkhBcgwldTQIISApOB85Mh4KLjZnDl4VXmMmOAULNxApLkkiIQpwWGB8X3lecDgHKVJnbh05DiI9HXBecCEAKwBrbhhwXnh7WmNdbmZeaxpreUg5HzcvU3xJJjwaIVJnflh8WGBwV35bZ3pZ
204 No Content 0 B URL HTTP/2 atebilaterde.one/bk1vVkhBcgwldTQIISApOB85Mh4KLjZnDl4VXmMmOAULNxApLkkiIQpwWGB8X3lecDgHKVJnbh05DiI9HXBecCEAKwBrbhhwXnh7WmNdbmZeaxpreUg5HzcvU3xJJjwaIVJnflh8WGBwV35bZ3pZ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bk1vVkhBcgwldTQIISApOB85Mh4KLjZnDl4VXmMmOAULNxApLkkiIQpwWGB8X3lecDgHKVJnbh05DiI9HXBecCEAKwBrbhhwXnh7WmNdbmZeaxpreUg5HzcvU3xJJjwaIVJnflh8WGBwV35bZ3pZ HTTP/1.1
Host: atebilaterde.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2ByBpbL%2F8MCyi1DnO7MsJIVcwupt114pcX4%2FWjSPlV4caUU9UPksB3BqymCHNhavIAJSNFmx70mPURnwBv43pYSYBzPW7n5grRyiX4jUsNov0yYHH336HoH7VQ1ABG1Ad6og"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3efe6ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
platform.bidgear.com/media/img/b15.png
200 OK 649 B URL HTTP/2 platform.bidgear.com/media/img/b15.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash d832fb80c97ff291b952757bb98240d2
63732e61a0784ed68fde494f83e4686a5c4bf7fa
7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
GET /media/img/b15.png HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: image/png
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Fri, 23 Sep 2022 09:44:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 434622
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65whBkQ8ZLelsvKqfpmFzvrogp%2BkkfADRfF3V0dxqLPSpOkrKAEI1mc23aTbCYFvambUFEUL%2BaFb1aSxZh3hBVpzoAWzQPc2xaRE1V6zYhDnu7U5oSQxs%2FQJ17BW4HL%2F0jEF59wJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a407e521bfa-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 281 B IP
Hash b701cae1246f4c1800eb9a00e6409f80
8ebc69fb277f03aca2dfc337426d2c7b3ab669e0
06224a3613fb2e9d9b7dbe28e4ab00cead6fd820b0800e8caf232a7c41c9a47c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 10:28:54 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 21:53:49 GMT
Expires: Fri, 02 Sep 2022 21:53:48 GMT
Etag: "8ebc69fb277f03aca2dfc337426d2c7b3ab669e0"
Cache-Control: max-age=386093,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74249a404accb4f4-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ac5d034d14e7c524db8d65c3751ef5aa
d2873a11bb2e6d146e5d59efb6df62ba9b6221a9
1de3aeb54079c2318052072da1755f866645772ccdefcd37fda7d5cb7f37932c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DE3AEB54079C2318052072DA1755F866645772CCDEFCD37FDA7D5CB7F37932C"
Last-Modified: Fri, 26 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2909
Expires: Mon, 29 Aug 2022 11:17:23 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive
dmmzkfd82wayn.cloudfront.net/2MURtT2dSKwMpWEUtCXJQB3Vcd1EXLh4gCUF5KQgLAAkcPAYDMiMqQUU+CXJXFygMIQAMYgghBAx1Sy4DU3lZaRNBKwZyEFwlGCIAWzAGPEFEJVAiCEstASMGFHYrekkBYV9/T0l1XGpUc2FffwtYKhg3QgN0FXdRbnJZalRzYV9/FUdhXg5eB2pdZkIDdA-oqBForSH0hA3Rcf1cAdFxqVQEiBD0CVysValV3fVthVxcxUH4
200 OK 597 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/2MURtT2dSKwMpWEUtCXJQB3Vcd1EXLh4gCUF5KQgLAAkcPAYDMiMqQUU+CXJXFygMIQAMYgghBAx1Sy4DU3lZaRNBKwZyEFwlGCIAWzAGPEFEJVAiCEstASMGFHYrekkBYV9/T0l1XGpUc2FffwtYKhg3QgN0FXdRbnJZalRzYV9/FUdhXg5eB2pdZkIDdA-oqBForSH0hA3Rcf1cAdFxqVQEiBD0CVysValV3fVthVxcxUH4
IP
File type ASCII text, with very long lines (836), with no line terminators
Hash 688e939b919438818315536e24418165
ecfafb7c88533c547bd8b061dc844ed53c59f518
27946b7461eb7873e0f38297392355170ab4a9a41141e588cef38b1c70294ee3
GET /2MURtT2dSKwMpWEUtCXJQB3Vcd1EXLh4gCUF5KQgLAAkcPAYDMiMqQUU+CXJXFygMIQAMYgghBAx1Sy4DU3lZaRNBKwZyEFwlGCIAWzAGPEFEJVAiCEstASMGFHYrekkBYV9/T0l1XGpUc2FffwtYKhg3QgN0FXdRbnJZalRzYV9/FUdhXg5eB2pdZkIDdA-oqBForSH0hA3Rcf1cAdFxqVQEiBD0CVysValV3fVthVxcxUH4 HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 597
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yignpI1mP4bYnOzxpC0_3CGMLYxbyQH6MUWpqP0LLBGuIBzcZbaDig==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/5cWdwNUwSCB5TcwUOFAh0RlFDBHRXDQNaIgFaB2YaNi48WRQwFyQCdR4NVkE2FVpAEyAQCRcIahQJEwh9VwYUV3FFQQRFIxpaB1gtBAoXXzgaFFZALUwKH08lHQsREH43Ul4FaUNXWE19QEJDd2lDVxxcIgQfVQd8CV9GanpFQkN3aUNXAkNpQiZJA2JBTl-UHfBYCE14jVFU2B3xAV0AEfEBCQgUqGBUVUyMJQkJzdUdJQBM5TFY
200 OK 453 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/5cWdwNUwSCB5TcwUOFAh0RlFDBHRXDQNaIgFaB2YaNi48WRQwFyQCdR4NVkE2FVpAEyAQCRcIahQJEwh9VwYUV3FFQQRFIxpaB1gtBAoXXzgaFFZALUwKH08lHQsREH43Ul4FaUNXWE19QEJDd2lDVxxcIgQfVQd8CV9GanpFQkN3aUNXAkNpQiZJA2JBTl-UHfBYCE14jVFU2B3xAV0AEfEBCQgUqGBUVUyMJQkJzdUdJQBM5TFY
IP
File type ASCII text, with very long lines (603), with no line terminators
Hash a68fbd2de3368a802ba9bd9eb370733d
984fe99c8d1a22b9e9e682450bad9a8f1dec3813
fe5f9b26b111149dd021c82921a4368aac832ea34034ad510272d5cb1af485ce
GET /5cWdwNUwSCB5TcwUOFAh0RlFDBHRXDQNaIgFaB2YaNi48WRQwFyQCdR4NVkE2FVpAEyAQCRcIahQJEwh9VwYUV3FFQQRFIxpaB1gtBAoXXzgaFFZALUwKH08lHQsREH43Ul4FaUNXWE19QEJDd2lDVxxcIgQfVQd8CV9GanpFQkN3aUNXAkNpQiZJA2JBTl-UHfBYCE14jVFU2B3xAV0AEfEBCQgUqGBUVUyMJQkJzdUdJQBM5TFY HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 453
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0l1Xgw6eoJJF9znaib2iiSTmK9lTUXSP5IKq52XNIN4M__UO6QJ_eA==
X-Firefox-Spdy: h2
platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1661768934213
200 OK 26 kB URL HTTP/2 platform.bidgear.com/async.php?domainid=5593&sizeid=12&zoneid=6192&k=1661768934213
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Hash 1d861f6bdc26c022a292618947c93e35
db09a54a55d1c29ba17f8298965c4c985519c761
8ee2cb3f735c5f7a1cb0d76b3874a629dbb0ae04b61ac9fe55ecba126c28f73d
GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1661768934213 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkwfsjLlvgyN61RWfWjU3A5uzX1Ti75f8F6yu3SkmXC7nybPgwDJSs%2BcCAA93wV%2F%2FrJViKbVFT8wL02GDLXlAsBN%2F8EqWCiTMNZ9m4wt%2BporXTTDVly6pqS4s5PU78bFbUaHcaf5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3f9d471bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/3UFl0RmQzNhogWyQwEHtTZm1FclV2MwcpCiBkJiwWKDMEDR4dHgMKKHYtDiJZYH8YJwo3ZFIjCjNkRWAFNDtJckIkKRstWSc0FTMJNzMALRd2LBV7CT8jHSoIMXxGAFF+aVF0VHghRXdBYxtRdFQ8MBozHHVrRD5cZgZCckFjG1F0VCIvUXUlaW9adk11a0-QhATMyG2NWFmtEd1RgaER3QWJpEi8WNT8bPkFiH01wSmB/AXtV
200 OK 609 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/3UFl0RmQzNhogWyQwEHtTZm1FclV2MwcpCiBkJiwWKDMEDR4dHgMKKHYtDiJZYH8YJwo3ZFIjCjNkRWAFNDtJckIkKRstWSc0FTMJNzMALRd2LBV7CT8jHSoIMXxGAFF+aVF0VHghRXdBYxtRdFQ8MBozHHVrRD5cZgZCckFjG1F0VCIvUXUlaW9adk11a0-QhATMyG2NWFmtEd1RgaER3QWJpEi8WNT8bPkFiH01wSmB/AXtV
IP
File type ASCII text, with very long lines (837), with no line terminators
Hash 05afa2a71dd23ad8325ce90e3aa8658c
14d1544409f2b406681ef54db76be04b41849b86
417ea676758f112a9ca5fa23da7e5f0451e82f22743850da96b2b94f5c67f047
GET /3UFl0RmQzNhogWyQwEHtTZm1FclV2MwcpCiBkJiwWKDMEDR4dHgMKKHYtDiJZYH8YJwo3ZFIjCjNkRWAFNDtJckIkKRstWSc0FTMJNzMALRd2LBV7CT8jHSoIMXxGAFF+aVF0VHghRXdBYxtRdFQ8MBozHHVrRD5cZgZCckFjG1F0VCIvUXUlaW9adk11a0-QhATMyG2NWFmtEd1RgaER3QWJpEi8WNT8bPkFiH01wSmB/AXtV HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 609
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cRFUv4n2hKbaJWghhI6ccqEAvnPqdVXl0Qu5604Qy_J8dZBKoHkHdA==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/PMkRORnlRKyAgRkYtKntABn12cE0ULj0pF0J5DBMsAyUNFxNDdw0FKnkUN2ANSCBzdl9eJSAhRBQhICVEA2IvIhsPcGgzGA8pITwQXigvY0t0cWB2XAB0Zj5IA2F9BFwAdCIvF0c8a3RJSnx4GU8GYX0EXAB0PDBcAQV3cFcCbWt0SVUhLS0WF3YIdEkDdH-53SQNhfHYfWzYrIBZKYXwAQARqfmAMD3U
200 OK 193 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/PMkRORnlRKyAgRkYtKntABn12cE0ULj0pF0J5DBMsAyUNFxNDdw0FKnkUN2ANSCBzdl9eJSAhRBQhICVEA2IvIhsPcGgzGA8pITwQXigvY0t0cWB2XAB0Zj5IA2F9BFwAdCIvF0c8a3RJSnx4GU8GYX0EXAB0PDBcAQV3cFcCbWt0SVUhLS0WF3YIdEkDdH-53SQNhfHYfWzYrIBZKYXwAQARqfmAMD3U
IP
File type ASCII text, with no line terminators
Hash 5eeb064c2ad0710ff481c70245b572b3
c530ec152b60222d2518153fb5f4ebb1c59f6625
ee25469f2978187273134a2e5e0cf2922bb9d14b2ccf37cbe82ff2405d6daef8
GET /PMkRORnlRKyAgRkYtKntABn12cE0ULj0pF0J5DBMsAyUNFxNDdw0FKnkUN2ANSCBzdl9eJSAhRBQhICVEA2IvIhsPcGgzGA8pITwQXigvY0t0cWB2XAB0Zj5IA2F9BFwAdCIvF0c8a3RJSnx4GU8GYX0EXAB0PDBcAQV3cFcCbWt0SVUhLS0WF3YIdEkDdH-53SQNhfHYfWzYrIBZKYXwAQARqfmAMD3U HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 193
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oYXMqLHi-UZWwZO-GQXjzP0Jtmk3kBAydI0i_L7jEMeypbtoFfmwPg==
X-Firefox-Spdy: h2
dmmzkfd82wayn.cloudfront.net/xdm1kRVcVAgojaAIEAHhvRFhddGZQBxcqOQZQEnU9MR8sPzgSWUIxLRJQVGM7FwMDeHETAwd4ZlAMACdqQksQNTgdUBErMxMLDSsyEksRJGobAh4sOxoMQXcRQ0NUYGVGRRx0ZlNeJmBlRgENKyIOSFZ1L05bO3NjU14mYGVGHxJgZDdUUmtnX0hWdTATDg-8qckQrVnVmRl1VdWZTX1QjPgQIAiovU18ifGFYXUIwakc
200 OK 358 B URL HTTP/2 dmmzkfd82wayn.cloudfront.net/xdm1kRVcVAgojaAIEAHhvRFhddGZQBxcqOQZQEnU9MR8sPzgSWUIxLRJQVGM7FwMDeHETAwd4ZlAMACdqQksQNTgdUBErMxMLDSsyEksRJGobAh4sOxoMQXcRQ0NUYGVGRRx0ZlNeJmBlRgENKyIOSFZ1L05bO3NjU14mYGVGHxJgZDdUUmtnX0hWdTATDg-8qckQrVnVmRl1VdWZTX1QjPgQIAiovU18ifGFYXUIwakc
IP
File type ASCII text, with very long lines (458), with no line terminators
Hash d0aa64a98a127edd0a5a7b445cb8984c
39a71529ed6d82445a2916b63d6db2038645ed73
994a877bd25def95ad05a5246bfb5b5c6ef9e6a22ff987dde0b4cafb0d5d4c28
GET /xdm1kRVcVAgojaAIEAHhvRFhddGZQBxcqOQZQEnU9MR8sPzgSWUIxLRJQVGM7FwMDeHETAwd4ZlAMACdqQksQNTgdUBErMxMLDSsyEksRJGobAh4sOxoMQXcRQ0NUYGVGRRx0ZlNeJmBlRgENKyIOSFZ1L05bO3NjU14mYGVGHxJgZDdUUmtnX0hWdTATDg-8qckQrVnVmRl1VdWZTX1QjPgQIAiovU18ifGFYXUIwakc HTTP/1.1
Host: dmmzkfd82wayn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 358
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aGNQtJhpICG91uV5oluge89NDFqCKbUti0afehxSNQFq9qxo3lH4HQ==
X-Firefox-Spdy: h2
imp9.bidgear.com/rec?t=1&z=6192&uuid=e13953852275434585a42e2eeabaa4c5&p=28&g=NO&token=4a44335432&tbg=1661768934
200 OK 599 B URL HTTP/2 imp9.bidgear.com/rec?t=1&z=6192&uuid=e13953852275434585a42e2eeabaa4c5&p=28&g=NO&token=4a44335432&tbg=1661768934
IP
File type JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Hash ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
GET /rec?t=1&z=6192&uuid=e13953852275434585a42e2eeabaa4c5&p=28&g=NO&token=4a44335432&tbg=1661768934 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNK%2B4ZBzLRpfTSZtJ8BAYjYbsRPvMLGUQJ4%2By3i4On7OMhQUS593oDbQUA%2Bosck2rnv9ZRt1lt5qmVp%2FPRiIr57syHGGR3RT1K7Z57UxQIdUZGZkRpcL8uvBWNbw3MC8Gr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a407e541bfa-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 6bb90a9c99cad71b0ca7a4d88fbbe5ca
7364b7e1cb294c9136157c7c00b568cef112add8
50420e9d6b5ac783404342e0078117447cd5df0ff8c8d66019ae916f0f82b7b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4310
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:54 GMT
Last-Modified: Mon, 29 Aug 2022 09:17:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
200 OK 951 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png
IP
File type PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Hash 76852bc6b2c028db97322a74e85bd020
ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: image/png
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/custom.css
200 OK 23 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/custom.css
IP
File type assembler source, ASCII text, with CRLF line terminators
Hash 287e36357e599799dc872a2077b66e9c
96f64c4fd4f2cafb0bc3259ffdd44ce51283ad05
d5cb76bc56967ced5fc02b648097048151355cbe224e6c91e1664c76f12ca870
GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2015a3bf2b204bfe78a3b6e6eb622f98
12d18c7b4c84248d241e7a1dc0e75f633419e89e
0ddfe98001f4e107b97b2ba13fc42d0d65373e8651a07f591e646d8e5bd70571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.a-ads.com/a-ads-banners/387832/300x250?region=eu-central-1
200 OK 66 kB URL HTTP/2 static.a-ads.com/a-ads-banners/387832/300x250?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Hash 03fce28c37ff26b099bae15657539a0a
6ec42fabbc94c098c6a9ff43c9cd66547982c991
661ecab9a308497f006e0d49ecb59df7d706f1263dcebb9f3a44350f47efc153
GET /a-ads-banners/387832/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: image/gif
content-length: 66223
x-amz-id-2: 5rcokq0as66stUliQ5e+d5eQLkBcKmNcSfcGP9JILaQXQ5Qjv3j/S8OfEbWyz+FV5wS7uvdxcSM=
x-amz-request-id: PA1M4F5YP89VTJGM
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 May 2022 10:55:34 GMT
etag: "03fce28c37ff26b099bae15657539a0a"
cache-control: max-age=315360000
x-amz-version-id: E3RRIWAV_bACQkxfuOiHBnJygh0vnpzR
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
oulukdliketo.shop/utx?cb=got6FT6eTa82&top=megaup.net&tid=761186
204 No Content 0 B URL HTTP/2 oulukdliketo.shop/utx?cb=got6FT6eTa82&top=megaup.net&tid=761186
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=got6FT6eTa82&top=megaup.net&tid=761186 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QeUGCEGbio5_nyiDfenxU4n21c1Ayfy3ZEOGHx8iWJQwuZfvYzqCnA==
X-Firefox-Spdy: h2
oulukdliketo.shop/utx?cb=G3UN44CodMBO&top=megaup.net&tid=825911
204 No Content 0 B URL HTTP/2 oulukdliketo.shop/utx?cb=G3UN44CodMBO&top=megaup.net&tid=825911
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=G3UN44CodMBO&top=megaup.net&tid=825911 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nvCzhxlgCQNPWG_aDR9NHUTMczWAlr7ivPNMgmA6kJ2ihY_tIIAWrg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2015a3bf2b204bfe78a3b6e6eb622f98
12d18c7b4c84248d241e7a1dc0e75f633419e89e
0ddfe98001f4e107b97b2ba13fc42d0d65373e8651a07f591e646d8e5bd70571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
200 OK 279 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/images/icons/favicon/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ec5a55ea1727c63acc27a2c57da6b9a
a25b42d999e63a2466a33aaeaae6125fedfd40b7
48ec88619b2c113a507054ce2b0f95f47d85261c124bc0d4f1cde69a88e77945
GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: image/x-icon
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash a4bafd92586112ff1520dbd0abdd0b94
4796e2d9c5138f2c963705d4f886b3eb6f75400c
75d025949927daf7cf971de3f765f8efd05eade5528b653336899f56e9bb2429
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 10:28:54 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1258358444%3A1661768934690416&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXAvCcKhAKm6vv-82qL5_HwBvBvW56AieypJswVy7lWhESvJV8ZGC9pOIxs-Q88cRkFVGdYfA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-mLDE0IHvCx6U_UulkxHTkQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:3cv0DZNWBCY-tQ9c9Qjd61bnXQ363A:igDQTHWNjNJs6862;Path=/;Expires=Wed, 28-Aug-2024 10:28:54 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef5729bf444dd3cc7b8e7945187e09ee
ec62fa681d45d696fc7308fede11cd16979594fd
34d5df4a669399f171489c9cd0f90a53eea21c35c1ccd310df39cc356c9922cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7505
x-amzn-requestid: 66ed5a9b-1b9c-40c4-b757-7c13e9dc6410
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitJxFFSIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f0b-24404d4f7a2cae8f4c3bcb97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:39:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UFJ0DtBufSFfM1vFxdagMV5tpP5ZEH2NbdduFvVM6sL7UVpdhSBhGQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:11:51 GMT
age: 44223
etag: "ec62fa681d45d696fc7308fede11cd16979594fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76021ba70733e8d4647f29e4c990180c
66558c36958c9162188e7aeef27c38e0c4b37cdd
c5278295212999c6941d57d5cee8f4d33447302af0eb74985f5dae48434607c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: 4f0cb1b4-c2a6-410a-965c-4cc72459484a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XhG-yG-eIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309eb91-58fb7017711dd2a56fe5ef79;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 10:01:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JcHN5unq1F9L9h2My0SFXdW-n06ebaRZ8jj0W0I67pTuddWWkJ9RkQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:44:40 GMT
age: 45854
etag: "66558c36958c9162188e7aeef27c38e0c4b37cdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
200 OK 562 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
IP
File type ASCII text, with CRLF line terminators
Hash 8fe3bf2607589700e7e92b558ca90e8e
bb3d30bad6fb22112a677def56a902dc63e4a7aa
7261a072ab79ba223d6e9401c97141795b53e903d0e1dfd72269695f4155a125
GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d1f9745ba671f8688c7d96a041cd2b
ab86ca73ca4064306448863d32a1428a63df41a0
d931268e003d82739af5c9ab9e91b11a892672c8ae82cbbb2f4b92a94cc2bddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10433
x-amzn-requestid: 30849103-3a8a-4b58-9d12-2e7d76054d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJ7wFd0IAMF2PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307237e-3d931fee17b392cc6785e73d;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:23:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DxyqrxwTW6jEwEMuxf4DjFp-UbJLnrFhSzYBXnSF8yjqJAc-qKlxYQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:45:17 GMT
age: 45817
etag: "ab86ca73ca4064306448863d32a1428a63df41a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 6bb90a9c99cad71b0ca7a4d88fbbe5ca
7364b7e1cb294c9136157c7c00b568cef112add8
50420e9d6b5ac783404342e0078117447cd5df0ff8c8d66019ae916f0f82b7b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4310
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:54 GMT
Last-Modified: Mon, 29 Aug 2022 09:17:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69552f07-b9de-4cb2-b730-c824451bf466.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69552f07-b9de-4cb2-b730-c824451bf466.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 501a65215625c77065c3a986774700fc
bf6c85d1b9456c92f6ee970e305d2706316348d4
c6024d2081497bb4106db16cfa5cf4ed05fd783c29e4ac0c5620202bd4f20068
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69552f07-b9de-4cb2-b730-c824451bf466.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 818217c8-522f-4022-98ca-78147982b168
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xf9FNFnFoAMFabg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63097554-035ea4a72013fe3f2bfd2e64;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 01:37:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ttcGqYEMiJ97m5QW1VvBlAE7NWrHLEatYSr9T4GPSORAC0Y_rQ-PiQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:01:34 GMT
age: 73316
etag: "bf6c85d1b9456c92f6ee970e305d2706316348d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oulukdliketo.shop/utx?cb=wkzOWHWTidBk&top=megaup.net&tid=876318
204 No Content 0 B URL HTTP/2 oulukdliketo.shop/utx?cb=wkzOWHWTidBk&top=megaup.net&tid=876318
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=wkzOWHWTidBk&top=megaup.net&tid=876318 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aAWPH8ZOZdncbaMWsa99rhPqYdeTMVXJlwMW9hMaH_9nwigUqTG6rw==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e0dc790ca607928d609e38f37c012d0
9d37dd425e3319fbb4248718f58371b43d513ce7
7f8ce6d77cbb4be87fb06ffd8f72ae997e006b933382c44b8b4e0a61743f24e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11042
x-amzn-requestid: c92cef27-0a2c-4f5e-86b7-eafa048932b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgUlVFdJIAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63099aee-794a2c5c54fe181b5756e5f6;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 04:17:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9mkgh5wKAcOaXP3AGDltgHFx1eioExP7zqPee5KQugX9SjdEhMkjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:55 GMT
age: 46379
etag: "9d37dd425e3319fbb4248718f58371b43d513ce7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
oulukdliketo.shop/utx?cb=etNzk6B1Gt28&top=megaup.net&tid=764141
204 No Content 0 B URL HTTP/2 oulukdliketo.shop/utx?cb=etNzk6B1Gt28&top=megaup.net&tid=764141
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=etNzk6B1Gt28&top=megaup.net&tid=764141 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZHrJ4OX5GXAnoYKLszRLFjCueWbxKJIziP2xJm4ci3SpYOhTJqXlpw==
X-Firefox-Spdy: h2
syndication.exdynsrv.com/v1/api.php
200 OK 735 B URL HTTP/1.1 syndication.exdynsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (975), with no line terminators
Hash 86210a1462e2282a33606bb11772342b
88e95cddab91571a2ec6c5cced4198830b7cb728
15cb2d6f4ec704f9cdc745ffd2bb85fe6cbd4b01bf32ae8f1ab033b9b7f00911
POST /v1/api.php HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 297
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 10:28:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 182339e49eb50a6d89fed9b4ac4bc39f
0909d2250d8efc3093f15401713da4c74ba6707b
bc6fac01cec90f56f665671e2abab894752b9d8f1b1d5551e4d83cc53f0d4251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7384
x-amzn-requestid: 8c864d07-cb4e-44db-85f0-ebea10e67aaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XV7EPG0mIAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6305721a-32398abd1da8b41f48b4755c;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 00:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6aiAJzrFSh5oLa_mpPgX71BUSwjCS0NoNruUV_4tSPwpnphPE2DWGA==
via: 1.1 759bceededb9469e75c24a46c03d64bc.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:49:06 GMT
age: 45588
etag: "0909d2250d8efc3093f15401713da4c74ba6707b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/custom/custom.js
200 OK 1.5 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/custom/custom.js
IP
File type ASCII text, with CRLF line terminators
Hash cef3c92a6d896dacd1668f98cab2586f
5c4d2a2a6d4020792ce671fa21add59610de1029
d2c8064e39200b793faa19d6eadbf20c056c571b2b12562c7c5c6bd9a3f96762
GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 82f7f6347e76f114bef1f5a1c73c8681
82223dbfeb95d5096b4b56980f478f258ec9995b
966912cb9f658c1fbd29f1b117ae62b4a17b673b3cc1378a31d17b9fa8d50500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/v3/signin/identifier?dsh=S-1274093997%3A1661768934737133&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVPmrKOyQ9B4tda2eugo67ZicNR0lpxnQtK7mmtTd4TG9NDLmg-t2JqCMTNozgAlltuVI78SQ
403 Forbidden 808 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1274093997%3A1661768934737133&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVPmrKOyQ9B4tda2eugo67ZicNR0lpxnQtK7mmtTd4TG9NDLmg-t2JqCMTNozgAlltuVI78SQ
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Hash 3f45d48850640e0a21f935a6304447e1
2e46e502efabadb72f45f813e1adccad6773a9dd
6c7e07d745a0aa8961fb82ab7512682eb685b16980bde2eaf61df91576469f3c
GET /v3/signin/identifier?dsh=S-1274093997%3A1661768934737133&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVPmrKOyQ9B4tda2eugo67ZicNR0lpxnQtK7mmtTd4TG9NDLmg-t2JqCMTNozgAlltuVI78SQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 10:28:54 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-NZZASduwCCrNRV--hmgp3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=cbFK76tgW3yZOQDNxyU54CTn8yWC4LgHWgan_hFntlVkxQJa0gObUSmSb6b2DxgfuxVkBmpmOMXTS6aOb6-F5uOz9OmeuM3PsywJJDLMGBUrPip7xf4NC6FD6Iz4Z6LLdy8zIl7vaaIzFcMVQmkg_C678vKOvZ1kMwwoQBnNLXc; expires=Tue, 28-Feb-2023 10:28:54 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01P7UoEMQx8FV9gl0mapu399reC4gNsu11/eQiecMI8vN09OcwQyCSTL4XqhDxpeYCfNJ+ischcMJvOMsjT8wtN+NHfl+/P+dwvDFJcQS8FllmCZXWauUl2RhGaFo/JaDkngYESGYgBjcFsj2YAwgy+vT4eLgPKAFw1joZjLQVKGwTXvbnXjJbaighJqUnfNq9JfGubodW+C//fiRtmiIZj+l9iPGBBTTnJnRiHgUd5+fo5N/IuvyHeBwhXl0VTLau76VoX7Y6+iPXafEk9/wK4bfeLVQEAAA==
200 OK 20 B URL HTTP/1.1 syndication.exdynsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01P7UoEMQx8FV9gl0mapu399reC4gNsu11/eQiecMI8vN09OcwQyCSTL4XqhDxpeYCfNJ+ischcMJvOMsjT8wtN+NHfl+/P+dwvDFJcQS8FllmCZXWauUl2RhGaFo/JaDkngYESGYgBjcFsj2YAwgy+vT4eLgPKAFw1joZjLQVKGwTXvbnXjJbaighJqUnfNq9JfGubodW+C//fiRtmiIZj+l9iPGBBTTnJnRiHgUd5+fo5N/IuvyHeBwhXl0VTLau76VoX7Y6+iPXafEk9/wK4bfeLVQEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01P7UoEMQx8FV9gl0mapu399reC4gNsu11/eQiecMI8vN09OcwQyCSTL4XqhDxpeYCfNJ+ischcMJvOMsjT8wtN+NHfl+/P+dwvDFJcQS8FllmCZXWauUl2RhGaFo/JaDkngYESGYgBjcFsj2YAwgy+vT4eLgPKAFw1joZjLQVKGwTXvbnXjJbaighJqUnfNq9JfGubodW+C//fiRtmiIZj+l9iPGBBTTnJnRiHgUd5+fo5N/IuvyHeBwhXl0VTLau76VoX7Y6+iPXafEk9/wK4bfeLVQEAAA== HTTP/1.1
Host: syndication.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2022 10:28:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 313 B IP
Hash 07662f688ee724d5733e869b1e1cff85
5731e27d2ba8b051c6dd8311fd9c2352fe832e82
c2c9b733b8659db1ca10235994bdfe724062352181c02445fa6b6ecb427091e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4261
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 29 Aug 2022 10:28:54 GMT
Last-Modified: Mon, 29 Aug 2022 09:17:53 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
oulukdliketo.shop/utx?tid=832633&top=megaup.net&cb=sLdrNWC3YT0m
204 No Content 0 B URL HTTP/2 oulukdliketo.shop/utx?tid=832633&top=megaup.net&cb=sLdrNWC3YT0m
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=832633&top=megaup.net&cb=sLdrNWC3YT0m HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 29 Aug 2022 10:28:55 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:55 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZK9KeKwrDFFqv4r54gBjghpXxaRsLbmUiTRpSE7MRFxMfYwvcoc4mg==
X-Firefox-Spdy: h2
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 10:28:55 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10638959
X-HW: 1661768935.dop066.sk1.t,1661768935.cds242.sk1.shn,1661768935.cds242.sk1.c
Access-Control-Allow-Origin: *
a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7fS2XWzXaWqWayzWbfjivSyavjXimXXTd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps
200 OK 14 kB URL HTTP/2 a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7fS2XWzXaWqWayzWbfjivSyavjXimXXTd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps
IP
Hash fdc78b0f23ddadfc1f5696e8198d0f8f
3b3c1c55c369cbd0f7f51dbdd4fb21e0541c0d7b
3711099f707616dcce441de6c869d3ec6b5d03c8def476fd01dca07e410c0fde
GET /get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7fS2XWzXaWqWayzWbfjivSyavjXimXXTd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 29 Aug 2022 10:28:55 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KBmMMlOdLn1Lq+OZ0Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded6974; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 630C94E6-42FE72AB01BBCF21-F1CE929
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/a7/creatives/39/1393/805208/1028974/1028974_logo.png
200 OK 16 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/39/1393/805208/1028974/1028974_logo.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 2aaacb14c0816c811151f7e5ad369e9f
2b51b630dcbbdcd9cb0e9c298a5d4323de0f19f5
c6f084bf2cbf871312c3c508455dfeff2bb11dc8909d98ab1a43897b16bedf4e
GET /a7/creatives/39/1393/805208/1028974/1028974_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2022 10:28:55 GMT
Connection: Keep-Alive
ETag: "1649873991"
Content-Length: 15603
Content-Type: image/png
Last-Modified: Wed, 13 Apr 2022 18:19:51 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10552566
X-HW: 1661768935.dop018.sk1.t,1661768935.cds260.sk1.shn,1661768935.dop018.sk1.t,1661768935.cds227.sk1.c
Access-Control-Allow-Origin: *
freychang.fun/asd100.bin
200 OK 615 kB IP
Size 615 kB (615436 bytes)
Hash 17493c848d7bb110bed9a5621303c093
f42c9583fd867d77a2c356e8b6247c8f84d867a2
b19b27be843e11e95801f521c568f80d520f0e30d24abb280af45cb1a3f50b8c
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1023
last-modified: Mon, 29 Aug 2022 10:11:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCv4mBw%2FweK4r2%2B1GAZTOsWYmrbWOlQ5L1wbG0rEpANUJiZvYGUZOz3UQptEK%2B9h37GIfNqHIE8sUdPk9KIVhCz26HStFpbrjBNhFbeU%2BdFl%2BX7p%2BSzRQx6OfQWQkoEG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a41be65b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 464c8cb4be384ba9534ec4f7f231482b
55cbab58a6a23040fb31b4d68cfcc35fe5dc2856
64bb69a2790182a23a43c9518d093690363f33c4e39bc1d1337222b4fa528c67
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64BB69A2790182A23A43C9518D093690363F33C4E39BC1D1337222B4FA528C67"
Last-Modified: Sat, 27 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2588
Expires: Mon, 29 Aug 2022 11:12:03 GMT
Date: Mon, 29 Aug 2022 10:28:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 464c8cb4be384ba9534ec4f7f231482b
55cbab58a6a23040fb31b4d68cfcc35fe5dc2856
64bb69a2790182a23a43c9518d093690363f33c4e39bc1d1337222b4fa528c67
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64BB69A2790182A23A43C9518D093690363F33C4E39BC1D1337222B4FA528C67"
Last-Modified: Sat, 27 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2588
Expires: Mon, 29 Aug 2022 11:12:03 GMT
Date: Mon, 29 Aug 2022 10:28:55 GMT
Connection: keep-alive
megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_bold.woff
IP
File type Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Hash e0c4ac0e73196bd0469c5c33304b7773
bb071565f82907d117b0732dca8013409162c67d
ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6; _ga=GA1.2.1846877274.1661768935; _gid=GA1.2.1534382630.1661768935; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:55 GMT
content-type: font/woff
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
freychang.fun/asd100.bin
200 OK 104 kB IP
Size 104 kB (103964 bytes)
Hash ecebafdffef2027d4786ec9b01801f17
f9d72f6632b0579682492c8b900e5f8ab3b4d8e0
f2cf73761027c60a3abcefb60507648800bf46acfcd36fba6c3a9786c374d685
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1023
last-modified: Mon, 29 Aug 2022 10:11:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkIwKaqeZcibr7VZGoNzhNG3Ey2YdUi3YKjDwK8u7Vc3%2FUxJBeHNPNZQDh1yKDDRfI2yh70wmyB6pWfHB1N1wBuN8LsuSumEzS9ai2MNLMJyYxitX4fKtXBeNSmBwoUG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a41be62b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stellihandles.hair/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stellihandles.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 388
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
stellihandles.hair/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stellihandles.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 355
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
oulukdliketo.shop/floater?cs=MkQ0cnYFdwNETwtxAkBDBnQCRk8&abt=0&red=1&sm=83&k=download%20file%20dance%20fire&v=0.8.9.0&sts=0&prn=0&emb=0&tid=825911&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=152.67175572519082&ref=https%3A%2F%2Fmegaup.net%2F17xok%2FA.Dance.of.Fire.and.Ice.v2.0.5.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_ukxj=1661768934824&crc=1
200 OK 3.9 kB URL HTTP/2 oulukdliketo.shop/floater?cs=MkQ0cnYFdwNETwtxAkBDBnQCRk8&abt=0&red=1&sm=83&k=download%20file%20dance%20fire&v=0.8.9.0&sts=0&prn=0&emb=0&tid=825911&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=152.67175572519082&ref=https%3A%2F%2Fmegaup.net%2F17xok%2FA.Dance.of.Fire.and.Ice.v2.0.5.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_ukxj=1661768934824&crc=1
IP
File type ASCII text, with very long lines (6439), with no line terminators
Hash 17e3f52c9e3f85cbf13d93c16acb5db5
a42dfe15ba364cca7f71580525f9bb0adc4877b3
d54a4a3e89c3283e26194d7de99452c826f295b450c68c9ee839557359875fea
GET /floater?cs=MkQ0cnYFdwNETwtxAkBDBnQCRk8&abt=0&red=1&sm=83&k=download%20file%20dance%20fire&v=0.8.9.0&sts=0&prn=0&emb=0&tid=825911&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=152.67175572519082&ref=https%3A%2F%2Fmegaup.net%2F17xok%2FA.Dance.of.Fire.and.Ice.v2.0.5.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_ukxj=1661768934824&crc=1 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 3854
date: Mon, 29 Aug 2022 10:28:55 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=0c69f24b-ad5f-42e6-8de3-e391c10f99da
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PYT4MPCiXryFaqZcHCYr2J9kFoGBcaB62EZs3HXelAuZmzNos7VVFA==
X-Firefox-Spdy: h2
stellihandles.hair/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: stellihandles.hair
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 354
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash dceff50588039a3e14ff008d222a289e
b4ef462b95f0d914e537cb23ceab77205dadda26
2bad5a74da16025d8aca0967c36e87ec039519e04b543b9000c27fe96284bcc7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2BAD5A74DA16025D8ACA0967C36E87EC039519E04B543B9000C27FE96284BCC7"
Last-Modified: Mon, 29 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1636
Expires: Mon, 29 Aug 2022 10:56:13 GMT
Date: Mon, 29 Aug 2022 10:28:57 GMT
Connection: keep-alive
megaup.net/sw.js?dURPbmwuZnddXkN3fExAV2ZjTApBIHZbXRAgYl1cRX1iWlRCImJWCkNxYlZdF30uWVsQdXoNCldobQ9dEHx9WFsXaS1dCENpew1bQ2l3XAhGaXdcCUx2eg9ZEXZ4Wk5ZZjwZTllmPBoJGSgmBg0bICMLH1ssLgceV2htX1xbcW1CChQoPAtAEyUjHQlZIi4CHxAZ
200 OK 30 kB URL HTTP/2 megaup.net/sw.js?dURPbmwuZnddXkN3fExAV2ZjTApBIHZbXRAgYl1cRX1iWlRCImJWCkNxYlZdF30uWVsQdXoNCldobQ9dEHx9WFsXaS1dCENpew1bQ2l3XAhGaXdcCUx2eg9ZEXZ4Wk5ZZjwZTllmPBoJGSgmBg0bICMLH1ssLgceV2htX1xbcW1CChQoPAtAEyUjHQlZIi4CHxAZ
IP
File type ASCII text, with no line terminators
Hash 6a30bd747b2a6159b0359e6130b1353b
cc9df9590e7899807b80fcd540ec97d3b9264e4e
4885f42a12428bcf14f6c8572b1326c851d7ed8d4ec7155d8cc6d429e0eb2dd0
GET /sw.js?dURPbmwuZnddXkN3fExAV2ZjTApBIHZbXRAgYl1cRX1iWlRCImJWCkNxYlZdF30uWVsQdXoNCldobQ9dEHx9WFsXaS1dCENpew1bQ2l3XAhGaXdcCUx2eg9ZEXZ4Wk5ZZjwZTllmPBoJGSgmBg0bICMLH1ssLgceV2htX1xbcW1CChQoPAtAEyUjHQlZIi4CHxAZ HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6; _ga=GA1.2.1846877274.1661768935; _gid=GA1.2.1534382630.1661768935; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1258358444%3A1661768934690416&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXAvCcKhAKm6vv-82qL5_HwBvBvW56AieypJswVy7lWhESvJV8ZGC9pOIxs-Q88cRkFVGdYfA
403 Forbidden 14 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1258358444%3A1661768934690416&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXAvCcKhAKm6vv-82qL5_HwBvBvW56AieypJswVy7lWhESvJV8ZGC9pOIxs-Q88cRkFVGdYfA
IP
Hash 4799de09ef00ef031cf67f33eb3535f7
7b10bf303632a03b4c5ac5517c4f67d53928e15f
257fd594e165252596d3b53bf40cd83a12af43b33cc00c7bd8fba17459bd1fcb
GET /v3/signin/identifier?dsh=S1258358444%3A1661768934690416&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXAvCcKhAKm6vv-82qL5_HwBvBvW56AieypJswVy7lWhESvJV8ZGC9pOIxs-Q88cRkFVGdYfA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 10:28:54 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-GoSgLZs4XGc4YN6or1dwOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=jvb90ATc3GlBYMCn3cRE4QKhPSL1SyLnxWD0tVyMRMxzwvA4EO6SsU6sj_Hmw2XbVLTJ7KgeMN-EQ5PdOTaFnJTKOqlpYSbH5Uw7i14KlaqDRA9pXCA7OUDKt28NT5d_3V_zvQU7ahGRK5FgHlox2YoNpHd1whfoHtcdqaJ1OEQ; expires=Tue, 28-Feb-2023 10:28:54 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash dceff50588039a3e14ff008d222a289e
b4ef462b95f0d914e537cb23ceab77205dadda26
2bad5a74da16025d8aca0967c36e87ec039519e04b543b9000c27fe96284bcc7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2BAD5A74DA16025D8ACA0967C36E87EC039519E04B543B9000C27FE96284BCC7"
Last-Modified: Mon, 29 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20978
Expires: Mon, 29 Aug 2022 16:18:35 GMT
Date: Mon, 29 Aug 2022 10:28:57 GMT
Connection: keep-alive
static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
200 OK 89 kB URL HTTP/2 static.serve-servee.com/n337/ad/250x250_hqCCg8Cm.png
IP
File type PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 0994ec31361ea569c5549063145bfdd2
9b270e9f7a346a0f0f60a978e154f49740350270
e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1
Host: static.serve-servee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:58 GMT
content-type: image/png
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1661768937.cds215.sk1.h2,1661768937.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgHIM5xrKm6uxFArS9clB2vJWIOS2iFsuns0x%2FCM2mkhyyZMzDNHjNpYr8dfoXJz37BIbWawND%2Fz3Isll%2FEAvE7ofxv9sbkdWCZ0hN8sl3fFppHyXj4vK5E7tGuyksIUmpIki0zriqRXHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a5668e1b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
200 OK 32 kB URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/raleway_medium.woff
IP
File type Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Hash 1b285c8e5b7445a8e434b2cdf036bab2
c97d4772fbb5c5637d466b5f991bc7ec28830b32
09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6; _ga=GA1.2.1846877274.1661768935; _gid=GA1.2.1534382630.1661768935; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:29:00 GMT
content-type: font/woff
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/sticky/jquery.sticky.js
IP
GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTM5MyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDI4OTc0Iiwic3YiOiI1NjQ4IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIxIiwiY24iOiIzMDBYMjUwX1BDX05US19QUVRfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMTAwIiwidGlkIjoiMSIsIml0IjoiMjlcL0F1Z1wvMjAyMjoxMDoyODo1NSArMDAwMCIsImNjIjoiMyIsInNuY2lkIjoiOTUyOTkiLCJjaWQiOiIzNDMwMiIsImV4dF91aWQiOiIiLCJjcCI6IjU2LjA3Iiwic25jY2lkIjoiMTg3OTMzOSIsImlpZCI6ImZiYTQyYWMyYjZiMWU2NjM5YTg5MTg4NjdhM2NiODVmIiwiZXh0X2lpZCI6IiJ9?unique_view=1
200 OK 0 B URL HTTP/2 a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTM5MyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDI4OTc0Iiwic3YiOiI1NjQ4IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIxIiwiY24iOiIzMDBYMjUwX1BDX05US19QUVRfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMTAwIiwidGlkIjoiMSIsIml0IjoiMjlcL0F1Z1wvMjAyMjoxMDoyODo1NSArMDAwMCIsImNjIjoiMyIsInNuY2lkIjoiOTUyOTkiLCJjaWQiOiIzNDMwMiIsImV4dF91aWQiOiIiLCJjcCI6IjU2LjA3Iiwic25jY2lkIjoiMTg3OTMzOSIsImlpZCI6ImZiYTQyYWMyYjZiMWU2NjM5YTg5MTg4NjdhM2NiODVmIiwiZXh0X2lpZCI6IiJ9?unique_view=1
IP
GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTM5MyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDI4OTc0Iiwic3YiOiI1NjQ4IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIxIiwiY24iOiIzMDBYMjUwX1BDX05US19QUVRfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMTAwIiwidGlkIjoiMSIsIml0IjoiMjlcL0F1Z1wvMjAyMjoxMDoyODo1NSArMDAwMCIsImNjIjoiMyIsInNuY2lkIjoiOTUyOTkiLCJjaWQiOiIzNDMwMiIsImV4dF91aWQiOiIiLCJjcCI6IjU2LjA3Iiwic25jY2lkIjoiMTg3OTMzOSIsImlpZCI6ImZiYTQyYWMyYjZiMWU2NjM5YTg5MTg4NjdhM2NiODVmIiwiZXh0X2lpZCI6IiJ9?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7fS2XWzXaWqWayzWbfjivSyavjXimXXTd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps
Cookie: adtool_guid=Ch5KBmMMlOdLn1Lq+OZ0Ag==; RNLBSERVERID=ded6974
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 29 Aug 2022 10:28:55 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 630C94E7-42FE72AB01BBCF21-F1CE98D
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/css/settings.css
IP
GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/stylesheet.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/stylesheet.css
IP
GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/zeroClipboard/ZeroClipboard.js
IP
GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-process.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-process.js
IP
GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-validate.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-validate.js
IP
GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/global.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/global.js
IP
GET /themes/flow/js/global.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/animations/animate.min.css
IP
GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
IP
GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-1.11.0.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-1.11.0.min.js
IP
GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/images/loading_small.gif
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/images/loading_small.gif
IP
GET /themes/flow/images/loading_small.gif HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: image/gif
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/custom-isotope.js
IP
GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
freychang.fun/
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: text/plain
set-cookie: csu=1070686427142118@1@1661768934; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Kv%2BgxVtUr3%2F9SWwKspDO%2FyWynNdKwDKtvnQKbr98cxuxZwRWyorC24YlZhXJ9YZpVEdOoJsFLj25TzumKMNnr5CCjVovfgfWdzr1cUzyFou1sU5vH2ProPUL3ZfMok0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a41be67b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/font-icons/entypo/css/entypo.css
IP
GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/load-image.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/load-image.min.js
IP
GET /themes/flow/js/load-image.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/sw.js
200 OK 0 B IP
GET /sw.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js
IP
GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/animation/jquery.appear.js
IP
GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css
IP
GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: wtdrgHMX2bNQHekJzToDhVZ3XcmS5CsBaQpxBYYA3H2G7svmaWGPO7LuuWPb7HFUoWPPiuRVOZciikJ7A5PlKg==
date: Mon, 29 Aug 2022 10:28:54 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
200 OK 0 B URL HTTP/2 megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
IP
GET /17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.dataTables.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.dataTables.min.js
IP
GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.tmpl.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.tmpl.min.js
IP
GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload.js
IP
GET /themes/flow/js/jquery.fileupload.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css
IP
GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery-ui.js
IP
GET /themes/flow/js/jquery-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.iframe-transport.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.iframe-transport.js
IP
GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js
IP
GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/canvas-to-blob.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/canvas-to-blob.min.js
IP
GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js
IP
GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js
IP
GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/retina/retina.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/retina/retina.js
IP
GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/gauge.min.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/gauge.min.js
IP
GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/fonts.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/fonts.css
IP
GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/1811811?size=300x250
200 OK 0 B URL HTTP/2 ad.a-ads.com/1811811?size=300x250
IP
ASN #24940 Hetzner Online GmbH
GET /1811811?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
freychang.fun/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1023
last-modified: Mon, 29 Aug 2022 10:11:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuTVstpC%2BdKy4Hom2JVcVlMrAnfSlyZGz3Wr%2Fd44%2FVpCBeEpPRAkuuTCbcNkNqwhFuP8MZNPq9poSXjTNs82irSmONSQgRC825haZ9hFpNSe1Jypba%2F3MyiDL04SZK3C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a41ee92b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freychang.fun/asd100.bin
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 Aug 2022 10:28:54 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1023
last-modified: Mon, 29 Aug 2022 10:11:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQi3lJkIcZE5X3AlGAxjSEU%2FYyYsd3MSzGxwQ5MvbRfMx5bREF2FQ0L7B%2BfBKCppB7nFCDg1LkXBCRwKL0K53xIEYlcEugm6L4ct68MgY5VupqKlON6kJSfAUeXUIHJ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a41be66b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
societingna.info/ZWhTdkIeSiABHRAaP1R4RwAnAjIWUnxZLwAPMgMySwY2Am0WH30cMUdEcQUvA0ppR25HHDIRHQwMcUxgXVthQHFWSn9UMRAKDB8mV0ppVCRRDGpDcwAMfkVyVVF%2BQnpSDn5OJFNdfk5zB1EyQXUAWWYVJEcV
200 OK 0 B URL HTTP/2 societingna.info/ZWhTdkIeSiABHRAaP1R4RwAnAjIWUnxZLwAPMgMySwY2Am0WH30cMUdEcQUvA0ppR25HHDIRHQwMcUxgXVthQHFWSn9UMRAKDB8mV0ppVCRRDGpDcwAMfkVyVVF%2BQnpSDn5OJFNdfk5zB1EyQXUAWWYVJEcV
IP
GET /ZWhTdkIeSiABHRAaP1R4RwAnAjIWUnxZLwAPMgMySwY2Am0WH30cMUdEcQUvA0ppR25HHDIRHQwMcUxgXVthQHFWSn9UMRAKDB8mV0ppVCRRDGpDcwAMfkVyVVF%2BQnpSDn5OJFNdfk5zB1EyQXUAWWYVJEcV HTTP/1.1
Host: societingna.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: f35eec11e1a6c5136879f35d4c072427=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0fd-iRiLBg5ootd6kTC4JFPloXtXeAg"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/responsive.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/responsive.css
IP
GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/styles/file-upload.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/styles/file-upload.css
IP
GET /themes/flow/styles/file-upload.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-resize.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-resize.js
IP
GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/js/jquery.fileupload-ui.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/js/jquery.fileupload-ui.js
IP
GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/js/nav/jquery.nav.js
IP
GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/isotope/isotope-style.css
IP
GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
megaup.net/themes/flow/frontend_assets/css/colors/flow.css
200 OK 0 B URL HTTP/2 megaup.net/themes/flow/frontend_assets/css/colors/flow.css
IP
GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1
Host: megaup.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2
91.209.70.182
23.36.77.32
104.26.3.107
136.243.61.83
23.109.150.138
93.184.220.29
31.13.72.36
104.21.24.67