Overview

URL megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
IP91.209.70.182
ASNFNK LLC
Location Russia
Report completed2022-08-29 10:29:03 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-08-28 2 freychang.fun Sinkholed
2022-08-28 2 freychang.fun Sinkholed
2022-08-28 2 freychang.fun Sinkholed
2022-08-28 2 freychang.fun Sinkholed
2022-08-28 2 freychang.fun Sinkholed


Files

No files detected



Passive DNS (31)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS hw-cdn2.ang-content.com (1) 165651 2019-03-25 22:41:04 UTC 2022-08-29 07:25:58 UTC 205.185.208.20
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-08-29 04:31:25 UTC 34.117.237.239
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-08-29 07:53:02 UTC 172.64.155.188
mnemonic passive DNS syndication.exdynsrv.com (2) 34243 2016-04-20 18:35:15 UTC 2022-08-29 10:16:14 UTC 95.211.229.246
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-29 04:31:28 UTC 34.120.237.76
mnemonic passive DNS societingna.info (1) 978921 2020-01-01 12:45:00 UTC 2022-08-29 02:59:49 UTC 107.22.28.167
mnemonic passive DNS r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-08-29 04:32:12 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-08-29 04:31:13 UTC 142.250.74.3
mnemonic passive DNS dmmzkfd82wayn.cloudfront.net (6) 0 2021-03-18 17:00:47 UTC 2022-08-29 02:59:48 UTC 143.204.42.115 Unknown ranking
mnemonic passive DNS static.serve-servee.com (1) 0 2022-06-18 03:19:30 UTC 2022-08-29 03:33:16 UTC 104.21.24.67 Unknown ranking
mnemonic passive DNS ad.a-ads.com (1) 26970 2013-04-19 21:54:57 UTC 2022-08-29 10:15:54 UTC 136.243.61.83
mnemonic passive DNS hw-cdn2.adtng.com (1) 11917 2020-02-20 16:50:17 UTC 2022-08-29 07:25:58 UTC 209.197.3.25
mnemonic passive DNS freychang.fun (5) 20665 2021-01-12 15:52:59 UTC 2022-08-29 07:49:40 UTC 172.67.218.221
mnemonic passive DNS stellihandles.hair (3) 0 2022-07-21 07:05:11 UTC 2022-08-29 07:49:40 UTC 107.22.28.167 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-08-29 06:32:27 UTC 93.184.220.29
mnemonic passive DNS altowriestwispy.com (2) 951913 2021-02-24 10:44:10 UTC 2022-08-29 02:59:48 UTC 23.109.170.49
mnemonic passive DNS imp9.bidgear.com (1) 34078 2021-03-15 11:09:09 UTC 2022-08-29 05:40:53 UTC 104.26.3.107
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-29 04:39:36 UTC 143.204.55.35
mnemonic passive DNS keydawnawe.com (2) 586690 2020-10-08 14:33:32 UTC 2022-08-29 02:59:48 UTC 23.109.150.138
mnemonic passive DNS platform.bidgear.com (2) 30367 2016-07-27 11:51:48 UTC 2022-08-29 05:40:53 UTC 104.26.3.107
mnemonic passive DNS megaup.net (56) 179052 2017-09-01 18:45:15 UTC 2022-08-29 06:57:07 UTC 91.209.70.182
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-10-04 01:07:32 UTC 2022-08-29 04:31:27 UTC 142.250.74.72
mnemonic passive DNS www.facebook.com (1) 99 No data No data 31.13.72.36
mnemonic passive DNS a.adtng.com (2) 15165 2018-07-26 19:17:41 UTC 2022-08-29 06:38:23 UTC 66.254.114.171
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-08-29 05:16:50 UTC 23.36.77.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-29 05:05:45 UTC 143.204.55.35
mnemonic passive DNS static.a-ads.com (1) 34827 2013-06-01 16:47:05 UTC 2022-08-29 03:33:11 UTC 136.243.61.83
mnemonic passive DNS accounts.google.com (3) 81 2012-05-23 06:57:57 UTC 2022-08-29 05:08:44 UTC 216.58.207.237
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-29 04:55:44 UTC 34.211.241.174
mnemonic passive DNS oulukdliketo.shop (10) 0 2022-08-21 19:27:19 UTC 2022-08-29 09:12:28 UTC 143.204.55.49 Unknown ranking
mnemonic passive DNS atebilaterde.one (6) 0 2022-07-21 07:34:35 UTC 2022-08-29 06:26:37 UTC 172.67.197.202 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 91.209.70.182

Date UQ / IDS / BL URL IP
2022-12-04 00:22:12 +0000
0 - 0 - 1 megaup.net/3bWzW/Tabletop_Simulator_v13.2.2.rar 91.209.70.182
2022-12-04 00:07:51 +0000
0 - 0 - 1 megaup.net/2vb3n/Warhammer.40000.Shootas.Bloo (...) 91.209.70.182
2022-12-03 21:13:57 +0000
0 - 0 - 2 megaup.net/2pS44/IronWolf.VR.v1.0.0.0f_(2).rar 91.209.70.182
2022-12-03 20:11:05 +0000
0 - 0 - 2 megaup.net/1ahb5/Stranded.Deep.v1.0.16.0.22.rar 91.209.70.182
2022-12-03 20:10:12 +0000
0 - 0 - 1 megaup.net/1PW6b/Factorio.v1.1.72.rar 91.209.70.182

Last 5 reports on ASN: FNK LLC

Date UQ / IDS / BL URL IP
2022-12-04 00:22:12 +0000
0 - 0 - 1 megaup.net/3bWzW/Tabletop_Simulator_v13.2.2.rar 91.209.70.182
2022-12-04 00:07:51 +0000
0 - 0 - 1 megaup.net/2vb3n/Warhammer.40000.Shootas.Bloo (...) 91.209.70.182
2022-12-03 21:13:57 +0000
0 - 0 - 2 megaup.net/2pS44/IronWolf.VR.v1.0.0.0f_(2).rar 91.209.70.182
2022-12-03 20:11:05 +0000
0 - 0 - 2 megaup.net/1ahb5/Stranded.Deep.v1.0.16.0.22.rar 91.209.70.182
2022-12-03 20:10:12 +0000
0 - 0 - 1 megaup.net/1PW6b/Factorio.v1.1.72.rar 91.209.70.182

Last 5 reports on domain: megaup.net

Date UQ / IDS / BL URL IP
2022-12-04 00:22:12 +0000
0 - 0 - 1 megaup.net/3bWzW/Tabletop_Simulator_v13.2.2.rar 91.209.70.182
2022-12-04 00:07:51 +0000
0 - 0 - 1 megaup.net/2vb3n/Warhammer.40000.Shootas.Bloo (...) 91.209.70.182
2022-12-03 21:13:57 +0000
0 - 0 - 2 megaup.net/2pS44/IronWolf.VR.v1.0.0.0f_(2).rar 91.209.70.182
2022-12-03 20:11:05 +0000
0 - 0 - 2 megaup.net/1ahb5/Stranded.Deep.v1.0.16.0.22.rar 91.209.70.182
2022-12-03 20:10:12 +0000
0 - 0 - 1 megaup.net/1PW6b/Factorio.v1.1.72.rar 91.209.70.182

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-20 20:18:38 +0000
0 - 0 - 1 megaup.net/17Dm4/Lake.v1.0.10.rar 91.209.70.182
2022-10-26 17:43:39 +0000
0 - 0 - 1 megaup.net/64X/Hitman_[FitGirl_Repack].part1.rar 91.209.70.182
2022-09-03 22:36:16 +0000
0 - 0 - 6 megaup.net/2sv4D/Crusader.Kings.III.Royal.Edi (...) 91.209.70.182
2022-08-29 02:59:59 +0000
0 - 0 - 5 megaup.net/17E42/Jade.Order-Chronos.zip 91.209.70.182
2022-09-04 21:48:37 +0000
0 - 0 - 1 megaup.net/2rgep/[Game3rb.com]_Terraria.v1.4. (...) 91.209.70.182


JavaScript

Executed Scripts (58)


Executed Evals (1)

#1 JavaScript::Eval (size: 47, repeated: 1) - SHA256: 0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d

                                        window.fanfilnfjkdsabfhjdsbfkljsvmjhdfb = true;
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 2290, repeated: 1) - SHA256: dda406f7a923ba34c59cfcd93f03fb050f2c9c44794b8c393a8a5e4ab54fcfce

                                        < div style = "display:none" > < /div><div id="bg_content"><div style="display:none"><img data-cfasync="false" src="/ / imp9.bidgear.com / rec ? t = 1 & z = 6192 & uuid = e13953852275434585a42e2eeabaa4c5 & p = 28 & g = NO & token = 4 a44335432 & tbg = 1661768934 " rel="
noindex nofollow " referrerpolicy="
unsafe - url "/></div><div data-ifr=2 style=" - webkit - transition: width 0.5 s!important; /*background-color:#fcfcfc!important;*/
background - color: # e3e3e3!important;
opacity: 0.6;
color: #00aecd;font-family:Arial!important;height:15px!important;line-height:15px!important;overflow:hidden!important;position:absolute!important;left:1px!important;top:1px!important;transition:width 0.5s!important;white-space:nowrap!important;width:16px!important;z-index:99999!important; border-bottom-right-radius: 4px" onmouseover= "this.style.width='100px';this.style.borderBottomRightRadius='3px';this.style.opacity=1;"
onmouseout = "this.style.width='16px';this.style.borderBottomRightRadius='4px';this.style.opacity=0.6;" > < div style = "float: left!important;position: absolute!important;left: 6px!important;bottom: 0px!important;" > < a href = //bidgear.com/?ref=banner target=_blank style="color:inherit!important;font-size:11px!important;padding:0 5px!important;text-decoration:none!important;margin:0!important;text-indent: 0!important; display: inline!important;"><span style="/*background-color:#fcfcfc!important;*/display:block!important;height:14px!important;position:absolute!important;right:1px!important;bottom:0!important;width: 13px!important;text-indent: 0!important; padding: 0!important; border-bottom-right-radius: 4px"><img src=//platform.bidgear.com/media/img/b15.png alt=Ad by Bidgear style="width:100%!important; height: 13px!important;"></span></a></div><div style="float: left!important;clear: right!important; padding-left: 16px!important;"><a href=//bidgear.com/?ref=banner target=_blank style="color:inherit!important;font-size:11px!important;padding:0 5px!important;text-decoration:none!important;margin:0!important;text-indent: 0!important;">Ad by Bidgear</a></div></div><script async type="application/javascript" src="https://a.exdynsrv.com/ad-provider.js"></script> <ins class="adsbyexoclick" data-zoneid="4464186" data-keywords="keywords"></ins> <script>(AdProvider = window.AdProvider || []).push({"serve": {}});</script></div>
                                    

#2 JavaScript::Write (size: 419, repeated: 1) - SHA256: 797aaaa97b569b2e91df60e1b4db642acdc19690df307f7d2204073eda9be658

                                        < body style = "margin:0px;" > < iframe width = "300"
height = "250"
scrolling = "no"
frameborder = "0"
src = "https://a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7fS2XWzXaWqWayzWbfjivSyavjXimXXTd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps"
allowtransparency = "true"
marginheight = "0"
marginwidth = "0"
name = "spot_id_10012456" > < /iframe></body >
                                    


HTTP Transactions (142)


Request Response
                                        
                                            GET /17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         91.209.70.182
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 29 Aug 2022 10:28:52 GMT
Content-Length: 162
Connection: keep-alive
Location: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
X-Download-Options: noopen


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 29 Aug 2022 10:25:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XELE7XFlzQopxgZO-34ybzqfbCiRUVD1eEhArF41zgAdLe8ZtAdZLg==
Age: 215


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9212
Expires: Mon, 29 Aug 2022 13:02:24 GMT
Date: Mon, 29 Aug 2022 10:28:52 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QnhahTY5gBnlw4VeC7qDm_Or4A2ZWG3Df3zbB-xIy0X6slhhzg0Q5Q==
age: 42774
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:52 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 29 Aug 2022 10:17:12 GMT
Cache-Control: max-age=3600
Expires: Mon, 29 Aug 2022 10:55:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YQuxC3TkMZkI_T8Zgg9ktEFb6qQRzo_feMXLbYv5nK6k6fPbu39DlA==
Age: 700


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3255
Cache-Control: max-age=167523
Date: Mon, 29 Aug 2022 10:28:53 GMT
Etag: "630c7391-1d7"
Expires: Wed, 31 Aug 2022 09:00:56 GMT
Last-Modified: Mon, 29 Aug 2022 08:06:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e5qt7g1WB1axVT/EdEZ3xQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.211.241.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ztDbro+9yutqntySktmJWCrEd1g=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 10:28:53 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 00:41:15 GMT
Expires: Fri, 02 Sep 2022 00:41:14 GMT
Etag: "3184be527c6d32edfdeab7fa49e481829e91d0ab"
Cache-Control: max-age=309740,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74249a34b926b4f4-OSL

                                        
                                            GET /themes/flow/images/main_logo_inverted.png HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-length: 7137
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-1be1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 203 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size:   7137
Md5:    5d15526be10b904a6b48d1af04a10cc3
Sha1:   c09b6874359ac6d71db95593618a9acb55baa984
Sha256: 894d25472e0f890edf235e8f66fbeda7ea75043632924ecb82691d76bd7db018
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 10:28:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CA4ACE4DA2D33AEC3D90C29F068B653B72B2012F8179433D159B92C85624B0E5"
Last-Modified: Sat, 27 Aug 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17733
Expires: Mon, 29 Aug 2022 15:24:26 GMT
Date: Mon, 29 Aug 2022 10:28:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2B613F16C919FF2316575E807E877A6E045083E3804279B9B847F1A67E0683F8"
Last-Modified: Sat, 27 Aug 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5577
Expires: Mon, 29 Aug 2022 12:01:50 GMT
Date: Mon, 29 Aug 2022 10:28:53 GMT
Connection: keep-alive

                                        
                                            GET /gtag/js?id=UA-108868042-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 29 Aug 2022 10:28:53 GMT
expires: Mon, 29 Aug 2022 10:28:53 GMT
cache-control: private, max-age=900
last-modified: Mon, 29 Aug 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42035
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1615)
Size:   42035
Md5:    c5e7f333b767bee1f1afeb5126bbed49
Sha1:   35d07d17d844bc6fddc366e0c983f96731e6d7d4
Sha256: abb8a28741cf536cf7ff7363118314c239c35d544690f1850844a32695d478e7
                                        
                                            GET /gwZ1U5hjA8ii/32575 HTTP/1.1 
Host: keydawnawe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.150.138
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 29 Aug 2022 10:28:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
                                        
                                            GET /tysaSHG1FMaM/18410 HTTP/1.1 
Host: altowriestwispy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.170.49
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 29 Aug 2022 10:28:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
                                        
                                            GET /themes/flow/frontend_assets/js/nav/jquery.scrollTo.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-981"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2241), with CRLF line terminators
Size:   1719
Md5:    606c2bea154362c591f42cbd53695fe8
Sha1:   98d13d968704c9552be28c864e13274b4ef91645
Sha256: d799806b21bb6d473c865eb682899b7c183023b2ec4ea1c6caf1ade0a4362844
                                        
                                            GET /?kzmmd=761186 HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 188782
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iEoRibwhNYKnn9zUAqNySjVYVUHleVcV0tUgir0NE6sj_hmIaIatpA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (15945)
Size:   188782
Md5:    a0c3c74303c201c644436723559356a1
Sha1:   769499bc0fffed68f5ed004f8f24c955eb26737b
Sha256: 5e9f4d8f43ceef1fea9287e5c162f40b4b3e4447ab59a364e8acd33e1ef18d34
                                        
                                            GET /themes/flow/frontend_assets/fonts/raleway_extrabold.woff HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-length: 31344
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7a70"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31344, version 1.1\012- data
Size:   31344
Md5:    21f79e4c0fbe54a555170aa70bb4c8b7
Sha1:   9d4aaf2016cd21f16bc45089a48de84dba951fa7
Sha256: 2b638674bc57ad355ef2ecbd68e78ecb36bc323aaaf4ddeb9cd4f61bc5f26c42
                                        
                                            GET /themes/flow/frontend_assets/fonts/raleway_semibold.woff HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-length: 31980
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7cec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31980, version 1.1\012- data
Size:   31980
Md5:    99ac81a158028ac2023fb3350d2497e7
Sha1:   f08c12c91ab29282a616c3ba8e533f49b5b433ca
Sha256: 92a8c8eca8cfcfc53855bc48ba50b866704a00323c4e3089b564c939a668925d
                                        
                                            GET /themes/flow/frontend_assets/socialsider-v1.0/_fonts/socicon-webfont.woff HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-length: 20972
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-51ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 20972, version 1.0\012- data
Size:   20972
Md5:    cad75e2dacc6794c4e6b14727d4a989d
Sha1:   694d04c8f643df4100c23efc1463ac9f4e732f60
Sha256: ebccc09339b7730324221aff3d11d215de9997b47bf708ca18a3be2d8e8b9887
                                        
                                            GET /tysaSHG1FMaM/18410 HTTP/1.1 
Host: altowriestwispy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.170.49
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 29 Aug 2022 10:28:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
                                        
                                            GET /gwZ1U5hjA8ii/32575 HTTP/1.1 
Host: keydawnawe.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.150.138
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 29 Aug 2022 10:28:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    4e5d65669f8dcd928dad06adf883f025
Sha1:   d771713d758c3348dd7e5b38bb40c7935399ae46
Sha256: 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
                                        
                                            GET /themes/flow/js/clipboardjs/clipboard.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2296"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8746)
Size:   4182
Md5:    b77513887e3bb6e2b55669b3d80c8857
Sha1:   88f7104b6835f04dad5cfd4f95070fbc76fbc6dd
Sha256: 079f30fbc76aeb732a39d500b21ce845bd9af7621e6375bbb43ccfb649685b95
                                        
                                            GET /alI5MzQLMFpeCwtvWxVBGD4EFgYsdwt1UAc/Q1hSDmoLRFUTPBdQWAUnXVVGBTxNHVoPJhwBcl8xbldDJAdOYHcoZ21QQz8df3JcWgBVdXAoGmtrcDscWHpTLDN7AW0LHFAHDD0AaERyEwN6V2ZeHG9YcVgUb0N1Lyt4Ync4MXBSXDsYfERcUwROamE8YX91ZTsAf3pMGjN7AlMeEHhcbDIoXlJyLAh4f2EdGXEDDAYaaEBmLxoNAGEGZn9SYSQKbnYFUwN8eXAOYFV3YhIqWnpTOzRvYlBSEW8Kcws8SXVlARwKUmEkCnhYehoDUGl+K2BzcWAGf2x7UigLenYFXjhvdWFYEApLdTxieHZSLxB6YlM/I35xYTwHQH5+OzlzSVA/NnNididnbXVtTDhKXFoab05gYi0bdV9sKyJtBA0FOA HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1178
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DJjiScS2fFzTQ0QtixWTaIfWaZbynCESs2tUycqbdCfv_tls33llTg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Size:   1178
Md5:    7b8b3ebfa5d0415630a22028ceb22c7b
Sha1:   46de9d45a10cfc24b6317562cdae1375bab5edac
Sha256: 4ca066689152bfc8e459fba40299d5597c3239b6fc7e6f21500dd7398714f53c
                                        
                                            GET /cEdRaHFfeDIbTBMTG1orNwkWKSQ2FAYDFjgWFzImIhYbKSQ2KHccGBR6aVpESXZgTgEZI2xbQ1Y0JQkFBTRsWkFAcHcBHxYobFpXBnphRklefn9YVwV6YE4FACY2VUBWNyUcHU12Z15AR3FpUUJEdmFc HTTP/1.1 
Host: atebilaterde.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.197.202
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GANGhFK3%2B8XS4PxO1URVKgQ8Qrl6dWGSG568uTv5PrqPSS3A59JuuCxgFzpBKofrq%2Bji%2BL9Jfhfe9DvTrGG%2FhNwq6YpM7W8blAKUICaS%2Bbt%2BSt7nAu4jUb2QDzel3zgJG%2B9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3ebe1ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /VEpFZVE1KCYIbjV3J0MkJiZ4QGMSb3cjNTknPw43MHJ3EjAtJGsGPTs/IQMjOyQxSz8xPmBXFywuKFQ6BhwmMxAzJS8EEB0PBC05IhgDDTUwDR80EywpNCoADhsACwRtBxddIgQwIjYGAQM9KQMeGxMiHGMMMigVMQIAMRAjLnE/PRUHBCY1JRsuFgAaHiIBBBYPNygpGQYBNiItDy4WAx4NKgcQPH42Kik7BxQ9MgYbdSsEDQ0TIgMGMnU/PRovDwgTOBgiIB8fMwwqAhIQdClhYSgKVh8+H3RRPA0NEyIZLAAiPxUwHxAIJToSdQ0GMB4EMRUzZ30UMj8bNzM/AicXCWACLhI/BQx7FA8BMxsMJDg7PBBUaT0sAiMIDB8MEjA/KWMPIjskNVgnZCACFxkuJSFR HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1168
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IHGZEcZIc0wNVcsxLglxHCMklEhT0ZPGB-VYkNJvkdgYfsCJ-VBzUA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3011), with no line terminators
Size:   1168
Md5:    dd4745243b3580e1b86897792d0e9f9c
Sha1:   4f248cb60349015968e36a0d553a312342064afe
Sha256: 55df50afee7b067a4160fdedf6db83bd14592f585fe5ced7941fd169163321f3
                                        
                                            GET /RXo2Yk1qRVURcB9IDzMedyxgNH8fTWMOCyQjfg4VEzxSDCh0NxAWJCFHAVR8dEIARD0sHgtTazYOVxY4NkcHRCQrHFlfazNHB0x+cVQEWmN1XENffGMORgMqeEsQEjkxFgtTe3NLAVR1fEkCUnV8 HTTP/1.1 
Host: atebilaterde.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.197.202
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNvKOMrILoZKrfA2ALNr%2F1FP2AcE%2BAjhCJKX3XX2NvjoQtc5VBbTmT5AM%2FyuOvuOHyzyvjnIwo84pT2vy%2Fb99eCHxrARSyuSg3dTWhu0P6IG2zEBzk8zTNHTorW78qO%2Fp1%2BK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3ebe18b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /aUdtWWlGeA4qVDMTPzUKBQk+G1gjAgw1HisSXRsEPBY/DTsEKEstAA16VWtcUHZcfxkAI1BqW080GTgdHDRQaE8AKQs2VE8xUGlHUWlUd1lPMlBoTx03DD5UWGEdLR0FelxvX1hwW2FQWnNcaVs HTTP/1.1 
Host: atebilaterde.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.197.202
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQ%2FKs00eJ5IvKgZSNpy0Kqzk2fvQOeEXPn7JH4SS4mtuElW9cgOmR1XTGUWxPPnitnEFlB6uZkWuMWBri3m8NvHStEanht4uEiqPuqr16UrKW6t1OA2rK7JDRUmTWqla5rp2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3ebe19b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4088
Cache-Control: max-age=153258
Date: Mon, 29 Aug 2022 10:28:54 GMT
Etag: "630c3898-116"
Expires: Wed, 31 Aug 2022 05:03:12 GMT
Last-Modified: Mon, 29 Aug 2022 03:55:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /SDBoVWopUgs4VSkNCnMfOlxVcFgOFVoTDiVdEj4MLAhaIgsxXkY2BidFDDMYJ14cewQtRE1nLBh9AwclGl4EByExcQ8HARFEIzseCXIGZFgrdVgAJiIAGBNaAgUsFyc7cREAJA5IJhEOPwAuHgQjZSZnKwZjKxcQLFxRMCAbcQAHKBlYIRY8DXFaHBwBWBsFCQ9XEhIrcEAhAR0ZaAEyHBEAHGUJH3JaDSsKADI/XwFxWhNTCnYfFA4LeR4TWisICWY4AmMGLV4PZVASMxAALQ0rCgA4ESgrcTkDWSt2CxYIH0RYBjwdWCQGWh92WwwjLHUDEQ4AHV1mORl+ADMiEVY/LzM6eSoPIRFoHxQ7CWIZMwcJfSxmP25aGzoEOA0qAD95USsEADkDKxY5A2AR HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1163
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2XKHKzQydXxVGnFzmKuNhlkAFKOQydIiLfSwyvcCi4NLmC15BWI0vw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3005), with no line terminators
Size:   1163
Md5:    fe9c33a210d1160a51bd64e178d655ab
Sha1:   fbfb5b9eb62f6a8f0b7e3d65f4555f4dc5ef057c
Sha256: 2282c321cfb798c0e3df0d804e180ddd4938973773464aef2ee8cc8b0e0b7ad8
                                        
                                            GET /aVh3MDUIOhRdCghlFRZAGzRKFQcvfUV2UQQ1DVtTDWBFR1QQNllTWQYtE1ZHBjYDHlsMLFICc1oNMVwFOzUmSnsBNxBnTDgvMnhBPQIaAXMKNCECeB47B3NcKzM9WUI+EzN9cC0KQ1R9DhU8e30wLDNZfzMBPwhsIy8YA28vER1zXyczJWd0LxYzRH8KMz5bfjsrA2dmCmgxZHgjFg19dCUKEwJ5Kw5Ac2FRMj9jWiAVL0hyKB4xFQcrOSF2BT8QEFhnMTw1aU0dChN2ZFEVNV9PIRAhQmctbRRqUjMbFFtzAx9GdgU/Gz5GYDENG1FiUDkTWwRYOUcdZAEZI31MLmo5Z3MELDJUBDs/FnVnWgkgekUsMU9nez1gFWBeLzE/AAQeCxpyEFseNmhBP34dQ1oHKEpiXxsgHUB+ExUwR3kl HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1177
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J4I4ZSatRtRtQ5UmpdB6rZMH2JUYJvsjsEktxsJ4P8vmDnC8lZEb3Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Size:   1177
Md5:    bf4cc23be5009d60f6b7baca8a1d8426
Sha1:   044767f20b4bd5430a7e6ce34b31f0bc08b40396
Sha256: eda9a6b87003ec493ebe979801fee6d0d6ecadacc516b1300c1cd6ede07dacbe
                                        
                                            GET /Zm50blZJURcdazMFTTgFCiwfCAEsS0YsDAssQjc4KAktNm8BC0YNcBIHEFNuUVhHX25AHh0Ka1RXUh0iBxoBHWtXSB0AMAlTUhhrV0BEQGNfQERII1tfUhomBwlJX3AWGgACa1dYQl9hUFZNXWJXX0U HTTP/1.1 
Host: atebilaterde.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.197.202
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfm3Yk2zaFAQExY7wiprg9fr5PYf534wtSf0BRnMLt3yDsiif7wM%2F5NmhrYhSqATKS0zh77ItuJnkm8VeisvaYofA6abXt%2FPAh73SO%2BdFCHVAmdaFglGYiK%2FMLhf2EaNEQIq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3ece37b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /cEpINFFfdStHbCkkJHIHJ3scYGI6Jx9iBzkuJX4wJQ88BAsmIW5AOBR3cQBoSHx8EiEZLnUFaVY5PFUlBTl1BXcZJC5bbFY8dQV/QGR5GmNWP3UFdwQ6KVNsQWw4QCUcd3kCZ0F9fgxoQ355BWk HTTP/1.1 
Host: atebilaterde.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.197.202
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JYWwy29tSKVLSlBhvC0qmFMrpWGpkTB55Qjui1hP4vofTP6KFMGehCndiIr8NB8U7z3ciy926rBVXcAWfN%2F1UsGqkQei%2BlQrlQD0dXpOi3OpTsWqZPuR9KDRZMIbvl%2FVchu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3eee5ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /imageads/007.gif HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-length: 286260
last-modified: Thu, 01 Apr 2021 04:06:40 GMT
vary: Accept-Encoding
etag: "606546d0-45e34"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   286260
Md5:    22cf30a617a5dd2c867ab79ac53e6e2f
Sha1:   6e9a4c81ff41c74252cd08f50977d38d1b97de84
Sha256: c42588d86df4e614bd8f60fef733e95b9a49b35668fe3f1294308bcd13c33eb8
                                        
                                            GET /bk1vVkhBcgwldTQIISApOB85Mh4KLjZnDl4VXmMmOAULNxApLkkiIQpwWGB8X3lecDgHKVJnbh05DiI9HXBecCEAKwBrbhhwXnh7WmNdbmZeaxpreUg5HzcvU3xJJjwaIVJnflh8WGBwV35bZ3pZ HTTP/1.1 
Host: atebilaterde.one
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.197.202
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2ByBpbL%2F8MCyi1DnO7MsJIVcwupt114pcX4%2FWjSPlV4caUU9UPksB3BqymCHNhavIAJSNFmx70mPURnwBv43pYSYBzPW7n5grRyiX4jUsNov0yYHH336HoH7VQ1ABG1Ad6og"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3efe6ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /media/img/b15.png HTTP/1.1 
Host: platform.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.3.107
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
content-length: 649
last-modified: Mon, 25 Jul 2022 09:43:33 GMT
etag: "62de65c5-289"
expires: Fri, 23 Sep 2022 09:44:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
cf-cache-status: HIT
age: 434622
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65whBkQ8ZLelsvKqfpmFzvrogp%2BkkfADRfF3V0dxqLPSpOkrKAEI1mc23aTbCYFvambUFEUL%2BaFb1aSxZh3hBVpzoAWzQPc2xaRE1V6zYhDnu7U5oSQxs%2FQJ17BW4HL%2F0jEF59wJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a407e521bfa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size:   649
Md5:    d832fb80c97ff291b952757bb98240d2
Sha1:   63732e61a0784ed68fde494f83e4686a5c4bf7fa
Sha256: 7b35c11af8accdb40a14303dd3ae2762a97d2527933c56b6c9be6da2d0d11943
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 10:28:54 GMT
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 21:53:49 GMT
Expires: Fri, 02 Sep 2022 21:53:48 GMT
Etag: "8ebc69fb277f03aca2dfc337426d2c7b3ab669e0"
Cache-Control: max-age=386093,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74249a404accb4f4-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1DE3AEB54079C2318052072DA1755F866645772CCDEFCD37FDA7D5CB7F37932C"
Last-Modified: Fri, 26 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2909
Expires: Mon, 29 Aug 2022 11:17:23 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive

                                        
                                            GET /2MURtT2dSKwMpWEUtCXJQB3Vcd1EXLh4gCUF5KQgLAAkcPAYDMiMqQUU+CXJXFygMIQAMYgghBAx1Sy4DU3lZaRNBKwZyEFwlGCIAWzAGPEFEJVAiCEstASMGFHYrekkBYV9/T0l1XGpUc2FffwtYKhg3QgN0FXdRbnJZalRzYV9/FUdhXg5eB2pdZkIDdA-oqBForSH0hA3Rcf1cAdFxqVQEiBD0CVysValV3fVthVxcxUH4 HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 597
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yignpI1mP4bYnOzxpC0_3CGMLYxbyQH6MUWpqP0LLBGuIBzcZbaDig==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (836), with no line terminators
Size:   597
Md5:    688e939b919438818315536e24418165
Sha1:   ecfafb7c88533c547bd8b061dc844ed53c59f518
Sha256: 27946b7461eb7873e0f38297392355170ab4a9a41141e588cef38b1c70294ee3
                                        
                                            GET /5cWdwNUwSCB5TcwUOFAh0RlFDBHRXDQNaIgFaB2YaNi48WRQwFyQCdR4NVkE2FVpAEyAQCRcIahQJEwh9VwYUV3FFQQRFIxpaB1gtBAoXXzgaFFZALUwKH08lHQsREH43Ul4FaUNXWE19QEJDd2lDVxxcIgQfVQd8CV9GanpFQkN3aUNXAkNpQiZJA2JBTl-UHfBYCE14jVFU2B3xAV0AEfEBCQgUqGBUVUyMJQkJzdUdJQBM5TFY HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 453
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0l1Xgw6eoJJF9znaib2iiSTmK9lTUXSP5IKq52XNIN4M__UO6QJ_eA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (603), with no line terminators
Size:   453
Md5:    a68fbd2de3368a802ba9bd9eb370733d
Sha1:   984fe99c8d1a22b9e9e682450bad9a8f1dec3813
Sha256: fe5f9b26b111149dd021c82921a4368aac832ea34034ad510272d5cb1af485ce
                                        
                                            GET /async.php?domainid=5593&sizeid=12&zoneid=6192&k=1661768934213 HTTP/1.1 
Host: platform.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.3.107
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkwfsjLlvgyN61RWfWjU3A5uzX1Ti75f8F6yu3SkmXC7nybPgwDJSs%2BcCAA93wV%2F%2FrJViKbVFT8wL02GDLXlAsBN%2F8EqWCiTMNZ9m4wt%2BporXTTDVly6pqS4s5PU78bFbUaHcaf5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a3f9d471bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (4445), with no line terminators
Size:   25458
Md5:    1d861f6bdc26c022a292618947c93e35
Sha1:   db09a54a55d1c29ba17f8298965c4c985519c761
Sha256: 8ee2cb3f735c5f7a1cb0d76b3874a629dbb0ae04b61ac9fe55ecba126c28f73d
                                        
                                            GET /3UFl0RmQzNhogWyQwEHtTZm1FclV2MwcpCiBkJiwWKDMEDR4dHgMKKHYtDiJZYH8YJwo3ZFIjCjNkRWAFNDtJckIkKRstWSc0FTMJNzMALRd2LBV7CT8jHSoIMXxGAFF+aVF0VHghRXdBYxtRdFQ8MBozHHVrRD5cZgZCckFjG1F0VCIvUXUlaW9adk11a0-QhATMyG2NWFmtEd1RgaER3QWJpEi8WNT8bPkFiH01wSmB/AXtV HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 609
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cRFUv4n2hKbaJWghhI6ccqEAvnPqdVXl0Qu5604Qy_J8dZBKoHkHdA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (837), with no line terminators
Size:   609
Md5:    05afa2a71dd23ad8325ce90e3aa8658c
Sha1:   14d1544409f2b406681ef54db76be04b41849b86
Sha256: 417ea676758f112a9ca5fa23da7e5f0451e82f22743850da96b2b94f5c67f047
                                        
                                            GET /PMkRORnlRKyAgRkYtKntABn12cE0ULj0pF0J5DBMsAyUNFxNDdw0FKnkUN2ANSCBzdl9eJSAhRBQhICVEA2IvIhsPcGgzGA8pITwQXigvY0t0cWB2XAB0Zj5IA2F9BFwAdCIvF0c8a3RJSnx4GU8GYX0EXAB0PDBcAQV3cFcCbWt0SVUhLS0WF3YIdEkDdH-53SQNhfHYfWzYrIBZKYXwAQARqfmAMD3U HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 193
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oYXMqLHi-UZWwZO-GQXjzP0Jtmk3kBAydI0i_L7jEMeypbtoFfmwPg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   193
Md5:    5eeb064c2ad0710ff481c70245b572b3
Sha1:   c530ec152b60222d2518153fb5f4ebb1c59f6625
Sha256: ee25469f2978187273134a2e5e0cf2922bb9d14b2ccf37cbe82ff2405d6daef8
                                        
                                            GET /xdm1kRVcVAgojaAIEAHhvRFhddGZQBxcqOQZQEnU9MR8sPzgSWUIxLRJQVGM7FwMDeHETAwd4ZlAMACdqQksQNTgdUBErMxMLDSsyEksRJGobAh4sOxoMQXcRQ0NUYGVGRRx0ZlNeJmBlRgENKyIOSFZ1L05bO3NjU14mYGVGHxJgZDdUUmtnX0hWdTATDg-8qckQrVnVmRl1VdWZTX1QjPgQIAiovU18ifGFYXUIwakc HTTP/1.1 
Host: dmmzkfd82wayn.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oulukdliketo.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.115
HTTP/2 200 OK
                                        
content-length: 358
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aGNQtJhpICG91uV5oluge89NDFqCKbUti0afehxSNQFq9qxo3lH4HQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (458), with no line terminators
Size:   358
Md5:    d0aa64a98a127edd0a5a7b445cb8984c
Sha1:   39a71529ed6d82445a2916b63d6db2038645ed73
Sha256: 994a877bd25def95ad05a5246bfb5b5c6ef9e6a22ff987dde0b4cafb0d5d4c28
                                        
                                            GET /rec?t=1&z=6192&uuid=e13953852275434585a42e2eeabaa4c5&p=28&g=NO&token=4a44335432&tbg=1661768934 HTTP/1.1 
Host: imp9.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.3.107
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
content-length: 599
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNK%2B4ZBzLRpfTSZtJ8BAYjYbsRPvMLGUQJ4%2By3i4On7OMhQUS593oDbQUA%2Bosck2rnv9ZRt1lt5qmVp%2FPRiIr57syHGGR3RT1K7Z57UxQIdUZGZkRpcL8uvBWNbw3MC8Gr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a407e541bfa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size:   599
Md5:    ca49a7e783b806a4e8576ea80346203d
Sha1:   6fe9d083221dae98f6c76f7121c37bc884b02d82
Sha256: 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4310
Cache-Control: 'max-age=158059'
Date: Mon, 29 Aug 2022 10:28:54 GMT
Last-Modified: Mon, 29 Aug 2022 09:17:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /themes/flow/frontend_assets/images/icons/favicon/apple-touch-icon-114x114.png HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-length: 951
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-3b7"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 114 x 114, 8-bit colormap, non-interlaced\012- data
Size:   951
Md5:    76852bc6b2c028db97322a74e85bd020
Sha1:   ed52fb4de0d51f93277bbaae42fa80ba5f92c31e
Sha256: 8a5ef2ef8440c17db1b1b539065ba4a887e07a2c508b79c2d1659512e9016884
                                        
                                            GET /themes/flow/frontend_assets/css/custom.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3577"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with CRLF line terminators
Size:   23393
Md5:    287e36357e599799dc872a2077b66e9c
Sha1:   96f64c4fd4f2cafb0bc3259ffdd44ce51283ad05
Sha256: d5cb76bc56967ced5fc02b648097048151355cbe224e6c91e1664c76f12ca870
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 10:28:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /a-ads-banners/387832/300x250?region=eu-central-1 HTTP/1.1 
Host: static.a-ads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         136.243.61.83
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
content-length: 66223
x-amz-id-2: 5rcokq0as66stUliQ5e+d5eQLkBcKmNcSfcGP9JILaQXQ5Qjv3j/S8OfEbWyz+FV5wS7uvdxcSM=
x-amz-request-id: PA1M4F5YP89VTJGM
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 May 2022 10:55:34 GMT
etag: "03fce28c37ff26b099bae15657539a0a"
cache-control: max-age=315360000
x-amz-version-id: E3RRIWAV_bACQkxfuOiHBnJygh0vnpzR
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   66223
Md5:    03fce28c37ff26b099bae15657539a0a
Sha1:   6ec42fabbc94c098c6a9ff43c9cd66547982c991
Sha256: 661ecab9a308497f006e0d49ecb59df7d706f1263dcebb9f3a44350f47efc153
                                        
                                            GET /utx?cb=got6FT6eTa82&top=megaup.net&tid=761186 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QeUGCEGbio5_nyiDfenxU4n21c1Ayfy3ZEOGHx8iWJQwuZfvYzqCnA==
X-Firefox-Spdy: h2

                                        
                                            GET /utx?cb=G3UN44CodMBO&top=megaup.net&tid=825911 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nvCzhxlgCQNPWG_aDR9NHUTMczWAlr7ivPNMgmA6kJ2ihY_tIIAWrg==
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 10:28:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /themes/flow/frontend_assets/images/icons/favicon/favicon.ico HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-47e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   279
Md5:    7ec5a55ea1727c63acc27a2c57da6b9a
Sha1:   a25b42d999e63a2466a33aaeaae6125fedfd40b7
Sha256: 48ec88619b2c113a507054ce2b0f95f47d85261c124bc0d4f1cde69a88e77945
                                        
                                            GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 10:28:54 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1258358444%3A1661768934690416&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXAvCcKhAKm6vv-82qL5_HwBvBvW56AieypJswVy7lWhESvJV8ZGC9pOIxs-Q88cRkFVGdYfA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-mLDE0IHvCx6U_UulkxHTkQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:3cv0DZNWBCY-tQ9c9Qjd61bnXQ363A:igDQTHWNjNJs6862;Path=/;Expires=Wed, 28-Aug-2024 10:28:54 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Size:   394
Md5:    a4bafd92586112ff1520dbd0abdd0b94
Sha1:   4796e2d9c5138f2c963705d4f886b3eb6f75400c
Sha256: 75d025949927daf7cf971de3f765f8efd05eade5528b653336899f56e9bb2429
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14574
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:54 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7505
x-amzn-requestid: 66ed5a9b-1b9c-40c4-b757-7c13e9dc6410
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitJxFFSIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f0b-24404d4f7a2cae8f4c3bcb97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:39:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UFJ0DtBufSFfM1vFxdagMV5tpP5ZEH2NbdduFvVM6sL7UVpdhSBhGQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:11:51 GMT
age: 44223
etag: "ec62fa681d45d696fc7308fede11cd16979594fd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7505
Md5:    ef5729bf444dd3cc7b8e7945187e09ee
Sha1:   ec62fa681d45d696fc7308fede11cd16979594fd
Sha256: 34d5df4a669399f171489c9cd0f90a53eea21c35c1ccd310df39cc356c9922cd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10319
x-amzn-requestid: 4f0cb1b4-c2a6-410a-965c-4cc72459484a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XhG-yG-eIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309eb91-58fb7017711dd2a56fe5ef79;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 10:01:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JcHN5unq1F9L9h2My0SFXdW-n06ebaRZ8jj0W0I67pTuddWWkJ9RkQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:44:40 GMT
age: 45854
etag: "66558c36958c9162188e7aeef27c38e0c4b37cdd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10319
Md5:    76021ba70733e8d4647f29e4c990180c
Sha1:   66558c36958c9162188e7aeef27c38e0c4b37cdd
Sha256: c5278295212999c6941d57d5cee8f4d33447302af0eb74985f5dae48434607c1
                                        
                                            GET /themes/flow/frontend_assets/css/All-stylesheets.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-153"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   562
Md5:    8fe3bf2607589700e7e92b558ca90e8e
Sha1:   bb3d30bad6fb22112a677def56a902dc63e4a7aa
Sha256: 7261a072ab79ba223d6e9401c97141795b53e903d0e1dfd72269695f4155a125
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10433
x-amzn-requestid: 30849103-3a8a-4b58-9d12-2e7d76054d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJ7wFd0IAMF2PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307237e-3d931fee17b392cc6785e73d;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:23:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DxyqrxwTW6jEwEMuxf4DjFp-UbJLnrFhSzYBXnSF8yjqJAc-qKlxYQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:45:17 GMT
age: 45817
etag: "ab86ca73ca4064306448863d32a1428a63df41a0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10433
Md5:    57d1f9745ba671f8688c7d96a041cd2b
Sha1:   ab86ca73ca4064306448863d32a1428a63df41a0
Sha256: d931268e003d82739af5c9ab9e91b11a892672c8ae82cbbb2f4b92a94cc2bddc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4310
Cache-Control: 'max-age=158059'
Date: Mon, 29 Aug 2022 10:28:54 GMT
Last-Modified: Mon, 29 Aug 2022 09:17:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69552f07-b9de-4cb2-b730-c824451bf466.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5917
x-amzn-requestid: 818217c8-522f-4022-98ca-78147982b168
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xf9FNFnFoAMFabg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63097554-035ea4a72013fe3f2bfd2e64;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 01:37:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ttcGqYEMiJ97m5QW1VvBlAE7NWrHLEatYSr9T4GPSORAC0Y_rQ-PiQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:01:34 GMT
age: 73316
etag: "bf6c85d1b9456c92f6ee970e305d2706316348d4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5917
Md5:    501a65215625c77065c3a986774700fc
Sha1:   bf6c85d1b9456c92f6ee970e305d2706316348d4
Sha256: c6024d2081497bb4106db16cfa5cf4ed05fd783c29e4ac0c5620202bd4f20068
                                        
                                            GET /utx?cb=wkzOWHWTidBk&top=megaup.net&tid=876318 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aAWPH8ZOZdncbaMWsa99rhPqYdeTMVXJlwMW9hMaH_9nwigUqTG6rw==
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11042
x-amzn-requestid: c92cef27-0a2c-4f5e-86b7-eafa048932b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgUlVFdJIAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63099aee-794a2c5c54fe181b5756e5f6;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 04:17:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9mkgh5wKAcOaXP3AGDltgHFx1eioExP7zqPee5KQugX9SjdEhMkjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:55 GMT
age: 46379
etag: "9d37dd425e3319fbb4248718f58371b43d513ce7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11042
Md5:    5e0dc790ca607928d609e38f37c012d0
Sha1:   9d37dd425e3319fbb4248718f58371b43d513ce7
Sha256: 7f8ce6d77cbb4be87fb06ffd8f72ae997e006b933382c44b8b4e0a61743f24e9
                                        
                                            GET /utx?cb=etNzk6B1Gt28&top=megaup.net&tid=764141 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZHrJ4OX5GXAnoYKLszRLFjCueWbxKJIziP2xJm4ci3SpYOhTJqXlpw==
X-Firefox-Spdy: h2

                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.exdynsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 297
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.246
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Mon, 29 Aug 2022 10:28:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://megaup.net
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (975), with no line terminators
Size:   735
Md5:    86210a1462e2282a33606bb11772342b
Sha1:   88e95cddab91571a2ec6c5cced4198830b7cb728
Sha256: 15cb2d6f4ec704f9cdc745ffd2bb85fe6cbd4b01bf32ae8f1ab033b9b7f00911
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7384
x-amzn-requestid: 8c864d07-cb4e-44db-85f0-ebea10e67aaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XV7EPG0mIAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6305721a-32398abd1da8b41f48b4755c;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 00:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6aiAJzrFSh5oLa_mpPgX71BUSwjCS0NoNruUV_4tSPwpnphPE2DWGA==
via: 1.1 759bceededb9469e75c24a46c03d64bc.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:49:06 GMT
age: 45588
etag: "0909d2250d8efc3093f15401713da4c74ba6707b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7384
Md5:    182339e49eb50a6d89fed9b4ac4bc39f
Sha1:   0909d2250d8efc3093f15401713da4c74ba6707b
Sha256: bc6fac01cec90f56f665671e2abab894752b9d8f1b1d5551e4d83cc53f0d4251
                                        
                                            GET /themes/flow/frontend_assets/js/custom/custom.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1420"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1464
Md5:    cef3c92a6d896dacd1668f98cab2586f
Sha1:   5c4d2a2a6d4020792ce671fa21add59610de1029
Sha256: d2c8064e39200b793faa19d6eadbf20c056c571b2b12562c7c5c6bd9a3f96762
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 10:28:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v3/signin/identifier?dsh=S-1274093997%3A1661768934737133&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVPmrKOyQ9B4tda2eugo67ZicNR0lpxnQtK7mmtTd4TG9NDLmg-t2JqCMTNozgAlltuVI78SQ HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 10:28:54 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-NZZASduwCCrNRV--hmgp3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=cbFK76tgW3yZOQDNxyU54CTn8yWC4LgHWgan_hFntlVkxQJa0gObUSmSb6b2DxgfuxVkBmpmOMXTS6aOb6-F5uOz9OmeuM3PsywJJDLMGBUrPip7xf4NC6FD6Iz4Z6LLdy8zIl7vaaIzFcMVQmkg_C678vKOvZ1kMwwoQBnNLXc; expires=Tue, 28-Feb-2023 10:28:54 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1644), with no line terminators
Size:   808
Md5:    3f45d48850640e0a21f935a6304447e1
Sha1:   2e46e502efabadb72f45f813e1adccad6773a9dd
Sha256: 6c7e07d745a0aa8961fb82ab7512682eb685b16980bde2eaf61df91576469f3c
                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAA01P7UoEMQx8FV9gl0mapu399reC4gNsu11/eQiecMI8vN09OcwQyCSTL4XqhDxpeYCfNJ+ischcMJvOMsjT8wtN+NHfl+/P+dwvDFJcQS8FllmCZXWauUl2RhGaFo/JaDkngYESGYgBjcFsj2YAwgy+vT4eLgPKAFw1joZjLQVKGwTXvbnXjJbaighJqUnfNq9JfGubodW+C//fiRtmiIZj+l9iPGBBTTnJnRiHgUd5+fo5N/IuvyHeBwhXl0VTLau76VoX7Y6+iPXafEk9/wK4bfeLVQEAAA== HTTP/1.1 
Host: syndication.exdynsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaup.net
Connection: keep-alive
Referer: https://megaup.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 29 Aug 2022 10:28:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4261
Cache-Control: 'max-age=158059'
Date: Mon, 29 Aug 2022 10:28:54 GMT
Last-Modified: Mon, 29 Aug 2022 09:17:53 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /utx?tid=832633&top=megaup.net&cb=sLdrNWC3YT0m HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 204 No Content
                                        
date: Mon, 29 Aug 2022 10:28:55 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 29 Aug 2022 10:29:55 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZK9KeKwrDFFqv4r54gBjghpXxaRsLbmUiTRpSE7MRFxMfYwvcoc4mg==
X-Firefox-Spdy: h2

                                        
                                            GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1 
Host: hw-cdn2.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         209.197.3.25
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 29 Aug 2022 10:28:55 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10638959
X-HW: 1661768935.dop066.sk1.t,1661768935.cds242.sk1.shn,1661768935.cds242.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (16885), with no line terminators
Size:   16885
Md5:    48c80c7c28b5b00a8b4ff94a22b72fe3
Sha1:   d57303c2ad2fd5cedc5cb20f264a6965a7819cee
Sha256: 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
                                        
                                            GET /get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7fS2XWzXaWqWayzWbfjivSyavjXimXXTd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps HTTP/1.1 
Host: a.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         66.254.114.171
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Mon, 29 Aug 2022 10:28:55 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KBmMMlOdLn1Lq+OZ0Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None; RNLBSERVERID=ded6974; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 630C94E6-42FE72AB01BBCF21-F1CE929
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14056
Md5:    fdc78b0f23ddadfc1f5696e8198d0f8f
Sha1:   3b3c1c55c369cbd0f7f51dbdd4fb21e0541c0d7b
Sha256: 3711099f707616dcce441de6c869d3ec6b5d03c8def476fd01dca07e410c0fde
                                        
                                            GET /a7/creatives/39/1393/805208/1028974/1028974_logo.png HTTP/1.1 
Host: hw-cdn2.ang-content.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.20
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 29 Aug 2022 10:28:55 GMT
Connection: Keep-Alive
ETag: "1649873991"
Content-Length: 15603
Last-Modified: Wed, 13 Apr 2022 18:19:51 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10552566
X-HW: 1661768935.dop018.sk1.t,1661768935.cds260.sk1.shn,1661768935.dop018.sk1.t,1661768935.cds227.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   15603
Md5:    2aaacb14c0816c811151f7e5ad369e9f
Sha1:   2b51b630dcbbdcd9cb0e9c298a5d4323de0f19f5
Sha256: c6f084bf2cbf871312c3c508455dfeff2bb11dc8909d98ab1a43897b16bedf4e
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: freychang.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.67.218.221
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1023
last-modified: Mon, 29 Aug 2022 10:11:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCv4mBw%2FweK4r2%2B1GAZTOsWYmrbWOlQ5L1wbG0rEpANUJiZvYGUZOz3UQptEK%2B9h37GIfNqHIE8sUdPk9KIVhCz26HStFpbrjBNhFbeU%2BdFl%2BX7p%2BSzRQx6OfQWQkoEG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a41be65b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   615436
Md5:    17493c848d7bb110bed9a5621303c093
Sha1:   f42c9583fd867d77a2c356e8b6247c8f84d867a2
Sha256: b19b27be843e11e95801f521c568f80d520f0e30d24abb280af45cb1a3f50b8c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "64BB69A2790182A23A43C9518D093690363F33C4E39BC1D1337222B4FA528C67"
Last-Modified: Sat, 27 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2588
Expires: Mon, 29 Aug 2022 11:12:03 GMT
Date: Mon, 29 Aug 2022 10:28:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "64BB69A2790182A23A43C9518D093690363F33C4E39BC1D1337222B4FA528C67"
Last-Modified: Sat, 27 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2588
Expires: Mon, 29 Aug 2022 11:12:03 GMT
Date: Mon, 29 Aug 2022 10:28:55 GMT
Connection: keep-alive

                                        
                                            GET /themes/flow/frontend_assets/fonts/raleway_bold.woff HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6; _ga=GA1.2.1846877274.1661768935; _gid=GA1.2.1534382630.1661768935; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:55 GMT
content-length: 31568
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7b50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31568, version 1.1\012- data
Size:   31568
Md5:    e0c4ac0e73196bd0469c5c33304b7773
Sha1:   bb071565f82907d117b0732dca8013409162c67d
Sha256: ff3bf3a4a1bf2b922157b18d0e8cddd95f2fc2dfe09c30a3ce67bc11a84c67af
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: freychang.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.67.218.221
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1023
last-modified: Mon, 29 Aug 2022 10:11:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkIwKaqeZcibr7VZGoNzhNG3Ey2YdUi3YKjDwK8u7Vc3%2FUxJBeHNPNZQDh1yKDDRfI2yh70wmyB6pWfHB1N1wBuN8LsuSumEzS9ai2MNLMJyYxitX4fKtXBeNSmBwoUG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a41be62b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   103964
Md5:    ecebafdffef2027d4786ec9b01801f17
Sha1:   f9d72f6632b0579682492c8b900e5f8ab3b4d8e0
Sha256: f2cf73761027c60a3abcefb60507648800bf46acfcd36fba6c3a9786c374d685

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: stellihandles.hair
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 388
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: stellihandles.hair
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 355
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /floater?cs=MkQ0cnYFdwNETwtxAkBDBnQCRk8&abt=0&red=1&sm=83&k=download%20file%20dance%20fire&v=0.8.9.0&sts=0&prn=0&emb=0&tid=825911&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=152.67175572519082&ref=https%3A%2F%2Fmegaup.net%2F17xok%2FA.Dance.of.Fire.and.Ice.v2.0.5.zip&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td5_oi1_&_ukxj=1661768934824&crc=1 HTTP/1.1 
Host: oulukdliketo.shop
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: text/plain
                                        
content-length: 3854
date: Mon, 29 Aug 2022 10:28:55 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://megaup.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=0c69f24b-ad5f-42e6-8de3-e391c10f99da
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PYT4MPCiXryFaqZcHCYr2J9kFoGBcaB62EZs3HXelAuZmzNos7VVFA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6439), with no line terminators
Size:   3854
Md5:    17e3f52c9e3f85cbf13d93c16acb5db5
Sha1:   a42dfe15ba364cca7f71580525f9bb0adc4877b3
Sha256: d54a4a3e89c3283e26194d7de99452c826f295b450c68c9ee839557359875fea
                                        
                                            POST / HTTP/1.1 
Host: stellihandles.hair
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://megaup.net
Content-Length: 354
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.22.28.167
HTTP/2 200 OK
                                        
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "2BAD5A74DA16025D8ACA0967C36E87EC039519E04B543B9000C27FE96284BCC7"
Last-Modified: Mon, 29 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1636
Expires: Mon, 29 Aug 2022 10:56:13 GMT
Date: Mon, 29 Aug 2022 10:28:57 GMT
Connection: keep-alive

                                        
                                            GET /sw.js?dURPbmwuZnddXkN3fExAV2ZjTApBIHZbXRAgYl1cRX1iWlRCImJWCkNxYlZdF30uWVsQdXoNCldobQ9dEHx9WFsXaS1dCENpew1bQ2l3XAhGaXdcCUx2eg9ZEXZ4Wk5ZZjwZTllmPBoJGSgmBg0bICMLH1ssLgceV2htX1xbcW1CChQoPAtAEyUjHQlZIi4CHxAZ HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6; _ga=GA1.2.1846877274.1661768935; _gid=GA1.2.1534382630.1661768935; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30036
Md5:    6a30bd747b2a6159b0359e6130b1353b
Sha1:   cc9df9590e7899807b80fcd540ec97d3b9264e4e
Sha256: 4885f42a12428bcf14f6c8572b1326c851d7ed8d4ec7155d8cc6d429e0eb2dd0
                                        
                                            GET /v3/signin/identifier?dsh=S1258358444%3A1661768934690416&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXAvCcKhAKm6vv-82qL5_HwBvBvW56AieypJswVy7lWhESvJV8ZGC9pOIxs-Q88cRkFVGdYfA HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 29 Aug 2022 10:28:54 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-GoSgLZs4XGc4YN6or1dwOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=jvb90ATc3GlBYMCn3cRE4QKhPSL1SyLnxWD0tVyMRMxzwvA4EO6SsU6sj_Hmw2XbVLTJ7KgeMN-EQ5PdOTaFnJTKOqlpYSbH5Uw7i14KlaqDRA9pXCA7OUDKt28NT5d_3V_zvQU7ahGRK5FgHlox2YoNpHd1whfoHtcdqaJ1OEQ; expires=Tue, 28-Feb-2023 10:28:54 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14068
Md5:    4799de09ef00ef031cf67f33eb3535f7
Sha1:   7b10bf303632a03b4c5ac5517c4f67d53928e15f
Sha256: 257fd594e165252596d3b53bf40cd83a12af43b33cc00c7bd8fba17459bd1fcb
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "2BAD5A74DA16025D8ACA0967C36E87EC039519E04B543B9000C27FE96284BCC7"
Last-Modified: Mon, 29 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20978
Expires: Mon, 29 Aug 2022 16:18:35 GMT
Date: Mon, 29 Aug 2022 10:28:57 GMT
Connection: keep-alive

                                        
                                            GET /n337/ad/250x250_hqCCg8Cm.png HTTP/1.1 
Host: static.serve-servee.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.24.67
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 29 Aug 2022 10:28:58 GMT
content-length: 88957
last-modified: Thu, 08 Apr 2021 13:54:09 GMT
accept-ranges: bytes
etag: "606f0b01-15b7d"
cache-control: max-age=86400
x-hw: 1661768937.cds215.sk1.h2,1661768937.cds203.sk1.c
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgHIM5xrKm6uxFArS9clB2vJWIOS2iFsuns0x%2FCM2mkhyyZMzDNHjNpYr8dfoXJz37BIbWawND%2Fz3Isll%2FEAvE7ofxv9sbkdWCZ0hN8sl3fFppHyXj4vK5E7tGuyksIUmpIki0zriqRXHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a5668e1b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size:   88957
Md5:    0994ec31361ea569c5549063145bfdd2
Sha1:   9b270e9f7a346a0f0f60a978e154f49740350270
Sha256: e4dbff1cf1f9750d68296737897eba9bd59ebdcb292015e87c3be61b5c242422
                                        
                                            GET /themes/flow/frontend_assets/fonts/raleway_medium.woff HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://megaup.net/themes/flow/frontend_assets/css/fonts.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6; _ga=GA1.2.1846877274.1661768935; _gid=GA1.2.1534382630.1661768935; _gat_gtag_UA_108868042_1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: font/woff
                                        
server: nginx
date: Mon, 29 Aug 2022 10:29:00 GMT
content-length: 31900
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-7c9c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 31900, version 1.1\012- data
Size:   31900
Md5:    1b285c8e5b7445a8e434b2cdf036bab2
Sha1:   c97d4772fbb5c5637d466b5f991bc7ec28830b32
Sha256: 09b979826f2ac158a63ba234042c66414c21282d0bb46eadc62c64a873778825
                                        
                                            GET /themes/flow/frontend_assets/js/sticky/jquery.sticky.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1099"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiMTM5MyIsInNpZCI6IjEwMDEyNDU2IiwibmlkcyI6IjU5MTUxIiwiZHluX2RtbiI6IiIsImNyaWQiOiIxMDI4OTc0Iiwic3YiOiI1NjQ4IiwicmVmX2RtbiI6Im1lZ2F1cC5uZXQiLCJleHRfY2lkIjoiIiwidHNuYW1lIjoiTUIiLCJjcmMiOiIxIiwiY24iOiIzMDBYMjUwX1BDX05US19QUVRfU0ZXIiwibmlkIjoiNTkxNTEiLCJleHRfcHViIjoiIiwiY3JwIjoiMTAwIiwidGlkIjoiMSIsIml0IjoiMjlcL0F1Z1wvMjAyMjoxMDoyODo1NSArMDAwMCIsImNjIjoiMyIsInNuY2lkIjoiOTUyOTkiLCJjaWQiOiIzNDMwMiIsImV4dF91aWQiOiIiLCJjcCI6IjU2LjA3Iiwic25jY2lkIjoiMTg3OTMzOSIsImlpZCI6ImZiYTQyYWMyYjZiMWU2NjM5YTg5MTg4NjdhM2NiODVmIiwiZXh0X2lpZCI6IiJ9?unique_view=1 HTTP/1.1 
Host: a.adtng.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10012456?time=1614803572912&apb=ooddNHdLHTPHNVS4ASOpprpmtrdTbbZNLTK6V1Esqp6pXVTTOpmdQ6ap0rpXSunqoppdRNTRPTO6iamieml0rpnSuldK6V0zpXSumc7fS2XWzXaWqWayzWbfjivSyavjXimXXTd0rv9.czijBuZznSuldK6V0rpXSuldK4Ps
Cookie: adtool_guid=Ch5KBmMMlOdLn1Lq+OZ0Ag==; RNLBSERVERID=ded6974
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         66.254.114.171
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Mon, 29 Aug 2022 10:28:55 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 630C94E7-42FE72AB01BBCF21-F1CE98D
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/rs-plugin/css/settings.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-ce4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/stylesheet.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6c82"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/zeroClipboard/ZeroClipboard.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3bd2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.fileupload-process.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.fileupload-validate.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-fea"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/global.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-d59"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/animations/animate.min.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-bc86"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/socialsider-v1.0/_css/socialsider-v1.0.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-8d4b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery-1.11.0.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1787d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/images/loading_small.gif HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
content-length: 184355
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: "60758f34-2d023"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.revolution.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-303b2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/isotope/custom-isotope.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: freychang.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.218.221
HTTP/2 200 OK
content-type: text/plain
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
set-cookie: csu=1070686427142118@1@1661768934; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Kv%2BgxVtUr3%2F9SWwKspDO%2FyWynNdKwDKtvnQKbr98cxuxZwRWyorC24YlZhXJ9YZpVEdOoJsFLj25TzumKMNnr5CCjVovfgfWdzr1cUzyFou1sU5vH2ProPUL3ZfMok0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74249a41be67b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /themes/flow/styles/font-icons/entypo/css/entypo.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45f5"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/load-image.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-9f2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sw.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:52 GMT
vary: Accept-Encoding
etag: W/"60758f38-12fe6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/bootstrap/bootstrap.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-71b6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/animation/jquery.appear.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-5c6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/bootstrap/bootstrap.min.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cc1b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: wtdrgHMX2bNQHekJzToDhVZ3XcmS5CsBaQpxBYYA3H2G7svmaWGPO7LuuWPb7HFUoWPPiuRVOZciikJ7A5PlKg==
date: Mon, 29 Aug 2022 10:28:54 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
vary: Accept-Encoding
set-cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6; expires=Tue, 30-Aug-2022 10:28:53 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.dataTables.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-10fe4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.tmpl.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3cb"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.fileupload.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-dbd4"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-59d6"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery-ui.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-6a684"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.iframe-transport.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-2427"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/SmoothScroll/SmoothScroll.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1cdf"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/canvas-to-blob.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-408"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/rs-plugin/js/jquery.themepunch.plugins.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-14cc1"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/isotope/jquery.isotope.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-3ead"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/retina/retina.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-52e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/gauge.min.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-45b8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/fonts.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-690"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /1811811?size=300x250 HTTP/1.1 
Host: ad.a-ads.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         136.243.61.83
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:54 GMT
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://megaup.net/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: freychang.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.67.218.221
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1023
last-modified: Mon, 29 Aug 2022 10:11:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuTVstpC%2BdKy4Hom2JVcVlMrAnfSlyZGz3Wr%2Fd44%2FVpCBeEpPRAkuuTCbcNkNqwhFuP8MZNPq9poSXjTNs82irSmONSQgRC825haZ9hFpNSe1Jypba%2F3MyiDL04SZK3C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a41ee92b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /asd100.bin HTTP/1.1 
Host: freychang.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Origin: https://megaup.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.67.218.221
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Mon, 29 Aug 2022 10:28:54 GMT
access-control-allow-origin: https://megaup.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1023
last-modified: Mon, 29 Aug 2022 10:11:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQi3lJkIcZE5X3AlGAxjSEU%2FYyYsd3MSzGxwQ5MvbRfMx5bREF2FQ0L7B%2BfBKCppB7nFCDg1LkXBCRwKL0K53xIEYlcEugm6L4ct68MgY5VupqKlON6kJSfAUeXUIHJ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74249a41be66b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ZWhTdkIeSiABHRAaP1R4RwAnAjIWUnxZLwAPMgMySwY2Am0WH30cMUdEcQUvA0ppR25HHDIRHQwMcUxgXVthQHFWSn9UMRAKDB8mV0ppVCRRDGpDcwAMfkVyVVF%2BQnpSDn5OJFNdfk5zB1EyQXUAWWYVJEcV HTTP/1.1 
Host: societingna.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         107.22.28.167
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
set-cookie: f35eec11e1a6c5136879f35d4c072427=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0fd-iRiLBg5ootd6kTC4JFPloXtXeAg"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/responsive.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-e56"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/styles/file-upload.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-21ec"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.fileupload-resize.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1f7f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/js/jquery.fileupload-ui.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-61ef"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/js/nav/jquery.nav.js HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-1547"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/isotope/isotope-style.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/themes/flow/frontend_assets/css/All-stylesheets.css
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-af3"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /themes/flow/frontend_assets/css/colors/flow.css HTTP/1.1 
Host: megaup.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://megaup.net/17xok/A.Dance.of.Fire.and.Ice.v2.0.5.zip
Connection: keep-alive
Cookie: filehosting=glq54ab5hhl2kgqk6add2l3oi6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         91.209.70.182
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:53 GMT
last-modified: Tue, 13 Apr 2021 12:31:48 GMT
vary: Accept-Encoding
etag: W/"60758f34-a83"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer, strict-origin-when-cross-origin
x-download-options: noopen
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---