nemesisrail.co.uk/
62.233.121.5301 Moved Permanently 261 B IP 62.233.121.5:0
ASN #20860 Iomart Cloud Services Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7023e8d69a3f297a68d750b91574fabb
a79906e1fb7ac84f4c39fe45215316cc2edf88e0
73a8dff3d0946e066aecbd8209367caecdcccc0628edc6e14ceaa166d4c612dc
GET / HTTP/1.1
Host: nemesisrail.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 04:18:55 GMT
Server: Apache/2.2.15 (CentOS)
Location: http://www.nemesisrail.com
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Tue, 06 Dec 2022 05:54:57 GMT
Date: Tue, 06 Dec 2022 04:18:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3414
Cache-Control: max-age=112158
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:18:55 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:28:13 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 03:20:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3514
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14891
Expires: Tue, 06 Dec 2022 08:27:06 GMT
Date: Tue, 06 Dec 2022 04:18:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pHR2yvPw+Vc3wajt+zk6qsmPxmKtkR5SCVYPN31ywvESetS8WC3Bc3guSdYd2P5jYKbcC/rrncs=
x-amz-request-id: 2NDY67J8VT723QM7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 03:46:57 GMT
age: 1918
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.nemesisrail.com/
80.66.202.127301 Moved Permanently 162 B IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Dec 2022 04:18:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.nemesisrail.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b9f2a90bb42e926cb3f26707c8673b3
0312f6b967317b9d0d56d7466c86cfdb45fb05d4
1db9a8b21a5a8376e5469986f3ffb449534ccb22678727b594a19458e7dedbcf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB9A8B21A5A8376E5469986F3FFB449534CCB22678727B594A19458E7DEDBCF"
Last-Modified: Sun, 04 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Tue, 06 Dec 2022 10:18:16 GMT
Date: Tue, 06 Dec 2022 04:18:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 04:11:20 GMT
cache-control: public,max-age=3600
age: 456
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
151.101.65.229200 OK 10 kB URL HTTP/2 cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (42862)
Hash 9813220cc7ce308c3b615177a704bf73
7ac45f0924a3723bb86b31191dd5181cdf6182e5
e899ddae1fc463f8f57aa9b3eb970526133124c47f27ace1255d261fab56f4cb
GET /npm/slick-carousel@1.8.1/slick/slick.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 04:18:56 GMT
age: 8339482
x-served-by: cache-fra19145-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10429
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
151.101.65.229200 OK 569 B URL HTTP/2 cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
IP 151.101.65.229:0
Hash 8089b828484e2269d5dcb1089c4004ba
9b61a0f5bf48ef08890dbae954ee9b5a90015d2c
35c1c8741af6e18aa88caca3d060e26808e1103a29b3ee0415ae3e3b648bcd09
GET /npm/slick-carousel@1.8.1/slick/slick.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 04:18:56 GMT
age: 22734068
x-served-by: cache-fra19155-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 569
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
151.101.65.229200 OK 866 B URL HTTP/2 cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
IP 151.101.65.229:0
Hash a0a41b7961c9098542a99b88aa0e8cb5
c19fd0e60b4fa3568ce433a70ae84b6a18eb9ff4
677339cc4ed8403c9531ba3f47d11a00412cd42dd13429414a44e622d46e2faa
GET /npm/slick-carousel@1.8.1/slick/slick-theme.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 04:18:56 GMT
age: 21177691
x-served-by: cache-fra19156-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 866
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:18:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2953
Cache-Control: max-age=117441
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:18:56 GMT
Etag: "638ddee8-117"
Expires: Wed, 07 Dec 2022 12:56:17 GMT
Last-Modified: Mon, 05 Dec 2022 12:07:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash c0fc9cb5cffb933db9bad8a49fb959c3
f47df948c2011914c2c77f5a871b68770d2c9601
ea0d43cc822237f8996d6b6a238a5362e0c845d84a57581210baaf00a879d7bd
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 04:18:56 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "599F53480ECBCB5E6D430BB4AFC8AEF2A74C29B1"
Expires: Tue, 06 Dec 2022 15:00:00 GMT
Last-Modified: Tue, 06 Dec 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1172
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7752386f48efb518-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3388
Cache-Control: max-age=107064
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:18:56 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:03:20 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.nemesisrail.com/upload/site/www/main/EZle2v38qJN5__size-1440-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/EZle2v38qJN5__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/EZle2v38qJN5__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/EZle2v38qJN5__size-1440-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/dRBXD4KZpzV2__size-1440-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/dRBXD4KZpzV2__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/dRBXD4KZpzV2__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/dRBXD4KZpzV2__size-1440-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/hDCcW09NGAMf__size-1440-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/hDCcW09NGAMf__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/hDCcW09NGAMf__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/hDCcW09NGAMf__size-1440-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.10200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.10:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:09:21 GMT
expires: Wed, 29 Nov 2023 11:09:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 580175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/XWMpToiZuJIA__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/XWMpToiZuJIA__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/XWMpToiZuJIA__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/XWMpToiZuJIA__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/uHfQhvpZILTe__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/uHfQhvpZILTe__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/uHfQhvpZILTe__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/uHfQhvpZILTe__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/TVDn9Hz7fkZl__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/TVDn9Hz7fkZl__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/TVDn9Hz7fkZl__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/TVDn9Hz7fkZl__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/JtOQjw8A1oY6__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/JtOQjw8A1oY6__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/JtOQjw8A1oY6__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/JtOQjw8A1oY6__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/9W7rycdQjN_3__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/9W7rycdQjN_3__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/9W7rycdQjN_3__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/9W7rycdQjN_3__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/site/www/main/asset/image/nemesis-rail-logo.jpg
80.66.202.127200 OK 35 kB URL HTTP/2 www.nemesisrail.com/site/www/main/asset/image/nemesis-rail-logo.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:04:15 17:44:28], baseline, precision 8, 542x160, components 3\012- data
Hash 7df7c745fd58b5ebc745fb9fdee0c264
7d026615a679608b036f05d4e55cd1a2ef6f2877
c777a30407ce1288f525d39858cf0d5f39fb0665782e26262ea42a41a92dd650
GET /site/www/main/asset/image/nemesis-rail-logo.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 35245
last-modified: Thu, 26 Aug 2021 09:32:15 GMT
etag: "61275f9f-89ad"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/8OLuliJxFCqQ__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/8OLuliJxFCqQ__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/8OLuliJxFCqQ__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/8OLuliJxFCqQ__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/YlcturFzmRDq__size-800-0-0.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/YlcturFzmRDq__size-800-0-0.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/YlcturFzmRDq__size-800-0-0.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/YlcturFzmRDq__size-800-0-0.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:18:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2953
Cache-Control: max-age=117441
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:18:56 GMT
Etag: "638ddee8-117"
Expires: Wed, 07 Dec 2022 12:56:17 GMT
Last-Modified: Mon, 05 Dec 2022 12:07:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
www.nemesisrail.com/cache/upload/site/www/main/EZle2v38qJN5__size-1440-600-1.jpg
80.66.202.127200 OK 101 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/EZle2v38qJN5__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 1440x600, components 3\012- data
Size 101 kB (101004 bytes)
Hash c23c29964f81ef9dc56f234220a4455a
b334f14fe32b104dc3511b19cdd3cc3dc65c0deb
cd70970dd805f60d17e2f0667bcfb7ee92c11c41d600c9927629085084e0b9c1
GET /cache/upload/site/www/main/EZle2v38qJN5__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 101004
last-modified: Sun, 24 Oct 2021 18:52:16 GMT
etag: "6175ab60-18a8c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/9W7rycdQjN_3__size-800-600-1.jpg
80.66.202.127200 OK 64 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/9W7rycdQjN_3__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash b45c7d1ed3f845abf599c03784dde0ad
6b7a342af2830e244e11345a0c5a61cffdfc7481
7cbf92d304b3f1c2660177664994b7f8838eb5f5896e44ed278516761f4463fe
GET /cache/upload/site/www/main/9W7rycdQjN_3__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 63868
last-modified: Thu, 06 Aug 2020 13:21:14 GMT
etag: "5f2c03ca-f97c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/core/shared/asset/lib/fresco/js/fresco/fresco.js
80.66.202.127200 OK 18 kB URL HTTP/2 www.nemesisrail.com/core/shared/asset/lib/fresco/js/fresco/fresco.js
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type ASCII text, with very long lines (65365)
Hash dc777a64df2dc649dee88247723c073a
508845411f6f7def007be62657c4cba09d2dbc77
b4f0f3cf05c1762d3a9b8bfd2071db43ea06d8e1fd63ba3aaac8dbb89c5b7961
Analyzer Verdict Alert fortinet Phishing
GET /core/shared/asset/lib/fresco/js/fresco/fresco.js HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: application/javascript
last-modified: Thu, 26 Aug 2021 09:31:35 GMT
etag: W/"61275f77-123f8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/rte0poa.css
23.36.76.122200 OK 889 B URL HTTP/2 use.typekit.net/rte0poa.css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash c3b5ab288b281e3ea13b4cc6260d8fd8
e4ea479730f3e0e2b72b9f74ddd84e2b50975bc9
42a6dceb85f8e014480f7df3072fd12bc3cafc0a9b1a218f95d8d2524fd4422d
GET /rte0poa.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 889
date: Tue, 06 Dec 2022 04:18:56 GMT
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/TVDn9Hz7fkZl__size-800-600-1.jpg
80.66.202.127200 OK 59 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/TVDn9Hz7fkZl__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash 51585d28107dcff0d40451620a8308de
ab541efee05db0dcb39b112a2d23b40cb565334d
e8a11b32c52d92d8020bc6dcfa497378fe1049a2a58951b687bd6634bc7ad036
GET /cache/upload/site/www/main/TVDn9Hz7fkZl__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 59070
last-modified: Sun, 24 Oct 2021 18:50:33 GMT
etag: "6175aaf9-e6be"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/XWMpToiZuJIA__size-800-600-1.jpg
80.66.202.127200 OK 85 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/XWMpToiZuJIA__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash cfcf2134ec13e12ae2b4b0a0dbe8f53f
37e586564685c155d98ebf8bb34a3ee2ffc0a48e
905b70314bac9a9908c74116d7457b81990344f09cb48e457409ed1b02ba8b95
GET /cache/upload/site/www/main/XWMpToiZuJIA__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 85420
last-modified: Thu, 06 Aug 2020 13:30:35 GMT
etag: "5f2c05fb-14dac"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/uHfQhvpZILTe__size-800-600-1.jpg
80.66.202.127200 OK 81 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/uHfQhvpZILTe__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash 2a1acdae93880cfc5ee321e486eee71f
91edf127dd7173eecc18a0025b20e32b90993be1
ec33eb5dd0dfea76d8f44fa5da175c0329105113a51a75b10bd62a79e05bdaea
GET /cache/upload/site/www/main/uHfQhvpZILTe__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 81427
last-modified: Thu, 06 Aug 2020 11:02:33 GMT
etag: "5f2be349-13e13"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/JtOQjw8A1oY6__size-800-600-1.jpg
80.66.202.127200 OK 86 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/JtOQjw8A1oY6__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash 4572376a10bd9dc3db920a41eb3d0f7c
36bcbb4f4877e9c4439d93d530d3827aae56d1ad
7b1a45ffcece0667084ab6fb50f1ec08abc888e8a7231e8f15a3830f93baefab
GET /cache/upload/site/www/main/JtOQjw8A1oY6__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 86286
last-modified: Thu, 06 Aug 2020 11:02:32 GMT
etag: "5f2be348-1510e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/8OLuliJxFCqQ__size-800-600-1.jpg
80.66.202.127200 OK 73 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/8OLuliJxFCqQ__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash a77e2aa13416b884a2c8cc1e315dcca2
a10ad9b6db42c35774bd3a114b339b61da8e32fb
cf52f4d89840a449033017b99c83cb2575c411d96c201a5249d380f2944bcc8f
GET /cache/upload/site/www/main/8OLuliJxFCqQ__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 73230
last-modified: Thu, 06 Aug 2020 11:02:33 GMT
etag: "5f2be349-11e0e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/dRBXD4KZpzV2__size-1440-600-1.jpg
80.66.202.127200 OK 134 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/dRBXD4KZpzV2__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 1440x600, components 3\012- data
Size 134 kB (134491 bytes)
Hash a3bb8d186c716f969603cfc8aed817d5
fbdd6e1b07611c8b9ed82914f1d55179ad16b43b
0dc57f481c2a9b258267a223db7700dded00a37cfef0d9acddd0184dfaa16c1b
GET /cache/upload/site/www/main/dRBXD4KZpzV2__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 134491
last-modified: Thu, 06 Aug 2020 11:02:32 GMT
etag: "5f2be348-20d5b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/hDCcW09NGAMf__size-1440-600-1.jpg
80.66.202.127200 OK 186 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/hDCcW09NGAMf__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 1440x600, components 3\012- data
Size 186 kB (185502 bytes)
Hash 83e1d8a1010ad4a5470a70436aa4c779
0ecf41c8e0f06f012867d0fc07bd2f3448f04d9c
d770aad15432e50d93d465ce911da0a605c5a84baeca34983fecf5acec2ec906
GET /cache/upload/site/www/main/hDCcW09NGAMf__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 185502
last-modified: Thu, 06 Aug 2020 11:02:31 GMT
etag: "5f2be347-2d49e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/YlcturFzmRDq__size-800-0-0.jpg
80.66.202.127200 OK 777 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/YlcturFzmRDq__size-800-0-0.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type PNG image data, 800 x 533, 8-bit/color RGBA, non-interlaced\012- data
Size 777 kB (776987 bytes)
Hash 55dd807366c35d955c6f5faff9391db8
7e0a128934095691bc70ebbe85362de9abcdb4f0
22eb00465db1c301b7f6f3169adf50a9a5c867ac4526a4d46024cf3f6c6721b0
GET /cache/upload/site/www/main/YlcturFzmRDq__size-800-0-0.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: image/jpeg
content-length: 776987
last-modified: Thu, 06 Aug 2020 11:02:33 GMT
etag: "5f2be349-bdb1b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=lcd3hnw&ht=tk&f=6801.6805.6806.9945.6808.6809.8415.8416.6846.6847.6848.6851.10879.10880.10881.10882.10883.10884.10885.10886.15586.15587.27069.27070.27073.27074.27884.27886.27956.28013.32874.32875&a=781123&app=typekit&e=css
23.36.76.122200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=lcd3hnw&ht=tk&f=6801.6805.6806.9945.6808.6809.8415.8416.6846.6847.6848.6851.10879.10880.10881.10882.10883.10884.10885.10886.15586.15587.27069.27070.27073.27074.27884.27886.27956.28013.32874.32875&a=781123&app=typekit&e=css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=lcd3hnw&ht=tk&f=6801.6805.6806.9945.6808.6809.8415.8416.6846.6847.6848.6851.10879.10880.10881.10882.10883.10884.10885.10886.15586.15587.27069.27070.27073.27074.27884.27886.27956.28013.32874.32875&a=781123&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Tue, 06 Dec 2022 04:18:56 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=rte0poa&ht=tk&f=17265.17267.17268.17269.17270.17271.17272.17273&a=781123&app=typekit&e=css
23.36.76.122200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=rte0poa&ht=tk&f=17265.17267.17268.17269.17270.17271.17272.17273&a=781123&app=typekit&e=css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=rte0poa&ht=tk&f=17265.17267.17268.17269.17270.17271.17272.17273&a=781123&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Tue, 06 Dec 2022 04:18:56 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.149.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.149.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ad3BA24vQhHHMZmm8jwJ7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 061u//88PQRDX5aIXDF9tbU9WFM=
use.typekit.net/af/61f808/00000000000000003b9b3d63/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.122200 OK 35 kB URL HTTP/2 use.typekit.net/af/61f808/00000000000000003b9b3d63/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 34576, version 1.0\012- data
Hash 05af74852008a596af1b18ac6f04bae0
829276ba8ef5d81eacabbbd6ee06960a4d0f8cac
dfb3ae4697aa8a31f37386a65dae907b063132a864157efadffdea5e6482bfbd
GET /af/61f808/00000000000000003b9b3d63/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nemesisrail.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 34576
etag: "ac5f07169afed1f853206bdc2309dfaf2c118db1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 06 Dec 2022 04:18:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/422d60/00000000000000003b9b3d67/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.122200 OK 34 kB URL HTTP/2 use.typekit.net/af/422d60/00000000000000003b9b3d67/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 34212, version 1.0\012- data
Hash 262de774c5a799b38960193aed053bdf
709027774cfa650edb3c2d2d2904481aa13b3c82
acdadd9b917f8a4f395d499de3d16b57400539eb78022b35c6a9c304402faafd
GET /af/422d60/00000000000000003b9b3d67/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nemesisrail.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 34212
etag: "4e6bbf222d840839472a8449ffe23ff5d61836c0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 06 Dec 2022 04:18:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/348732/00000000000000003b9b3d65/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
23.36.76.122200 OK 34 kB URL HTTP/2 use.typekit.net/af/348732/00000000000000003b9b3d65/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 34444, version 1.0\012- data
Hash d472c2a1d4afd5f2895c3b32e22b2c73
f9c1e955cf466157e0f006b422811c246d8b5377
da2b9e38b5005650374435d3b215090ca2390c7b96c1c30f975d67aea9800162
GET /af/348732/00000000000000003b9b3d65/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nemesisrail.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 34444
etag: "f79b39a253aa819d49c056767a8349a078dc7a5f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 06 Dec 2022 04:18:56 GMT
X-Firefox-Spdy: h2
www.nemesisrail.com/site/www/main/asset/image/footer.jpg
80.66.202.127200 OK 375 kB URL HTTP/2 www.nemesisrail.com/site/www/main/asset/image/footer.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2020:01:31 20:12:19], progressive, precision 8, 1440x970, components 3\012- data
Size 375 kB (375106 bytes)
Hash d1440256ea56ac4a58c193dce6881938
39e9fe91b17a3f81e1845ba3653bbb9b4b42417e
3394f42ccb6bf2d4c229428f506652644cd7bd622e90b72e8155bd8278c8e2d4
GET /site/www/main/asset/image/footer.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/site/www/main/asset/style/screen.css?v=3
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: image/jpeg
content-length: 375106
last-modified: Thu, 26 Aug 2021 09:32:15 GMT
etag: "61275f9f-5b942"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/gxCyQF4fO052__size-1440-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/gxCyQF4fO052__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/gxCyQF4fO052__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/gxCyQF4fO052__size-1440-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/_OZlPS6TiLpm__size-1440-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/_OZlPS6TiLpm__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/_OZlPS6TiLpm__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/_OZlPS6TiLpm__size-1440-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/c_1Abq7FRNCH__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/c_1Abq7FRNCH__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/c_1Abq7FRNCH__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/c_1Abq7FRNCH__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/AS73uH68yhJT__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/AS73uH68yhJT__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/AS73uH68yhJT__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/AS73uH68yhJT__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/UKxE_FAi0QYo__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/UKxE_FAi0QYo__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/UKxE_FAi0QYo__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/UKxE_FAi0QYo__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/gxCyQF4fO052__size-1440-600-1.jpg
80.66.202.127200 OK 132 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/gxCyQF4fO052__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 1440x600, components 3\012- data
Size 132 kB (131491 bytes)
Hash d745eb5a78864fcd9eb8ea136f4b6893
1a54c7ba5429a8c4895213c3c6b833f7ddef76c0
9b634a6f0421704c9165f3d4a75f44cdd74e4f8be31208a9371f274c1831578d
GET /cache/upload/site/www/main/gxCyQF4fO052__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: image/jpeg
content-length: 131491
last-modified: Thu, 06 Aug 2020 11:02:32 GMT
etag: "5f2be348-201a3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/_OZlPS6TiLpm__size-1440-600-1.jpg
80.66.202.127200 OK 114 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/_OZlPS6TiLpm__size-1440-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 1440x600, components 3\012- data
Size 114 kB (113668 bytes)
Hash d6a103ff0c70147f8d041ca638752acf
6f8e51b87f8255fb973032e2f0e7b28b474f2a8b
bbf8ea178b7820f9c2c4fa0e0b472b82767229e3a6f191faf8616f9440bdb572
GET /cache/upload/site/www/main/_OZlPS6TiLpm__size-1440-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: image/jpeg
content-length: 113668
last-modified: Thu, 06 Aug 2020 11:02:31 GMT
etag: "5f2be347-1bc04"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/c_1Abq7FRNCH__size-800-600-1.jpg
80.66.202.127200 OK 78 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/c_1Abq7FRNCH__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash 91b6817f39adfcacb0deac9948686a69
7419a9a7ae319a5b91916d0798c60629172bbcd4
038d4dfdbadbc415734f455651704e2b58b6d87316579563fafa8bc290f295ea
GET /cache/upload/site/www/main/c_1Abq7FRNCH__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: image/jpeg
content-length: 78302
last-modified: Thu, 06 Aug 2020 11:02:32 GMT
etag: "5f2be348-131de"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/UKxE_FAi0QYo__size-800-600-1.jpg
80.66.202.127200 OK 76 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/UKxE_FAi0QYo__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash d56f14f7cde382f26cfb79439f29954f
8a141c15fb3b8991e070de80fd82f9e9a67d4e93
dd32fcab953bf3cdaf8da0d97a8efb6143cdeabe3532c050721a62149d26eb9f
GET /cache/upload/site/www/main/UKxE_FAi0QYo__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: image/jpeg
content-length: 76185
last-modified: Thu, 06 Aug 2020 11:02:32 GMT
etag: "5f2be348-12999"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/AS73uH68yhJT__size-800-600-1.jpg
80.66.202.127200 OK 70 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/AS73uH68yhJT__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash adc030587efed0ad0f7b69dd34adba88
fe5335cd27288daf6d6bb5bc3e2edcc143d60170
2d0ce0f462970dd12e4f9e5e783ba7dc56197262a6df58b2f84261918870309a
GET /cache/upload/site/www/main/AS73uH68yhJT__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: image/jpeg
content-length: 69680
last-modified: Thu, 06 Aug 2020 11:02:32 GMT
etag: "5f2be348-11030"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nemesisrail.com/upload/site/www/main/Wo0nV6MTvZyl__size-800-600-1.jpg
80.66.202.127302 Found 0 B URL HTTP/2 www.nemesisrail.com/upload/site/www/main/Wo0nV6MTvZyl__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/site/www/main/Wo0nV6MTvZyl__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: /cache/upload/site/www/main/Wo0nV6MTvZyl__size-800-600-1.jpg
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
www.nemesisrail.com/cache/upload/site/www/main/Wo0nV6MTvZyl__size-800-600-1.jpg
80.66.202.127200 OK 82 kB URL HTTP/2 www.nemesisrail.com/cache/upload/site/www/main/Wo0nV6MTvZyl__size-800-600-1.jpg
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 78", baseline, precision 8, 800x600, components 3\012- data
Hash f0842f790a43c5e151f488251b0dd796
353bdf919237d111c539fc2b10163583df8ba47d
abd6ce1085c6b0c1c95ee8146fd70d4fc385eac756e6122c8da207bbb0ea8bc8
GET /cache/upload/site/www/main/Wo0nV6MTvZyl__size-800-600-1.jpg HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nemesisrail.com/
Connection: keep-alive
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: image/jpeg
content-length: 82022
last-modified: Thu, 06 Aug 2020 11:02:32 GMT
etag: "5f2be348-14066"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14714
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 04:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14714
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 04:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14714
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 04:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14714
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 04:18:58 GMT
Connection: keep-alive
www.nemesisrail.com/
80.66.202.127200 OK 11 kB IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (632)
Hash e13ba334a9d317f3b0d56d9fb6b8e7f8
bf926bcb9094562858950f36eb720c1d1f95a7fc
cd1dfdf81dbfc6645571d2343b9ac956e2e89a8372e4b4a0619049eca6bd9d7d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk; path=/
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 21192
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.10.2/css/all.css
172.64.133.15200 OK 19 kB URL HTTP/2 use.fontawesome.com/releases/v5.10.2/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (56331)
Hash d66117a02e6d1012d5ec5c2cf5da752c
9aa669ead47d4151a207816008e6ea4a2ee6e904
344c4309ae7b64c08528e77980392a3e1ff3cae5f3234739d09b451b82f2257f
GET /releases/v5.10.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/css
x-amz-id-2: Ff3LS2GTW1hjaJDVrUlnnJdQ45BtQCHYSmzeCqJYWJOv+2k9ZwRNuY+njZF8mHNavLtDwnVh+40=
x-amz-request-id: QZV1FNGNF6TCTYT0
last-modified: Wed, 30 Jun 2021 15:36:08 GMT
etag: W/"164a58dcca37a5b00c22e06ee8e2fc68"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 832016
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EvNBO%2BCU8jsFEUMyUEYSWexnMbmFLsm8BpLINvquKvrJt%2FaKKNJA%2FLinkNeukNi6DqxokbXpo0pZHGjQ1er6hzjjxLbgJ88I4bXiiw0aKv1lhL49mY31KHGKrKqt9PIauoGb%2Fzm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7752386f694d7309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JVEVoNv1w1lqFYG0M8v2GK92-1MfPxn8SnZv5JZitWWEDuXJ4DwmqQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:41 GMT
age: 23417
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 23097
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bWcuXixVA50JUynSO7ar3nWfjsTa5iOteSYq88bWPlQvz__1qfv7Uw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 23829
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nemesisrail.com/core/shared/asset/lib/fresco/css/fresco/fresco.css
80.66.202.127200 OK 0 B URL HTTP/2 www.nemesisrail.com/core/shared/asset/lib/fresco/css/fresco/fresco.css
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
GET /core/shared/asset/lib/fresco/css/fresco/fresco.css HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/css
last-modified: Thu, 26 Aug 2021 09:31:34 GMT
etag: W/"61275f76-8be7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.nemesisrail.com/site/www/main/asset/style/screen.css?v=3
80.66.202.127200 OK 0 B URL HTTP/2 www.nemesisrail.com/site/www/main/asset/style/screen.css?v=3
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
GET /site/www/main/asset/style/screen.css?v=3 HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:18:56 GMT
content-type: text/css
last-modified: Thu, 26 Aug 2021 09:32:16 GMT
etag: W/"61275fa0-b283"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.nemesisrail.com/favicon.ico
80.66.202.127404 Not Found 0 B URL HTTP/2 www.nemesisrail.com/favicon.ico
IP 80.66.202.127:0
ASN #61323 Ukfast.net Limited
GET /favicon.ico HTTP/1.1
Host: www.nemesisrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nemesisrail.com/
Cookie: PHPSESSID=5caiuv3mplbf01k89fqfgvhejk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 06 Dec 2022 04:18:57 GMT
content-type: text/html
last-modified: Thu, 06 Aug 2020 09:51:05 GMT
etag: W/"401-5ac326d42f440"
content-encoding: br
X-Firefox-Spdy: h2