hexrom.com/wp-content/uploads/2021/08/pintres.jpg
172.67.71.40200 OK 1.6 kB URL GET HTTP/2 hexrom.com/wp-content/uploads/2021/08/pintres.jpg
IP 172.67.71.40:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type JPEG image data, progressive, precision 8, 69x66, components 3\012- data
Hash 6e66071840a242a50a4fc5e58fc415ca
b4882db93e21a4af3ff1c58d845507421ad1763d
38e1a961a7a32b9b37f285bf39f983eeed249c252646a0196af58b63e648643d
GET /wp-content/uploads/2021/08/pintres.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: image/jpeg
content-length: 1628
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2459, status=webp_bigger
expires: Sat, 24 Feb 2024 23:54:31 GMT
last-modified: Tue, 03 Aug 2021 20:27:53 GMT
cf-cache-status: HIT
age: 7423225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKcX01TPYUVb2AeG0C6WFTMVLPwzL6JStfhM00UkCex5TOy%2FA9cqxxMCZCbj2QgF%2FfbouZB%2BF36Eo%2BImgwRgt4S1LF9nM6DRsf%2BS7pP4O%2B585bu7VXL1s0hVbpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26ddcdf5b51e-OSL
X-Firefox-Spdy: h2
hexrom.com/wp-content/uploads/2021/08/facebook.jpg
172.67.71.40200 OK 936 B URL GET HTTP/2 hexrom.com/wp-content/uploads/2021/08/facebook.jpg
IP 172.67.71.40:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 69x66, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e9af706e4d2b025f56fcc01c3b1ef05d
af5abfb85ab77469b31a9d2a04a5520e13ca401a
4b24518411ac442923f59fde93a95d401237ca1a1cdabc3e7764a20d831897ee
GET /wp-content/uploads/2021/08/facebook.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: image/webp
content-length: 936
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=1883
content-disposition: inline; filename="facebook.webp"
vary: Accept
expires: Fri, 22 Mar 2024 05:51:57 GMT
last-modified: Tue, 03 Aug 2021 20:27:56 GMT
cf-cache-status: HIT
age: 164721
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwixcgJv4g1Q6nKwTVD1BvJHy5J4z%2BtYd3bZioCL5Eq5tadhAHfcRSicq7%2F8%2BRMPsnRZN65%2BK%2B0r%2By%2F9D0%2Bi3xDWZsT25UqY%2FozDme%2FbiNJ%2F%2BDpOQqYNJ7v3VEQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26ddcdf0b51e-OSL
X-Firefox-Spdy: h2
hexrom.com/wp-content/uploads/2021/08/youtube.jpg
172.67.71.40200 OK 1.8 kB URL GET HTTP/2 hexrom.com/wp-content/uploads/2021/08/youtube.jpg
IP 172.67.71.40:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type JPEG image data, progressive, precision 8, 69x66, components 3\012- data
Hash 82e88404e6df58404ee6e9e51b6db27c
6866d72258a67ceee05ba1ec16bbaec2889d3a61
31b1a3e93df2b7bb083443cff0b2ce51299eacdd0ddf4417dc19066d7ecc1ad4
GET /wp-content/uploads/2021/08/youtube.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: image/jpeg
content-length: 1764
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2604, status=webp_bigger
expires: Sat, 24 Feb 2024 23:54:31 GMT
last-modified: Tue, 03 Aug 2021 20:27:54 GMT
cf-cache-status: HIT
age: 7423225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33OeaVWvrRM58bU8on9sPu4OwPSrvR8TtAkqUqbhn2wAwKFHkrY%2FeBjqHRY65H2ZOt%2BfoctvpKL0BTTslG1LoudIQk2fGpoGIVGzpBWM1Qlk8qzRgAD0gmHVAHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26ddcdf3b51e-OSL
X-Firefox-Spdy: h2
d2bkkt3kqfmyo0.cloudfront.net/?tkkbd=938621
54.230.245.98200 OK 116 kB URL GET HTTP/2 d2bkkt3kqfmyo0.cloudfront.net/?tkkbd=938621
IP 54.230.245.98:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (589)
Size 116 kB (115800 bytes)
Hash f3d8fb1f79f0e126ce6ebf4e1b2d690f
4118e996ae0cd3a0c4659560d9d750cd1f38e9e0
dc13c2c935db0128f85f147e1bd7b9e2e0ad596fca78e315f8b3b451fc4d5e6e
GET /?tkkbd=938621 HTTP/1.1
Host: d2bkkt3kqfmyo0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 115800
date: Sun, 21 May 2023 16:21:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XsrLagM87w2mne3YWqEKE7h73Ocyf29DgKDm_g60YVYhFhWsRYTiZw==
X-Firefox-Spdy: h2
kerattogeist.com/trNzG3CDv2oE/56669
23.109.82.29200 OK 25 B URL GET HTTP/1.1 kerattogeist.com/trNzG3CDv2oE/56669
IP 23.109.82.29:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerLet's Encrypt
Subjectkerattogeist.com
Fingerprint74:A1:6F:D1:91:D6:5F:A9:93:EC:A4:1E:1D:73:56:5C:4D:A5:4B:67
ValidityTue, 25 Apr 2023 00:17:02 GMT - Mon, 24 Jul 2023 00:17:01 GMT
File type ASCII text, with no line terminators
Hash f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
Analyzer Verdict Alert fortinet Malware
GET /trNzG3CDv2oE/56669 HTTP/1.1
Host: kerattogeist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 16:21:20 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hexrom.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 22-May-2023 16:21:20 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Mon, 22-May-2023 16:21:20 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
pyrincelewasgild.info/YlhDMFgDOiBdZwNlIRYtEDR+FWokfXF2PFA6KFssUTMyVjUbN3MeOw43NlQ+EDctRHYMPTcVaiQOIl0KEToEeRIhLwp7ADBsDXMeJDoUZiADAC9+FSYwe3QcICgZcjENNAtjEVAPOnE3NyAkVxYhbAxzaA0PBnEaMAAGYR8gCQp8AFIvAXE/Wz4UABEsGwJyADcdLGkdBQ0TZQoRDQdyHQcZEmEMJgo3ex4VLBlxCS8BAkc/IxwWVAErNC9zDQlhFGgdMzkUAQ4oADpyCDQ0NHEbFQkRdh0OCRRYIDcPKQE7Nx0vVhEnYRRoGlYNFwE7FgAVegwxNG5IHjBpK2UbFTMBcQkWEhtZCjsOBQE7NzQ3ZQA3NBJnPyseC1c7Lxs7YhI3GztmADRpDmczKwIWZhVEMjBfNhJlKXYfFR4ZBxogbzd8DiYyJA
54.230.111.74200 OK 1.2 kB URL GET HTTP/2 pyrincelewasgild.info/YlhDMFgDOiBdZwNlIRYtEDR+FWokfXF2PFA6KFssUTMyVjUbN3MeOw43NlQ+EDctRHYMPTcVaiQOIl0KEToEeRIhLwp7ADBsDXMeJDoUZiADAC9+FSYwe3QcICgZcjENNAtjEVAPOnE3NyAkVxYhbAxzaA0PBnEaMAAGYR8gCQp8AFIvAXE/Wz4UABEsGwJyADcdLGkdBQ0TZQoRDQdyHQcZEmEMJgo3ex4VLBlxCS8BAkc/IxwWVAErNC9zDQlhFGgdMzkUAQ4oADpyCDQ0NHEbFQkRdh0OCRRYIDcPKQE7Nx0vVhEnYRRoGlYNFwE7FgAVegwxNG5IHjBpK2UbFTMBcQkWEhtZCjsOBQE7NzQ3ZQA3NBJnPyseC1c7Lxs7YhI3GztmADRpDmczKwIWZhVEMjBfNhJlKXYfFR4ZBxogbzd8DiYyJA
IP 54.230.111.74:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Hash 57c02b91825afbe23b0bf70f04274b8f
afe8919b391c82577cd09caa6edb21d199a1b725
3fffcdca4260a502067d82f3f02b1fae7c069a471503899fa3d3adb9b75b44c4
GET /YlhDMFgDOiBdZwNlIRYtEDR+FWokfXF2PFA6KFssUTMyVjUbN3MeOw43NlQ+EDctRHYMPTcVaiQOIl0KEToEeRIhLwp7ADBsDXMeJDoUZiADAC9+FSYwe3QcICgZcjENNAtjEVAPOnE3NyAkVxYhbAxzaA0PBnEaMAAGYR8gCQp8AFIvAXE/Wz4UABEsGwJyADcdLGkdBQ0TZQoRDQdyHQcZEmEMJgo3ex4VLBlxCS8BAkc/IxwWVAErNC9zDQlhFGgdMzkUAQ4oADpyCDQ0NHEbFQkRdh0OCRRYIDcPKQE7Nx0vVhEnYRRoGlYNFwE7FgAVegwxNG5IHjBpK2UbFTMBcQkWEhtZCjsOBQE7NzQ3ZQA3NBJnPyseC1c7Lxs7YhI3GztmADRpDmczKwIWZhVEMjBfNhJlKXYfFR4ZBxogbzd8DiYyJA HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1182
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BVu_1WADR7KZ-3LRapUo1G4Jm9tTC5CP0MgupZdObdCpwuOMfJ10Aw==
X-Firefox-Spdy: h2
rdreamsofcryin.info/M3REM3IcSydAT1BEPEURexAFVkNpNhVYOAUjAV8iYiwoaiADJWJHG1dJfQBKBUZ1FQJaEHkCVEAAJUcHQEl1FRtdEisOVEVJdR1BB1p3AVwBUjEOQxUANFIVDkViQwZHGHkCRAtAcgtEA0N9CkYH
172.67.186.81204 No Content 0 B URL GET HTTP/2 rdreamsofcryin.info/M3REM3IcSydAT1BEPEURexAFVkNpNhVYOAUjAV8iYiwoaiADJWJHG1dJfQBKBUZ1FQJaEHkCVEAAJUcHQEl1FRtdEisOVEVJdR1BB1p3AVwBUjEOQxUANFIVDkViQwZHGHkCRAtAcgtEA0N9CkYH
IP 172.67.186.81:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subjectrdreamsofcryin.info
Fingerprint16:FC:0A:E4:63:1A:6A:7A:56:55:9C:1B:36:6F:21:55:32:72:7E:F5
ValidityFri, 05 May 2023 13:44:13 GMT - Thu, 03 Aug 2023 13:44:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /M3REM3IcSydAT1BEPEURexAFVkNpNhVYOAUjAV8iYiwoaiADJWJHG1dJfQBKBUZ1FQJaEHkCVEAAJUcHQEl1FRtdEisOVEVJdR1BB1p3AVwBUjEOQxUANFIVDkViQwZHGHkCRAtAcgtEA0N9CkYH HTTP/1.1
Host: rdreamsofcryin.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgR9c6Q4N942WbNTnXSsMqEELUoEYdoQDPUWiCgXXXOnIEP0DxincS85ZsaFkjv3W7xkB%2F%2BUx9HPT%2BPR7ITET6nh5259etD%2BihvL7VaVqXXF2UvgXNzD5qmGoBPtCtfIvU2Go1qq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26dfea141bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pyrincelewasgild.info/SWM1eDQoAVYVCyheV15BOw8IXQYPRgc+UHsBXhNAeghEHlkwDAVWVyUMQBxSOwxbDBonBkFdBg87YxJ2fzdiTAURG2QKYRopbzBaCztsH1AKBVkQQx4EXhF1Cjp7MHAqF3xJZT4GBCFMLSF8HHszWgIgcCI2eB8FAgJCMQcRCwQPZw0tUD9sCwVWPnEsLwQ2XQ8EAUF1HVN7PGA6KnxIfREoTRsReyVnSUN9JwcMUA83VjB7JRRXGXI+MncuZnAwByl1HAljHm4xNX88BD0IdDptIiJ2Nn0RUAwdeC4LeD1YIQpzLV8ZMAcpdQonQTRuESV5HmItV3Q+GQcMbT9uEStMTHIGMWMxd3gbWDlhOVptSm0LOwZBUQQlXjF/CAQAK3JwRgc+fw4AdysGBwZWPWIBBXReXjoMWwgJLxl2DVADVQ0fcCEzYBF/
54.230.111.74200 OK 1.2 kB URL GET HTTP/2 pyrincelewasgild.info/SWM1eDQoAVYVCyheV15BOw8IXQYPRgc+UHsBXhNAeghEHlkwDAVWVyUMQBxSOwxbDBonBkFdBg87YxJ2fzdiTAURG2QKYRopbzBaCztsH1AKBVkQQx4EXhF1Cjp7MHAqF3xJZT4GBCFMLSF8HHszWgIgcCI2eB8FAgJCMQcRCwQPZw0tUD9sCwVWPnEsLwQ2XQ8EAUF1HVN7PGA6KnxIfREoTRsReyVnSUN9JwcMUA83VjB7JRRXGXI+MncuZnAwByl1HAljHm4xNX88BD0IdDptIiJ2Nn0RUAwdeC4LeD1YIQpzLV8ZMAcpdQonQTRuESV5HmItV3Q+GQcMbT9uEStMTHIGMWMxd3gbWDlhOVptSm0LOwZBUQQlXjF/CAQAK3JwRgc+fw4AdysGBwZWPWIBBXReXjoMWwgJLxl2DVADVQ0fcCEzYBF/
IP 54.230.111.74:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Hash 0f06182400aa8752e68ae8eaa01c6854
bd026d292cd200a0382a9cbcf108a01ad48c5f90
5703cb3a5826fb4e058790f651a665a5128e42b77e001238db0166b6ded7371a
GET /SWM1eDQoAVYVCyheV15BOw8IXQYPRgc+UHsBXhNAeghEHlkwDAVWVyUMQBxSOwxbDBonBkFdBg87YxJ2fzdiTAURG2QKYRopbzBaCztsH1AKBVkQQx4EXhF1Cjp7MHAqF3xJZT4GBCFMLSF8HHszWgIgcCI2eB8FAgJCMQcRCwQPZw0tUD9sCwVWPnEsLwQ2XQ8EAUF1HVN7PGA6KnxIfREoTRsReyVnSUN9JwcMUA83VjB7JRRXGXI+MncuZnAwByl1HAljHm4xNX88BD0IdDptIiJ2Nn0RUAwdeC4LeD1YIQpzLV8ZMAcpdQonQTRuESV5HmItV3Q+GQcMbT9uEStMTHIGMWMxd3gbWDlhOVptSm0LOwZBUQQlXjF/CAQAK3JwRgc+fw4AdysGBwZWPWIBBXReXjoMWwgJLxl2DVADVQ0fcCEzYBF/ HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: edl0G4qv6kMCUS45m3VaSAImJUhZ7XrhNQjT5MsBxG40Ot-efTZHBA==
X-Firefox-Spdy: h2
rdreamsofcryin.info/NnFKaU8ZTikacngbGCIBBzQCKHwCMBMeLHgXPVwmdzB7UQtbIGwdJlJMc114DkJ8Tz9fFXdYaUUFKx06RUx7TyZYFyVUaUBMe0d8Al95W2EEVz9UfhAFOggoC0BsGTtCHXdYeQ5FfFF5BkZzUHkD
172.67.186.81204 No Content 0 B URL GET HTTP/2 rdreamsofcryin.info/NnFKaU8ZTikacngbGCIBBzQCKHwCMBMeLHgXPVwmdzB7UQtbIGwdJlJMc114DkJ8Tz9fFXdYaUUFKx06RUx7TyZYFyVUaUBMe0d8Al95W2EEVz9UfhAFOggoC0BsGTtCHXdYeQ5FfFF5BkZzUHkD
IP 172.67.186.81:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subjectrdreamsofcryin.info
Fingerprint16:FC:0A:E4:63:1A:6A:7A:56:55:9C:1B:36:6F:21:55:32:72:7E:F5
ValidityFri, 05 May 2023 13:44:13 GMT - Thu, 03 Aug 2023 13:44:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NnFKaU8ZTikacngbGCIBBzQCKHwCMBMeLHgXPVwmdzB7UQtbIGwdJlJMc114DkJ8Tz9fFXdYaUUFKx06RUx7TyZYFyVUaUBMe0d8Al95W2EEVz9UfhAFOggoC0BsGTtCHXdYeQ5FfFF5BkZzUHkD HTTP/1.1
Host: rdreamsofcryin.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRo6w9eDanFO3D68hhWZucucXz%2Fy1%2Bnk28MT03ywcttMMveakbOynIiL56q8XWR%2F8kA2rNojFxS7KaO05dyZv4AkWlN%2FlAN8TukzczMnzdMbWtdZw63ZlIqB6XSDquB%2BanBzgLpB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26dfea201bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pyrincelewasgild.info/RUhETXAkKicgTyR1JmsFNyR5aEIDbXYLFHcqLyYEdiM1Kx08J3RjEyknMSkWNycqOV4rLTBoQgMZJyAYdhx3DCIHMC89JDIRBghDDwIVGzYHLREPJQQvFSo4IgISAzIxAgI0EyEHPBwoDSIGPTIELwkeHnwfDCobHwMBfCUBGi8+JBAGCwsZNhsQfAgXBywLIAcaI3w3F3wBCx01CwoLQR8udRsxEg58fiEQBgofMXQeFQsXJwIseTgADg50IQQ4FRwiBw8WJkEADBIbMRIJEXgmEA00Hx58AhwLGCApLwczATANPjc9eQofISkLFSEcDS50CzMSHmkHSRQKFQ8yFicTBSIHGyIZKgEfERcYFA4VKSMrfGInAyomNHAzEXEhAhoxLCE7Nw
54.230.111.74200 OK 1.2 kB URL GET HTTP/2 pyrincelewasgild.info/RUhETXAkKicgTyR1JmsFNyR5aEIDbXYLFHcqLyYEdiM1Kx08J3RjEyknMSkWNycqOV4rLTBoQgMZJyAYdhx3DCIHMC89JDIRBghDDwIVGzYHLREPJQQvFSo4IgISAzIxAgI0EyEHPBwoDSIGPTIELwkeHnwfDCobHwMBfCUBGi8+JBAGCwsZNhsQfAgXBywLIAcaI3w3F3wBCx01CwoLQR8udRsxEg58fiEQBgofMXQeFQsXJwIseTgADg50IQQ4FRwiBw8WJkEADBIbMRIJEXgmEA00Hx58AhwLGCApLwczATANPjc9eQofISkLFSEcDS50CzMSHmkHSRQKFQ8yFicTBSIHGyIZKgEfERcYFA4VKSMrfGInAyomNHAzEXEhAhoxLCE7Nw
IP 54.230.111.74:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2997), with no line terminators
Hash 854b5ad15bda78df1c1af03d4f9ca81c
e99de8cb3858e2d7259527809aa664345afc68e2
646a45fb45bcaf6ff24437b2688f4025f92a35a6ba7d8887d5aaf7d621a37022
GET /RUhETXAkKicgTyR1JmsFNyR5aEIDbXYLFHcqLyYEdiM1Kx08J3RjEyknMSkWNycqOV4rLTBoQgMZJyAYdhx3DCIHMC89JDIRBghDDwIVGzYHLREPJQQvFSo4IgISAzIxAgI0EyEHPBwoDSIGPTIELwkeHnwfDCobHwMBfCUBGi8+JBAGCwsZNhsQfAgXBywLIAcaI3w3F3wBCx01CwoLQR8udRsxEg58fiEQBgofMXQeFQsXJwIseTgADg50IQQ4FRwiBw8WJkEADBIbMRIJEXgmEA00Hx58AhwLGCApLwczATANPjc9eQofISkLFSEcDS50CzMSHmkHSRQKFQ8yFicTBSIHGyIZKgEfERcYFA4VKSMrfGInAyomNHAzEXEhAhoxLCE7Nw HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1155
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Tz2UgEwajoaaHG8oyE-sg7ktORF3gGx1ofgrVjknAGtsoBfOc5kjRw==
X-Firefox-Spdy: h2
rdreamsofcryin.info/TU1zdU9ichAGcgIaOkYsJj45IzgbDBUCJx4PNjN3CRsiJR5+fVUBJilwSkZ2e3tDUz8kKU5Ed2s+BxQ7OD5ORGkkIxUacms7TkRhfWNBW3xrOE5EaTk9EhJyfGsDATshcEJDd3l7S0N/enRKQng
172.67.186.81204 No Content 0 B URL GET HTTP/2 rdreamsofcryin.info/TU1zdU9ichAGcgIaOkYsJj45IzgbDBUCJx4PNjN3CRsiJR5+fVUBJilwSkZ2e3tDUz8kKU5Ed2s+BxQ7OD5ORGkkIxUacms7TkRhfWNBW3xrOE5EaTk9EhJyfGsDATshcEJDd3l7S0N/enRKQng
IP 172.67.186.81:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subjectrdreamsofcryin.info
Fingerprint16:FC:0A:E4:63:1A:6A:7A:56:55:9C:1B:36:6F:21:55:32:72:7E:F5
ValidityFri, 05 May 2023 13:44:13 GMT - Thu, 03 Aug 2023 13:44:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /TU1zdU9ichAGcgIaOkYsJj45IzgbDBUCJx4PNjN3CRsiJR5+fVUBJilwSkZ2e3tDUz8kKU5Ed2s+BxQ7OD5ORGkkIxUacms7TkRhfWNBW3xrOE5EaTk9EhJyfGsDATshcEJDd3l7S0N/enRKQng HTTP/1.1
Host: rdreamsofcryin.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqrUQXxpNKTOOWsV6esQAS%2F%2F2qRv29fkHM3hgwpc1m5LqGc8HT8o3rN1XyFghjm%2B%2Brny6HUq50T6a1y1qJeGgF4B%2B7XZ7HD3FouUTAVrOLzSczF%2FknUKk3hXMpLp1fsCMgwKHxQl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26e01a441bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hexrom.com/hexrom_logo.png
172.67.71.40200 OK 310 B URL GET HTTP/2 hexrom.com/hexrom_logo.png
IP 172.67.71.40:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 33c94e38d072d44982ad05615734ad50
da6e934cbe14ae333f1f0394e231d2268b2d17fb
9a874aabc5febf3a52e7df45a1cbab9ab99e53bec4dcc687419edc7e773bb92a
GET /hexrom_logo.png HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/webp
content-length: 310
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1216
content-disposition: inline; filename="hexrom_logo.webp"
vary: Accept
expires: Thu, 16 May 2024 04:40:44 GMT
last-modified: Thu, 11 Mar 2021 15:53:42 GMT
cf-cache-status: HIT
age: 408301
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdn1zloiGJuvBCtp8YzlSlFHcwOD0zpQ3O9giwfewdUgSwjvgHvVe2Rc8xBiHzuYITGcpPv0DlrbF22bnK8tKnI8tJ7cAxq%2BenIa5NsxIbBRax6VebjgLOO9ra0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26e19f61b51e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8024958615a353ae89dafa455e853182
42b88fef42ae73bfeee61cc1059e626ad60518d6
8af0477eb7cb916274aad1cbe795275dc11b9ec8d4e0f0b3a194df1e54a78c4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 16:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 8024958615a353ae89dafa455e853182
42b88fef42ae73bfeee61cc1059e626ad60518d6
8af0477eb7cb916274aad1cbe795275dc11b9ec8d4e0f0b3a194df1e54a78c4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 16:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pyrincelewasgild.info/utx?cb=xG48j9Y8sd6D&top=hexrom.com&tid=938621
54.230.111.74204 No Content 0 B URL GET HTTP/2 pyrincelewasgild.info/utx?cb=xG48j9Y8sd6D&top=hexrom.com&tid=938621
IP 54.230.111.74:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=xG48j9Y8sd6D&top=hexrom.com&tid=938621 HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://hexrom.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 21 May 2023 16:22:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _71P2lDP3AX64kMweO4g45qT5PgSWxaEnXGYsczwV7YGynfi5Lqs9Q==
X-Firefox-Spdy: h2
pyrincelewasgild.info/utx?cb=fVorvfnxsMUa&top=hexrom.com&tid=947836
54.230.111.74204 No Content 0 B URL GET HTTP/2 pyrincelewasgild.info/utx?cb=fVorvfnxsMUa&top=hexrom.com&tid=947836
IP 54.230.111.74:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=fVorvfnxsMUa&top=hexrom.com&tid=947836 HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://hexrom.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 21 May 2023 16:22:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cf72rmgwMJMDETomjowWStdr1mlgqe1b5W9Qgyfa5LiYiElWXURY6g==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFXvv8sEb7DtAauqtS6oncRTUPNYAAEvuFzsI8T-ofMVkiGNoHWdBlfV5JiYe3VHZwtKMomow
216.58.207.237302 Found 395 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFXvv8sEb7DtAauqtS6oncRTUPNYAAEvuFzsI8T-ofMVkiGNoHWdBlfV5JiYe3VHZwtKMomow
IP 216.58.207.237:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:0F:22:73:39:64:7E:80:9B:85:2E:C3:A9:69:6F:0F:93:58:57:95
ValidityMon, 24 Apr 2023 12:01:17 GMT - Mon, 17 Jul 2023 12:01:16 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 5b56ec08554762a3d7f9f3c4660646f7
9fa79e74558f5093aa07da5314de402e86499a1b
d3b28ba6b653242e492484a9675d9efa99e6fed700b13ecd439825b12606bdbd
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFXvv8sEb7DtAauqtS6oncRTUPNYAAEvuFzsI8T-ofMVkiGNoHWdBlfV5JiYe3VHZwtKMomow HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:xWgFzsIYdGlwQoG-3UvLSHo5YD6pGg:eX2fwWxW8Ir1hDFt;Path=/;Expires=Tue, 20-May-2025 16:21:20 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1375093495%3A1684686080420681&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFMsnO3T370fqI33ZXGsvhbcze5GnnlyTTnTzc6TrqszTSrB2aDHijZxf5Xflgo7SGZZXl-g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-TYCfVxdzPpyAij8mlNIeZA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 68e98363f930b3ef10efe3f848d4b441
de398874bc8e97a4f3da7023ca4c32c91b4dd847
442199edd1d2acf6f9dcc726a70c7fdd168eb1444f2fbb999408a6cb32b59028
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 16:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2bkkt3kqfmyo0.cloudfront.net/XVjB6TW41XxQrUSJZHnBXYgdCflhwWgkiACYNHDctI1Qwe1YxdBIdOz97XDkUMg1KawI3Xh1wSDNeGXBfcFEeL1NiFg49AT0NDTsII0IXKxc/R1w4D2tdFTcHOlwbaFwQBVR9S2QAUjVfZxVJD0tkABYkACNIX39eLghMElhiFUkPS2QACDtLZXFLfVd4AF-NoXGZXHy4FORVIC1xmAUp9X2YBX39eMFkIKAg5SF9/KGcBS2NecEVHfA
54.230.245.98 559 B URL d2bkkt3kqfmyo0.cloudfront.net/XVjB6TW41XxQrUSJZHnBXYgdCflhwWgkiACYNHDctI1Qwe1YxdBIdOz97XDkUMg1KawI3Xh1wSDNeGXBfcFEeL1NiFg49AT0NDTsII0IXKxc/R1w4D2tdFTcHOlwbaFwQBVR9S2QAUjVfZxVJD0tkABYkACNIX39eLghMElhiFUkPS2QACDtLZXFLfVd4AF-NoXGZXHy4FORVIC1xmAUp9X2YBX39eMFkIKAg5SF9/KGcBS2NecEVHfA
IP 54.230.245.98:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (795), with no line terminators
Hash 075a5fa67db8f9c659e16532a62ebd82
b225e559d93f8bb6d288d720fba54141041f9330
e2be2d2cdf9b8a1d45afe8e3ca69c5f512aeed2e68a425f13086fee774a31813
GET /XVjB6TW41XxQrUSJZHnBXYgdCflhwWgkiACYNHDctI1Qwe1YxdBIdOz97XDkUMg1KawI3Xh1wSDNeGXBfcFEeL1NiFg49AT0NDTsII0IXKxc/R1w4D2tdFTcHOlwbaFwQBVR9S2QAUjVfZxVJD0tkABYkACNIX39eLghMElhiFUkPS2QACDtLZXFLfVd4AF-NoXGZXHy4FORVIC1xmAUp9X2YBX39eMFkIKAg5SF9/KGcBS2NecEVHfA HTTP/1.1
Host: d2bkkt3kqfmyo0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyrincelewasgild.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 559
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: diG_D0zGwj7RTFRYi19yCeLWcFRM2YZwqm1fKspA1u0Cn8chGxRGbw==
X-Firefox-Spdy: h2
d2bkkt3kqfmyo0.cloudfront.net/VamRsbGIJCwIKXR4NCFFbWVxaXlNMDh8DDBpZBiolHSI2WyAoUxggNC4OC0oWEABRXEQGBQILX0wBAg9fW0INCABXUEoYEgUPURsUDBEeAQQTDRtKFwtZAQMYAwgADUdYIllCUk9WXEQaW1VJXyBPVlwACwQRFElQWhxUWj1cUElfIE9WXB4UT1ctXVJTSl-xFR1hUCwkBAQtJXiRYVF1cUltUXUlQWgIFHgcMCxRJUCxVXV1MWkIZUVM
54.230.245.98 600 B URL d2bkkt3kqfmyo0.cloudfront.net/VamRsbGIJCwIKXR4NCFFbWVxaXlNMDh8DDBpZBiolHSI2WyAoUxggNC4OC0oWEABRXEQGBQILX0wBAg9fW0INCABXUEoYEgUPURsUDBEeAQQTDRtKFwtZAQMYAwgADUdYIllCUk9WXEQaW1VJXyBPVlwACwQRFElQWhxUWj1cUElfIE9WXB4UT1ctXVJTSl-xFR1hUCwkBAQtJXiRYVF1cUltUXUlQWgIFHgcMCxRJUCxVXV1MWkIZUVM
IP 54.230.245.98:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (844), with no line terminators
Hash 26f7d673f466578b9cdd3fbf9b4119df
4cca89e57415cb6fda20d49cf0d942ce4f05c6b6
223d6c8074e63a0a7d8131338c5d6c9270a9fcd6cfe62997d500367981d92543
GET /VamRsbGIJCwIKXR4NCFFbWVxaXlNMDh8DDBpZBiolHSI2WyAoUxggNC4OC0oWEABRXEQGBQILX0wBAg9fW0INCABXUEoYEgUPURsUDBEeAQQTDRtKFwtZAQMYAwgADUdYIllCUk9WXEQaW1VJXyBPVlwACwQRFElQWhxUWj1cUElfIE9WXB4UT1ctXVJTSl-xFR1hUCwkBAQtJXiRYVF1cUltUXUlQWgIFHgcMCxRJUCxVXV1MWkIZUVM HTTP/1.1
Host: d2bkkt3kqfmyo0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyrincelewasgild.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 600
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kA7cDw6SIU5HSfcsosIM84cWJLodkcQj5E8i7UhiTQtLT2UxzaQWkA==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGQYjaq0eS46i-0hmjYqwbUBD1d5o0hd0UktsGHIOr0JE6gr5eWDu5EytVAkTpwPR6PQ8eSkA
216.58.207.237302 Found 401 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGQYjaq0eS46i-0hmjYqwbUBD1d5o0hd0UktsGHIOr0JE6gr5eWDu5EytVAkTpwPR6PQ8eSkA
IP 216.58.207.237:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:0F:22:73:39:64:7E:80:9B:85:2E:C3:A9:69:6F:0F:93:58:57:95
ValidityMon, 24 Apr 2023 12:01:17 GMT - Mon, 17 Jul 2023 12:01:16 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 093986ec7b713420793190d619c737d3
f3d499062acac602dc21e800cb3b1aa0e35afbdf
60bb21fc74d3afc7933aa54a25bcae030b978af89e919f2da42c3f8a8fdec403
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGQYjaq0eS46i-0hmjYqwbUBD1d5o0hd0UktsGHIOr0JE6gr5eWDu5EytVAkTpwPR6PQ8eSkA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:S9u3FE0f_PvklQnMZ6SKUbmybM_EWQ:ag_yS7l-qOIGAyHr;Path=/;Expires=Tue, 20-May-2025 16:21:20 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2130435570%3A1684686080483866&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG2Pjm1VJS7eTMltR32NTuVeuyEYNaU7K1FKVSdVrBV7Gx2NZ1H_J_LLa0UddnEVI7e5ZxRhw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-QsGREvOyHl36cLSosixtCQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d2bkkt3kqfmyo0.cloudfront.net/Qcmh3T3ARBxkpTwYBE3JJQVFBeUBUAgQgHgJVNBtJFycdOxQXHjBpBAgMSn9WHgkZKE1UDRksTUNOFisST1xROhFPBRg1GR4EFmpCNF1Zf1VAWF83QUNNRA1VQFgbJh4HEFJ9QApQQRBGRk1EDVVAWAU5VUEpRn9JXFheakJCDxIsGx1NRQlCQllHf0FCWV-J9QBQBBSoWHRBSfTZDWUZhQFQdSn4
54.230.245.98 196 B URL d2bkkt3kqfmyo0.cloudfront.net/Qcmh3T3ARBxkpTwYBE3JJQVFBeUBUAgQgHgJVNBtJFycdOxQXHjBpBAgMSn9WHgkZKE1UDRksTUNOFisST1xROhFPBRg1GR4EFmpCNF1Zf1VAWF83QUNNRA1VQFgbJh4HEFJ9QApQQRBGRk1EDVVAWAU5VUEpRn9JXFheakJCDxIsGx1NRQlCQllHf0FCWV-J9QBQBBSoWHRBSfTZDWUZhQFQdSn4
IP 54.230.245.98:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 918100fb319dc76ba5b9e6d7c7d6d824
65aff3034bb4e31574b9935b3a9bff9af6b13682
52ef77eefe66783ecc795e1111a423ab9eae962cbced03f476bc4fa41d4d2af3
GET /Qcmh3T3ARBxkpTwYBE3JJQVFBeUBUAgQgHgJVNBtJFycdOxQXHjBpBAgMSn9WHgkZKE1UDRksTUNOFisST1xROhFPBRg1GR4EFmpCNF1Zf1VAWF83QUNNRA1VQFgbJh4HEFJ9QApQQRBGRk1EDVVAWAU5VUEpRn9JXFheakJCDxIsGx1NRQlCQllHf0FCWV-J9QBQBBSoWHRBSfTZDWUZhQFQdSn4 HTTP/1.1
Host: d2bkkt3kqfmyo0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyrincelewasgild.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 196
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IR8b2NHJ7Bsi_KhT_T30quH85gRhU98OlmFzA0GkmIhGGnmGwpl8NQ==
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1375093495%3A1684686080420681&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFMsnO3T370fqI33ZXGsvhbcze5GnnlyTTnTzc6TrqszTSrB2aDHijZxf5Xflgo7SGZZXl-g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
216.58.207.237403 Forbidden 4.0 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-1375093495%3A1684686080420681&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFMsnO3T370fqI33ZXGsvhbcze5GnnlyTTnTzc6TrqszTSrB2aDHijZxf5Xflgo7SGZZXl-g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 216.58.207.237:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type gzip compressed data, max compression\012- data
Hash de6f31290f86e40d29f0e93f3723f6df
295ec619ad961737184f1c108e7e230bdfd4e5d6
ce77cf2b79012b328008e466f876aa76f0d95b05c2518b5cbd2ea2a7005ff2e7
GET /v3/signin/identifier?dsh=S-1375093495%3A1684686080420681&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFMsnO3T370fqI33ZXGsvhbcze5GnnlyTTnTzc6TrqszTSrB2aDHijZxf5Xflgo7SGZZXl-g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-OgkAZEHtfnGMOkiPU4_8Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hexrom.com/wp-content/uploads/2021/08/telegram.jpg
172.67.71.40200 OK 1.1 kB URL GET HTTP/2 hexrom.com/wp-content/uploads/2021/08/telegram.jpg
IP 172.67.71.40:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type JPEG image data, progressive, precision 8, 69x66, components 3\012- data
Hash 017eae532232751aee060e6cadfff81b
1f4ead831b94c822ec048f2bc097fecc0fed6f09
b1fe061cc0fa590e5c191305bea72207662f1a0353485794a6b5a42c77bef00d
GET /wp-content/uploads/2021/08/telegram.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/jpeg
content-length: 1107
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1939, status=webp_bigger
expires: Sat, 24 Feb 2024 23:54:34 GMT
last-modified: Tue, 03 Aug 2021 20:27:54 GMT
cf-cache-status: HIT
age: 979566
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsNJJw%2BDjsI7xDgTUYrqJiDuFwfPeivBXd%2BnUqKbQfRtnEba09%2BSXhX%2F0HlXgKMqeCutzQmWMdUymv02rgcots%2F%2BsVF5HL7OdSPdjdQrV4rR9auaQp%2BIoiLdEOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e45dcfb51e-OSL
X-Firefox-Spdy: h2
hexrom.com/images/icon/Jet%20Set%20Radio%20Future.jpg
172.67.71.40200 OK 20 kB URL GET HTTP/2 hexrom.com/images/icon/Jet%20Set%20Radio%20Future.jpg
IP 172.67.71.40:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 176x250, components 3\012- data
Hash 54ddb62b9637e9d31061b01569b9c406
d83b23ec1ffca2ccad3dc1aa875e4d7cc2bd370a
ca82a84f0f0c59525f7d80de71a99fdaf864b5a35def6dfab190360163080d0a
GET /images/icon/Jet%20Set%20Radio%20Future.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/jpeg
content-length: 19755
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=21509, status=webp_bigger
expires: Sat, 18 May 2024 21:01:33 GMT
last-modified: Sat, 04 Jul 2020 10:04:34 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwbezAvXvemmc7QEXWBCKuVe2eFZ5NXnH75Hk%2BoeZR%2ByuEqsHcKzVrnf9PVcYpPLWapNlROmeqEmSt4SLiv56aQZSUrgNLy2O41QfFep8TLMsc7fjWpJtK2%2BjLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e45dccb51e-OSL
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 102 kB IP 172.64.199.35:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://hexrom.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6794
last-modified: Sun, 21 May 2023 14:28:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkcjvRhhBVhpRGRu3tGVQGjSvfpMxbCy8UNL7KwWTaPss6gVkbvBg0%2BxSXnKZgZCuzeE76GqbVqTbU7MjFgAIFuwOxYRksJ2NlyWO5PZoWVVNmJnldszXdCjXatj8p4U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e25edb4089-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 102 kB IP 172.64.199.35:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://hexrom.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6794
last-modified: Sun, 21 May 2023 14:28:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL3ngktOOZT6d1fNNr7%2BPVTYpsEqBHvfq6of1Q16eUCqH9oaDaYfTj4s2tLrrGuKNbrBZsF3kbiarIwqcN9z%2Bx4WSfREOhg4CDDZ%2Btc2IEcuJDb5u2FQtaX%2BDRkIqvWW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e25ede4089-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:0F:22:73:39:64:7E:80:9B:85:2E:C3:A9:69:6F:0F:93:58:57:95
ValidityMon, 24 Apr 2023 12:01:17 GMT - Mon, 17 Jul 2023 12:01:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:yzif8QiYIQKGqnVCCUVFPe84G1jAUw:TCJdN90y_2YjeIOr; Expires=Tue, 20-May-2025 16:21:20 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFXvv8sEb7DtAauqtS6oncRTUPNYAAEvuFzsI8T-ofMVkiGNoHWdBlfV5JiYe3VHZwtKMomow
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-c37_buuX3uAZmTiFDYUcRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.199.35200 OK 26 B IP 172.64.199.35:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 36eb91fc17de63eb58de5800c80db776
ddaf2752ca01e5f6f57af93d91cd6071a233a0c7
8f8ba9d9b5b1d325af676b7325e9a85bdc23841715aee07812248e1d2db6f038
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: text/plain
set-cookie: csu=226038962576811@1@1684686080; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://hexrom.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLdYt1ucY7TuIc6%2FNI7kXAbJBEAE6v1d9qPCFNjojzcRGyoY2OAQ4k0YpKJSyJp1Fhr3te9pa3j8WPFHCjv9mVj%2FBGnO4kVJHg0DNGCFnoqI%2B3%2BRVIQ0eaOfMyl2w%2F9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26e23ec14089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hexrom.com/jet-set-radio-future/download/
172.67.71.40200 OK 34 kB URL User Request GET HTTP/2 hexrom.com/jet-set-radio-future/download/
IP 172.67.71.40:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jet-set-radio-future/download/ HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: text/html; charset=UTF-8
cf-ray: 7cae26dbc9fbb51e-OSL
vary: Accept-Encoding
cf-cache-status: BYPASS
cf-apo-via: origin,page-rules
cf-edge-cache: cache,platform=wordpress
x-dns-prefetch-control: on
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6qXXXb9onyn8eiLULxoq3r9IKz0HIQJcmzOxIpJBze9FN1boSXk5EyMQuWoJy%2B52uU9As%2FdRVFZRsEK67Bapvzglib8mpm%2B8Ar5C%2FTDBUsTZ6ZAspUWBZA5Oc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:0F:22:73:39:64:7E:80:9B:85:2E:C3:A9:69:6F:0F:93:58:57:95
ValidityMon, 24 Apr 2023 12:01:17 GMT - Mon, 17 Jul 2023 12:01:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: __Host-GAPS=1:AurxrfZk72BJBvKDffpu-H7w5M_HyQ:8k1rQ2gXNAGFJYEh; Expires=Tue, 20-May-2025 16:21:20 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGQYjaq0eS46i-0hmjYqwbUBD1d5o0hd0UktsGHIOr0JE6gr5eWDu5EytVAkTpwPR6PQ8eSkA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-JKZy3N4AFSFK2gjb5-u8Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-2130435570%3A1684686080483866&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG2Pjm1VJS7eTMltR32NTuVeuyEYNaU7K1FKVSdVrBV7Gx2NZ1H_J_LLa0UddnEVI7e5ZxRhw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
216.58.207.237403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?dsh=S-2130435570%3A1684686080483866&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG2Pjm1VJS7eTMltR32NTuVeuyEYNaU7K1FKVSdVrBV7Gx2NZ1H_J_LLa0UddnEVI7e5ZxRhw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP 216.58.207.237:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?dsh=S-2130435570%3A1684686080483866&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG2Pjm1VJS7eTMltR32NTuVeuyEYNaU7K1FKVSdVrBV7Gx2NZ1H_J_LLa0UddnEVI7e5ZxRhw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-AbxsDStcCZU5ZPe7y1jxmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pogothere.xyz/
172.64.199.35200 OK 27 B IP 172.64.199.35:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash ac93b94ebd89bc019d8094f23b6a899b
95e3106524c5441a133578615dbd9eba770127c1
61984ec47ff28e198d70751c3f90f8f510b163e7763fc97beca3c7d38f36fa86
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: text/plain
set-cookie: csu=2099303120310552@1@1684686080; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://hexrom.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIQkrcY%2BvWbqF9oYprhxbcoSSGd7ew%2BttB2%2BjdtjNoSj5WqpfpSO1%2FPBKNZO0uor51FTvqP6Nsr2tqZm6JTToM1tUo6IweOacpUZfKkqolj%2FtTrLf3CqQz8guJ9yDDKU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26e25edc4089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hexrom.com/images/icon/nocover.jpg
172.67.71.40200 OK 3.2 kB URL GET HTTP/2 hexrom.com/images/icon/nocover.jpg
IP 172.67.71.40:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type JPEG image data, progressive, precision 8, 225x225, components 3\012- data
Hash 69a53f6152edc761a93e946651ef87a8
dccc91da1e61e9428a162234168aef94383b3711
c1ebc4580537e77ddda3ea42b082f909df79c0ac695edb148b4c23282ecde712
GET /images/icon/nocover.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/jpeg
content-length: 3233
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=4294, status=webp_bigger
expires: Sat, 24 Feb 2024 23:54:52 GMT
last-modified: Sat, 07 Nov 2020 15:09:58 GMT
cf-cache-status: HIT
age: 7423228
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmrpwHoerT28p5IwUub2HJgTgVHydvzbaKEOlTj387j%2B2lMT3Hph8ppeoFqdYWFunnro81nyh7Hx%2Flh79FHRI%2FGfiTdnqTIcQ7SiB12blEhwdDvbXrOsnSJUeD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e45ddbb51e-OSL
X-Firefox-Spdy: h2
rdreamsofcryin.info/popunder.gif
172.67.186.81200 OK 35 B URL GET HTTP/3 rdreamsofcryin.info/popunder.gif
IP 172.67.186.81:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerGoogle Trust Services LLC
Subjectrdreamsofcryin.info
Fingerprint16:FC:0A:E4:63:1A:6A:7A:56:55:9C:1B:36:6F:21:55:32:72:7E:F5
ValidityFri, 05 May 2023 13:44:13 GMT - Thu, 03 Aug 2023 13:44:12 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: rdreamsofcryin.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 9040
last-modified: Sun, 21 May 2023 13:50:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rENl4hs0F1%2Fbz8m%2F7bso3oarky8SY5HJS%2FyhUXLeFpGSpskiBS6%2BuQpj3syY84mb6HpNlDYp7aLIpXvw6uKDS9td9Zd%2BEARsPtxIj%2FEaSSa%2B%2FQRbQxghEBcCSlIN8FQcx5kUvYds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e448ce0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
hexrom.com/wp-content/litespeed/css/4bc0347d8d8e7b84de8260bf908de5e1.css?ver=8ed8c
172.67.71.40200 OK 40 kB URL GET HTTP/2 hexrom.com/wp-content/litespeed/css/4bc0347d8d8e7b84de8260bf908de5e1.css?ver=8ed8c
IP 172.67.71.40:443
Requested by https://hexrom.com/jet-set-radio-future/download/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/litespeed/css/4bc0347d8d8e7b84de8260bf908de5e1.css?ver=8ed8c HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=40424
expires: Mon, 20 May 2024 16:51:13 GMT
last-modified: Sun, 21 May 2023 10:51:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17680
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqNdkU55zuqwqdCk8GjtIk0EM2PZlH%2FcO%2F8HM%2B7NHfphRNFVy5qrL37Xf5Iuc5s1W69f7EGd%2FBJ15BdQXf2A%2BX1je6Rhz1Hl1SDq2IOFYfE5VWuC9RGlzjCVbzw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26ddbdecb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2