Report - hexrom.com/jet-set-radio-future/download/

Report Overview

Submitted URL
hexrom.com/jet-set-radio-future/download/
IP
104.26.2.103
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-21 16:21:37
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
d2bkkt3kqfmyo0.cloudfront.net	unknown	2008-04-25	2023-04-29	2023-05-21	2.4 kB	119 kB	54.230.245.98
kerattogeist.com	unknown	2022-09-29	2022-09-29	2023-05-16	406 B	1.5 kB	23.109.82.29
pyrincelewasgild.info	unknown	2023-04-02	2023-05-05	2023-05-21	3.8 kB	6.9 kB	54.230.111.74
rdreamsofcryin.info	unknown	2023-04-02	2023-05-05	2023-05-05	2.1 kB	2.5 kB	172.67.186.81
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-21	999 B	2.1 kB	142.250.74.131
accounts.google.com	81	1997-09-15	2016-03-20	2023-05-21	3.7 kB	15 kB	216.58.207.237
pogothere.xyz	unknown	2022-08-22	2022-09-04	2023-05-21	1.7 kB	208 kB	172.64.199.35
hexrom.com	unknown	2020-02-11	2020-03-03	2023-05-19	4.4 kB	110 kB	172.67.71.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-05-21	medium	kerattogeist.com/trNzG3CDv2oE/56669

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	hexrom.com/jet-set-radio-future/download/sandbox%20eval%20code	147 B	2023-04-11	2024-04-23
Pretty URL hexrom.com/jet-set-radio-future/download/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-23 07:35:53 Times Seen341504 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	kerattogeist.com/trNzG3CDv2oE/56669	5 B	2023-03-07	2024-04-21
Pretty URL kerattogeist.com/trNzG3CDv2oE/56669 IP 23.109.82.29 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:39 Last Seen2024-04-21 20:16:37 Times Seen6283 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-23
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-23 07:35:53 Times Seen341009 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	d2bkkt3kqfmyo0.cloudfront.net/?tkkbd=938621	357 kB	2023-05-21	2023-05-21
Pretty URL d2bkkt3kqfmyo0.cloudfront.net/?tkkbd=938621 IP 54.230.245.98 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 18:21:37 Last Seen2023-05-21 18:21:38 Times Seen4 Hash f3d8fb1f79f0e126ce6ebf4e1b2d690f 4118e996ae0cd3a0c4659560d9d750cd1f38e9e0 dc13c2c935db0128f85f147e1bd7b9e2e0ad596fca78e315f8b3b451fc4d5e6e Loading...

	data:text/javascript;base64,KGZ1bmN0aW9uKG0sbCxnLGksayxuLGEpe20uR29vZ2xlQW5hbHl0aWNzT2JqZWN0PWs7bVtrXT1tW2tdfHxmdW5jdGlvbigpeyhtW2tdLnE9bVtrXS5xfHxbXSkucHVzaChhcmd1bWVudHMpfSxtW2tdLmw9MSpuZXcgRGF0ZSgpO249bC5jcmVhdGVFbGVtZW50KGcpLGE9bC5nZXRFbGVtZW50c0J5VGFnTmFtZShnKVswXTtuLmFzeW5jPTE7bi5zcmM9aTthLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKG4sYSl9KSh3aW5kb3csZG9jdW1lbnQsInNjcmlwdCIsImh0dHBzOi8vd3d3Lmdvb2dsZS1hbmFseXRpY3MuY29tL2FuYWx5dGljcy5qcyIsImdhIik7Z2EoImNyZWF0ZSIsIlVBLTE5Njc5OTI4My0xIiwiYXV0byIpO2dhKCJzZW5kIiwicGFnZXZpZXciKQ==	370 B	2023-03-10	2023-08-04
Pretty URL data:text/javascript;base64,KGZ1bmN0aW9uKG0sbCxnLGksayxuLGEpe20uR29vZ2xlQW5hbHl0aWNzT2JqZWN0PWs7bVtrXT1tW2tdfHxmdW5jdGlvbigpeyhtW2tdLnE9bVtrXS5xfHxbXSkucHVzaChhcmd1bWVudHMpfSxtW2tdLmw9MSpuZXcgRGF0ZSgpO249bC5jcmVhdGVFbGVtZW50KGcpLGE9bC5nZXRFbGVtZW50c0J5VGFnTmFtZShnKVswXTtuLmFzeW5jPTE7bi5zcmM9aTthLnBhcmVudE5vZGUuaW5zZXJ0QmVmb3JlKG4sYSl9KSh3aW5kb3csZG9jdW1lbnQsInNjcmlwdCIsImh0dHBzOi8vd3d3Lmdvb2dsZS1hbmFseXRpY3MuY29tL2FuYWx5dGljcy5qcyIsImdhIik7Z2EoImNyZWF0ZSIsIlVBLTE5Njc5OTI4My0xIiwiYXV0byIpO2dhKCJzZW5kIiwicGFnZXZpZXciKQ== IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:57:23 Last Seen2023-08-04 05:46:03 Times Seen10 Hash d9125fa66a59119bc85c199e527a47dc c1029620f08685a0fbee0cba23ae029025a703fe acbd52aa4a04901d08c184a0d5175246bd10cd5c05e168aaa5f48ff6e1eca4b1 Loading...

	hexrom.com/jet-set-radio-future/download/	8.3 kB	2023-03-07	2024-04-22
Pretty URL hexrom.com/jet-set-radio-future/download/ IP 172.67.71.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-22 00:47:01 Times Seen2053 Hash eb78fac132e7cff1e4556b0ee5be04cf 8c0633f511df47c21639be83c719ae0e1ea26555 163c4d52fb653e1c2463e1a0e397faa297729ad6269b5205b915f3ed4b8b8d8b Loading...

	data:text/javascript;base64,Y29uc3QgdGVzdEJ0bj1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgndGVzdEJ0bicpO2NvbnN0IG1saURpdj1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnbWxpJyk7dGVzdEJ0bi5hZGRFdmVudExpc3RlbmVyKCdjbGljaycsZnVuY3Rpb24oKXttbGlEaXYuc3R5bGUuZGlzcGxheT0nYmxvY2snfSk=	167 B	2023-05-20	2023-08-04
Pretty URL data:text/javascript;base64,Y29uc3QgdGVzdEJ0bj1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgndGVzdEJ0bicpO2NvbnN0IG1saURpdj1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnbWxpJyk7dGVzdEJ0bi5hZGRFdmVudExpc3RlbmVyKCdjbGljaycsZnVuY3Rpb24oKXttbGlEaXYuc3R5bGUuZGlzcGxheT0nYmxvY2snfSk= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 00:49:51 Last Seen2023-08-04 05:46:03 Times Seen7 Hash 0e4344e592e0f814e25ccfe76afb426b 8bda72c0906d261dba99abc7248f49981287b6ba 03be5d2fcc688a07b0cefdfd15c1576d48b3e824d14ed7220499d236a7af2363 Loading...

	data:text/javascript;base64,Y29uc3Qgc2hvd0J0bj1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnc2hvd0J0bicpO2NvbnN0IG1pcm9yTGlua0Rpdj1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnbWlyb3JfbGluaycpO3Nob3dCdG4uYWRkRXZlbnRMaXN0ZW5lcignY2xpY2snLGZ1bmN0aW9uKCl7bWlyb3JMaW5rRGl2LnN0eWxlLmRpc3BsYXk9J2Jsb2NrJ30p	186 B	2023-05-20	2023-05-21
Pretty URL data:text/javascript;base64,Y29uc3Qgc2hvd0J0bj1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnc2hvd0J0bicpO2NvbnN0IG1pcm9yTGlua0Rpdj1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnbWlyb3JfbGluaycpO3Nob3dCdG4uYWRkRXZlbnRMaXN0ZW5lcignY2xpY2snLGZ1bmN0aW9uKCl7bWlyb3JMaW5rRGl2LnN0eWxlLmRpc3BsYXk9J2Jsb2NrJ30p IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 00:49:51 Last Seen2023-05-21 18:21:38 Times Seen3 Hash 8bffc94bc9e41c9a8cbd2f95980388e5 ddac97de1edb1fa3044556c40c376d92194ba459 d9ead713bdf42e1e5d8dac5d4466643bbf301b723c4e67c58b7a8561a6e00f4a Loading...

HTTP Transactions (36)

URL IP Response Size

hexrom.com/wp-content/uploads/2021/08/pintres.jpg

172.67.71.40

200 OK

1.6 kB

URL GET HTTP/2
hexrom.com/wp-content/uploads/2021/08/pintres.jpg
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 69x66, components 3\012- data
Size
1.6 kB (1628 bytes)
Hash
6e66071840a242a50a4fc5e58fc415ca
b4882db93e21a4af3ff1c58d845507421ad1763d
38e1a961a7a32b9b37f285bf39f983eeed249c252646a0196af58b63e648643d

HTTP Headers

GET /wp-content/uploads/2021/08/pintres.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: image/jpeg
content-length: 1628
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2459, status=webp_bigger
expires: Sat, 24 Feb 2024 23:54:31 GMT
last-modified: Tue, 03 Aug 2021 20:27:53 GMT
cf-cache-status: HIT
age: 7423225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKcX01TPYUVb2AeG0C6WFTMVLPwzL6JStfhM00UkCex5TOy%2FA9cqxxMCZCbj2QgF%2FfbouZB%2BF36Eo%2BImgwRgt4S1LF9nM6DRsf%2BS7pP4O%2B585bu7VXL1s0hVbpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26ddcdf5b51e-OSL
X-Firefox-Spdy: h2

hexrom.com/wp-content/uploads/2021/08/facebook.jpg

172.67.71.40

200 OK

936 B

URL GET HTTP/2
hexrom.com/wp-content/uploads/2021/08/facebook.jpg
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 69x66, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
936 B (936 bytes)
Hash
e9af706e4d2b025f56fcc01c3b1ef05d
af5abfb85ab77469b31a9d2a04a5520e13ca401a
4b24518411ac442923f59fde93a95d401237ca1a1cdabc3e7764a20d831897ee

HTTP Headers

GET /wp-content/uploads/2021/08/facebook.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: image/webp
content-length: 936
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=1883
content-disposition: inline; filename="facebook.webp"
vary: Accept
expires: Fri, 22 Mar 2024 05:51:57 GMT
last-modified: Tue, 03 Aug 2021 20:27:56 GMT
cf-cache-status: HIT
age: 164721
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwixcgJv4g1Q6nKwTVD1BvJHy5J4z%2BtYd3bZioCL5Eq5tadhAHfcRSicq7%2F8%2BRMPsnRZN65%2BK%2B0r%2By%2F9D0%2Bi3xDWZsT25UqY%2FozDme%2FbiNJ%2F%2BDpOQqYNJ7v3VEQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26ddcdf0b51e-OSL
X-Firefox-Spdy: h2

hexrom.com/wp-content/uploads/2021/08/youtube.jpg

172.67.71.40

200 OK

1.8 kB

URL GET HTTP/2
hexrom.com/wp-content/uploads/2021/08/youtube.jpg
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 69x66, components 3\012- data
Size
1.8 kB (1764 bytes)
Hash
82e88404e6df58404ee6e9e51b6db27c
6866d72258a67ceee05ba1ec16bbaec2889d3a61
31b1a3e93df2b7bb083443cff0b2ce51299eacdd0ddf4417dc19066d7ecc1ad4

HTTP Headers

GET /wp-content/uploads/2021/08/youtube.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: image/jpeg
content-length: 1764
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2604, status=webp_bigger
expires: Sat, 24 Feb 2024 23:54:31 GMT
last-modified: Tue, 03 Aug 2021 20:27:54 GMT
cf-cache-status: HIT
age: 7423225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33OeaVWvrRM58bU8on9sPu4OwPSrvR8TtAkqUqbhn2wAwKFHkrY%2FeBjqHRY65H2ZOt%2BfoctvpKL0BTTslG1LoudIQk2fGpoGIVGzpBWM1Qlk8qzRgAD0gmHVAHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26ddcdf3b51e-OSL
X-Firefox-Spdy: h2

d2bkkt3kqfmyo0.cloudfront.net/?tkkbd=938621

54.230.245.98

200 OK

116 kB

URL GET HTTP/2
d2bkkt3kqfmyo0.cloudfront.net/?tkkbd=938621
IP
54.230.245.98:443
ASN
#16509 AMAZON-02

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (589)
Size
116 kB (115800 bytes)
Hash
f3d8fb1f79f0e126ce6ebf4e1b2d690f
4118e996ae0cd3a0c4659560d9d750cd1f38e9e0
dc13c2c935db0128f85f147e1bd7b9e2e0ad596fca78e315f8b3b451fc4d5e6e

HTTP Headers

GET /?tkkbd=938621 HTTP/1.1
Host: d2bkkt3kqfmyo0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 115800
date: Sun, 21 May 2023 16:21:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XsrLagM87w2mne3YWqEKE7h73Ocyf29DgKDm_g60YVYhFhWsRYTiZw==
X-Firefox-Spdy: h2

kerattogeist.com/trNzG3CDv2oE/56669

23.109.82.29

200 OK

25 B

URL GET HTTP/1.1
kerattogeist.com/trNzG3CDv2oE/56669
IP
23.109.82.29:443
ASN
#7979 SERVERS-COM

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerLet's Encrypt
Subjectkerattogeist.com
Fingerprint74:A1:6F:D1:91:D6:5F:A9:93:EC:A4:1E:1D:73:56:5C:4D:A5:4B:67
ValidityTue, 25 Apr 2023 00:17:02 GMT - Mon, 24 Jul 2023 00:17:01 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /trNzG3CDv2oE/56669 HTTP/1.1
Host: kerattogeist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 16:21:20 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hexrom.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Mon, 22-May-2023 16:21:20 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i8sKwjAURGuUYNVWBvwAf8D6QBdu1aXUhbgOtd6WYM0tTXzUr%2FcFruYwc8bzPDEIIXSJ3nIaLSfRfBZNF3M0c2KIeIdeylfjqlqZ5EKQMVf3pIasKNdsAnR%2FoFI%2BETrxbnQwZ8N38x8%2BtwCtVLs6gP%2BJrxu20dS2RLgq9GO45%2BLq3raFb8gpWxKd4K%2BTY0HjzX6L8N9%2Bz7KBtraqrPhRv7nv9IWebEhxlllyUqBxk%2BIFsdRBIw%3D%3D; expires=Mon, 22-May-2023 16:21:20 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

pyrincelewasgild.info/YlhDMFgDOiBdZwNlIRYtEDR+FWokfXF2PFA6KFssUTMyVjUbN3MeOw43NlQ+EDctRHYMPTcVaiQOIl0KEToEeRIhLwp7ADBsDXMeJDoUZiADAC9+FSYwe3QcICgZcjENNAtjEVAPOnE3NyAkVxYhbAxzaA0PBnEaMAAGYR8gCQp8AFIvAXE/Wz4UABEsGwJyADcdLGkdBQ0TZQoRDQdyHQcZEmEMJgo3ex4VLBlxCS8BAkc/IxwWVAErNC9zDQlhFGgdMzkUAQ4oADpyCDQ0NHEbFQkRdh0OCRRYIDcPKQE7Nx0vVhEnYRRoGlYNFwE7FgAVegwxNG5IHjBpK2UbFTMBcQkWEhtZCjsOBQE7NzQ3ZQA3NBJnPyseC1c7Lxs7YhI3GztmADRpDmczKwIWZhVEMjBfNhJlKXYfFR4ZBxogbzd8DiYyJA

54.230.111.74

200 OK

1.2 kB

URL GET HTTP/2
pyrincelewasgild.info/YlhDMFgDOiBdZwNlIRYtEDR+FWokfXF2PFA6KFssUTMyVjUbN3MeOw43NlQ+EDctRHYMPTcVaiQOIl0KEToEeRIhLwp7ADBsDXMeJDoUZiADAC9+FSYwe3QcICgZcjENNAtjEVAPOnE3NyAkVxYhbAxzaA0PBnEaMAAGYR8gCQp8AFIvAXE/Wz4UABEsGwJyADcdLGkdBQ0TZQoRDQdyHQcZEmEMJgo3ex4VLBlxCS8BAkc/IxwWVAErNC9zDQlhFGgdMzkUAQ4oADpyCDQ0NHEbFQkRdh0OCRRYIDcPKQE7Nx0vVhEnYRRoGlYNFwE7FgAVegwxNG5IHjBpK2UbFTMBcQkWEhtZCjsOBQE7NzQ3ZQA3NBJnPyseC1c7Lxs7YhI3GztmADRpDmczKwIWZhVEMjBfNhJlKXYfFR4ZBxogbzd8DiYyJA
IP
54.230.111.74:443
ASN
#16509 AMAZON-02

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3030), with no line terminators
Size
1.2 kB (1182 bytes)
Hash
57c02b91825afbe23b0bf70f04274b8f
afe8919b391c82577cd09caa6edb21d199a1b725
3fffcdca4260a502067d82f3f02b1fae7c069a471503899fa3d3adb9b75b44c4

HTTP Headers

GET /YlhDMFgDOiBdZwNlIRYtEDR+FWokfXF2PFA6KFssUTMyVjUbN3MeOw43NlQ+EDctRHYMPTcVaiQOIl0KEToEeRIhLwp7ADBsDXMeJDoUZiADAC9+FSYwe3QcICgZcjENNAtjEVAPOnE3NyAkVxYhbAxzaA0PBnEaMAAGYR8gCQp8AFIvAXE/Wz4UABEsGwJyADcdLGkdBQ0TZQoRDQdyHQcZEmEMJgo3ex4VLBlxCS8BAkc/IxwWVAErNC9zDQlhFGgdMzkUAQ4oADpyCDQ0NHEbFQkRdh0OCRRYIDcPKQE7Nx0vVhEnYRRoGlYNFwE7FgAVegwxNG5IHjBpK2UbFTMBcQkWEhtZCjsOBQE7NzQ3ZQA3NBJnPyseC1c7Lxs7YhI3GztmADRpDmczKwIWZhVEMjBfNhJlKXYfFR4ZBxogbzd8DiYyJA HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1182
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BVu_1WADR7KZ-3LRapUo1G4Jm9tTC5CP0MgupZdObdCpwuOMfJ10Aw==
X-Firefox-Spdy: h2

rdreamsofcryin.info/M3REM3IcSydAT1BEPEURexAFVkNpNhVYOAUjAV8iYiwoaiADJWJHG1dJfQBKBUZ1FQJaEHkCVEAAJUcHQEl1FRtdEisOVEVJdR1BB1p3AVwBUjEOQxUANFIVDkViQwZHGHkCRAtAcgtEA0N9CkYH

172.67.186.81

204 No Content

0 B

URL GET HTTP/2
rdreamsofcryin.info/M3REM3IcSydAT1BEPEURexAFVkNpNhVYOAUjAV8iYiwoaiADJWJHG1dJfQBKBUZ1FQJaEHkCVEAAJUcHQEl1FRtdEisOVEVJdR1BB1p3AVwBUjEOQxUANFIVDkViQwZHGHkCRAtAcgtEA0N9CkYH
IP
172.67.186.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subjectrdreamsofcryin.info
Fingerprint16:FC:0A:E4:63:1A:6A:7A:56:55:9C:1B:36:6F:21:55:32:72:7E:F5
ValidityFri, 05 May 2023 13:44:13 GMT - Thu, 03 Aug 2023 13:44:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /M3REM3IcSydAT1BEPEURexAFVkNpNhVYOAUjAV8iYiwoaiADJWJHG1dJfQBKBUZ1FQJaEHkCVEAAJUcHQEl1FRtdEisOVEVJdR1BB1p3AVwBUjEOQxUANFIVDkViQwZHGHkCRAtAcgtEA0N9CkYH HTTP/1.1
Host: rdreamsofcryin.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgR9c6Q4N942WbNTnXSsMqEELUoEYdoQDPUWiCgXXXOnIEP0DxincS85ZsaFkjv3W7xkB%2F%2BUx9HPT%2BPR7ITET6nh5259etD%2BihvL7VaVqXXF2UvgXNzD5qmGoBPtCtfIvU2Go1qq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26dfea141bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pyrincelewasgild.info/SWM1eDQoAVYVCyheV15BOw8IXQYPRgc+UHsBXhNAeghEHlkwDAVWVyUMQBxSOwxbDBonBkFdBg87YxJ2fzdiTAURG2QKYRopbzBaCztsH1AKBVkQQx4EXhF1Cjp7MHAqF3xJZT4GBCFMLSF8HHszWgIgcCI2eB8FAgJCMQcRCwQPZw0tUD9sCwVWPnEsLwQ2XQ8EAUF1HVN7PGA6KnxIfREoTRsReyVnSUN9JwcMUA83VjB7JRRXGXI+MncuZnAwByl1HAljHm4xNX88BD0IdDptIiJ2Nn0RUAwdeC4LeD1YIQpzLV8ZMAcpdQonQTRuESV5HmItV3Q+GQcMbT9uEStMTHIGMWMxd3gbWDlhOVptSm0LOwZBUQQlXjF/CAQAK3JwRgc+fw4AdysGBwZWPWIBBXReXjoMWwgJLxl2DVADVQ0fcCEzYBF/

54.230.111.74

200 OK

1.2 kB

URL GET HTTP/2
pyrincelewasgild.info/SWM1eDQoAVYVCyheV15BOw8IXQYPRgc+UHsBXhNAeghEHlkwDAVWVyUMQBxSOwxbDBonBkFdBg87YxJ2fzdiTAURG2QKYRopbzBaCztsH1AKBVkQQx4EXhF1Cjp7MHAqF3xJZT4GBCFMLSF8HHszWgIgcCI2eB8FAgJCMQcRCwQPZw0tUD9sCwVWPnEsLwQ2XQ8EAUF1HVN7PGA6KnxIfREoTRsReyVnSUN9JwcMUA83VjB7JRRXGXI+MncuZnAwByl1HAljHm4xNX88BD0IdDptIiJ2Nn0RUAwdeC4LeD1YIQpzLV8ZMAcpdQonQTRuESV5HmItV3Q+GQcMbT9uEStMTHIGMWMxd3gbWDlhOVptSm0LOwZBUQQlXjF/CAQAK3JwRgc+fw4AdysGBwZWPWIBBXReXjoMWwgJLxl2DVADVQ0fcCEzYBF/
IP
54.230.111.74:443
ASN
#16509 AMAZON-02

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Size
1.2 kB (1183 bytes)
Hash
0f06182400aa8752e68ae8eaa01c6854
bd026d292cd200a0382a9cbcf108a01ad48c5f90
5703cb3a5826fb4e058790f651a665a5128e42b77e001238db0166b6ded7371a

HTTP Headers

GET /SWM1eDQoAVYVCyheV15BOw8IXQYPRgc+UHsBXhNAeghEHlkwDAVWVyUMQBxSOwxbDBonBkFdBg87YxJ2fzdiTAURG2QKYRopbzBaCztsH1AKBVkQQx4EXhF1Cjp7MHAqF3xJZT4GBCFMLSF8HHszWgIgcCI2eB8FAgJCMQcRCwQPZw0tUD9sCwVWPnEsLwQ2XQ8EAUF1HVN7PGA6KnxIfREoTRsReyVnSUN9JwcMUA83VjB7JRRXGXI+MncuZnAwByl1HAljHm4xNX88BD0IdDptIiJ2Nn0RUAwdeC4LeD1YIQpzLV8ZMAcpdQonQTRuESV5HmItV3Q+GQcMbT9uEStMTHIGMWMxd3gbWDlhOVptSm0LOwZBUQQlXjF/CAQAK3JwRgc+fw4AdysGBwZWPWIBBXReXjoMWwgJLxl2DVADVQ0fcCEzYBF/ HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: edl0G4qv6kMCUS45m3VaSAImJUhZ7XrhNQjT5MsBxG40Ot-efTZHBA==
X-Firefox-Spdy: h2

rdreamsofcryin.info/NnFKaU8ZTikacngbGCIBBzQCKHwCMBMeLHgXPVwmdzB7UQtbIGwdJlJMc114DkJ8Tz9fFXdYaUUFKx06RUx7TyZYFyVUaUBMe0d8Al95W2EEVz9UfhAFOggoC0BsGTtCHXdYeQ5FfFF5BkZzUHkD

172.67.186.81

204 No Content

0 B

URL GET HTTP/2
rdreamsofcryin.info/NnFKaU8ZTikacngbGCIBBzQCKHwCMBMeLHgXPVwmdzB7UQtbIGwdJlJMc114DkJ8Tz9fFXdYaUUFKx06RUx7TyZYFyVUaUBMe0d8Al95W2EEVz9UfhAFOggoC0BsGTtCHXdYeQ5FfFF5BkZzUHkD
IP
172.67.186.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subjectrdreamsofcryin.info
Fingerprint16:FC:0A:E4:63:1A:6A:7A:56:55:9C:1B:36:6F:21:55:32:72:7E:F5
ValidityFri, 05 May 2023 13:44:13 GMT - Thu, 03 Aug 2023 13:44:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /NnFKaU8ZTikacngbGCIBBzQCKHwCMBMeLHgXPVwmdzB7UQtbIGwdJlJMc114DkJ8Tz9fFXdYaUUFKx06RUx7TyZYFyVUaUBMe0d8Al95W2EEVz9UfhAFOggoC0BsGTtCHXdYeQ5FfFF5BkZzUHkD HTTP/1.1
Host: rdreamsofcryin.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRo6w9eDanFO3D68hhWZucucXz%2Fy1%2Bnk28MT03ywcttMMveakbOynIiL56q8XWR%2F8kA2rNojFxS7KaO05dyZv4AkWlN%2FlAN8TukzczMnzdMbWtdZw63ZlIqB6XSDquB%2BanBzgLpB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26dfea201bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pyrincelewasgild.info/RUhETXAkKicgTyR1JmsFNyR5aEIDbXYLFHcqLyYEdiM1Kx08J3RjEyknMSkWNycqOV4rLTBoQgMZJyAYdhx3DCIHMC89JDIRBghDDwIVGzYHLREPJQQvFSo4IgISAzIxAgI0EyEHPBwoDSIGPTIELwkeHnwfDCobHwMBfCUBGi8+JBAGCwsZNhsQfAgXBywLIAcaI3w3F3wBCx01CwoLQR8udRsxEg58fiEQBgofMXQeFQsXJwIseTgADg50IQQ4FRwiBw8WJkEADBIbMRIJEXgmEA00Hx58AhwLGCApLwczATANPjc9eQofISkLFSEcDS50CzMSHmkHSRQKFQ8yFicTBSIHGyIZKgEfERcYFA4VKSMrfGInAyomNHAzEXEhAhoxLCE7Nw

54.230.111.74

200 OK

1.2 kB

URL GET HTTP/2
pyrincelewasgild.info/RUhETXAkKicgTyR1JmsFNyR5aEIDbXYLFHcqLyYEdiM1Kx08J3RjEyknMSkWNycqOV4rLTBoQgMZJyAYdhx3DCIHMC89JDIRBghDDwIVGzYHLREPJQQvFSo4IgISAzIxAgI0EyEHPBwoDSIGPTIELwkeHnwfDCobHwMBfCUBGi8+JBAGCwsZNhsQfAgXBywLIAcaI3w3F3wBCx01CwoLQR8udRsxEg58fiEQBgofMXQeFQsXJwIseTgADg50IQQ4FRwiBw8WJkEADBIbMRIJEXgmEA00Hx58AhwLGCApLwczATANPjc9eQofISkLFSEcDS50CzMSHmkHSRQKFQ8yFicTBSIHGyIZKgEfERcYFA4VKSMrfGInAyomNHAzEXEhAhoxLCE7Nw
IP
54.230.111.74:443
ASN
#16509 AMAZON-02

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2997), with no line terminators
Size
1.2 kB (1155 bytes)
Hash
854b5ad15bda78df1c1af03d4f9ca81c
e99de8cb3858e2d7259527809aa664345afc68e2
646a45fb45bcaf6ff24437b2688f4025f92a35a6ba7d8887d5aaf7d621a37022

HTTP Headers

GET /RUhETXAkKicgTyR1JmsFNyR5aEIDbXYLFHcqLyYEdiM1Kx08J3RjEyknMSkWNycqOV4rLTBoQgMZJyAYdhx3DCIHMC89JDIRBghDDwIVGzYHLREPJQQvFSo4IgISAzIxAgI0EyEHPBwoDSIGPTIELwkeHnwfDCobHwMBfCUBGi8+JBAGCwsZNhsQfAgXBywLIAcaI3w3F3wBCx01CwoLQR8udRsxEg58fiEQBgofMXQeFQsXJwIseTgADg50IQQ4FRwiBw8WJkEADBIbMRIJEXgmEA00Hx58AhwLGCApLwczATANPjc9eQofISkLFSEcDS50CzMSHmkHSRQKFQ8yFicTBSIHGyIZKgEfERcYFA4VKSMrfGInAyomNHAzEXEhAhoxLCE7Nw HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1155
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Tz2UgEwajoaaHG8oyE-sg7ktORF3gGx1ofgrVjknAGtsoBfOc5kjRw==
X-Firefox-Spdy: h2

rdreamsofcryin.info/TU1zdU9ichAGcgIaOkYsJj45IzgbDBUCJx4PNjN3CRsiJR5+fVUBJilwSkZ2e3tDUz8kKU5Ed2s+BxQ7OD5ORGkkIxUacms7TkRhfWNBW3xrOE5EaTk9EhJyfGsDATshcEJDd3l7S0N/enRKQng

172.67.186.81

204 No Content

0 B

URL GET HTTP/2
rdreamsofcryin.info/TU1zdU9ichAGcgIaOkYsJj45IzgbDBUCJx4PNjN3CRsiJR5+fVUBJilwSkZ2e3tDUz8kKU5Ed2s+BxQ7OD5ORGkkIxUacms7TkRhfWNBW3xrOE5EaTk9EhJyfGsDATshcEJDd3l7S0N/enRKQng
IP
172.67.186.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subjectrdreamsofcryin.info
Fingerprint16:FC:0A:E4:63:1A:6A:7A:56:55:9C:1B:36:6F:21:55:32:72:7E:F5
ValidityFri, 05 May 2023 13:44:13 GMT - Thu, 03 Aug 2023 13:44:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /TU1zdU9ichAGcgIaOkYsJj45IzgbDBUCJx4PNjN3CRsiJR5+fVUBJilwSkZ2e3tDUz8kKU5Ed2s+BxQ7OD5ORGkkIxUacms7TkRhfWNBW3xrOE5EaTk9EhJyfGsDATshcEJDd3l7S0N/enRKQng HTTP/1.1
Host: rdreamsofcryin.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqrUQXxpNKTOOWsV6esQAS%2F%2F2qRv29fkHM3hgwpc1m5LqGc8HT8o3rN1XyFghjm%2B%2Brny6HUq50T6a1y1qJeGgF4B%2B7XZ7HD3FouUTAVrOLzSczF%2FknUKk3hXMpLp1fsCMgwKHxQl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26e01a441bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hexrom.com/hexrom_logo.png

172.67.71.40

200 OK

310 B

URL GET HTTP/2
hexrom.com/hexrom_logo.png
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
310 B (310 bytes)
Hash
33c94e38d072d44982ad05615734ad50
da6e934cbe14ae333f1f0394e231d2268b2d17fb
9a874aabc5febf3a52e7df45a1cbab9ab99e53bec4dcc687419edc7e773bb92a

HTTP Headers

GET /hexrom_logo.png HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/webp
content-length: 310
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1216
content-disposition: inline; filename="hexrom_logo.webp"
vary: Accept
expires: Thu, 16 May 2024 04:40:44 GMT
last-modified: Thu, 11 Mar 2021 15:53:42 GMT
cf-cache-status: HIT
age: 408301
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdn1zloiGJuvBCtp8YzlSlFHcwOD0zpQ3O9giwfewdUgSwjvgHvVe2Rc8xBiHzuYITGcpPv0DlrbF22bnK8tKnI8tJ7cAxq%2BenIa5NsxIbBRax6VebjgLOO9ra0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26e19f61b51e-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8024958615a353ae89dafa455e853182
42b88fef42ae73bfeee61cc1059e626ad60518d6
8af0477eb7cb916274aad1cbe795275dc11b9ec8d4e0f0b3a194df1e54a78c4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 16:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8024958615a353ae89dafa455e853182
42b88fef42ae73bfeee61cc1059e626ad60518d6
8af0477eb7cb916274aad1cbe795275dc11b9ec8d4e0f0b3a194df1e54a78c4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 16:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pyrincelewasgild.info/utx?cb=xG48j9Y8sd6D&top=hexrom.com&tid=938621

54.230.111.74

204 No Content

0 B

URL GET HTTP/2
pyrincelewasgild.info/utx?cb=xG48j9Y8sd6D&top=hexrom.com&tid=938621
IP
54.230.111.74:443
ASN
#16509 AMAZON-02

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=xG48j9Y8sd6D&top=hexrom.com&tid=938621 HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://hexrom.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 21 May 2023 16:22:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _71P2lDP3AX64kMweO4g45qT5PgSWxaEnXGYsczwV7YGynfi5Lqs9Q==
X-Firefox-Spdy: h2

pyrincelewasgild.info/utx?cb=fVorvfnxsMUa&top=hexrom.com&tid=947836

54.230.111.74

204 No Content

0 B

URL GET HTTP/2
pyrincelewasgild.info/utx?cb=fVorvfnxsMUa&top=hexrom.com&tid=947836
IP
54.230.111.74:443
ASN
#16509 AMAZON-02

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerAmazon
Subjectpyrincelewasgild.info
FingerprintA7:42:40:30:2E:A0:CF:96:CA:48:9B:78:59:ED:61:08:FA:6B:05:89
ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 02 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=fVorvfnxsMUa&top=hexrom.com&tid=947836 HTTP/1.1
Host: pyrincelewasgild.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 21 May 2023 16:21:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://hexrom.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 21 May 2023 16:22:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cf72rmgwMJMDETomjowWStdr1mlgqe1b5W9Qgyfa5LiYiElWXURY6g==
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFXvv8sEb7DtAauqtS6oncRTUPNYAAEvuFzsI8T-ofMVkiGNoHWdBlfV5JiYe3VHZwtKMomow

216.58.207.237

302 Found

395 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFXvv8sEb7DtAauqtS6oncRTUPNYAAEvuFzsI8T-ofMVkiGNoHWdBlfV5JiYe3VHZwtKMomow
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:0F:22:73:39:64:7E:80:9B:85:2E:C3:A9:69:6F:0F:93:58:57:95
ValidityMon, 24 Apr 2023 12:01:17 GMT - Mon, 17 Jul 2023 12:01:16 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Size
395 B (395 bytes)
Hash
5b56ec08554762a3d7f9f3c4660646f7
9fa79e74558f5093aa07da5314de402e86499a1b
d3b28ba6b653242e492484a9675d9efa99e6fed700b13ecd439825b12606bdbd

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFXvv8sEb7DtAauqtS6oncRTUPNYAAEvuFzsI8T-ofMVkiGNoHWdBlfV5JiYe3VHZwtKMomow HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:xWgFzsIYdGlwQoG-3UvLSHo5YD6pGg:eX2fwWxW8Ir1hDFt;Path=/;Expires=Tue, 20-May-2025 16:21:20 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1375093495%3A1684686080420681&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFMsnO3T370fqI33ZXGsvhbcze5GnnlyTTnTzc6TrqszTSrB2aDHijZxf5Xflgo7SGZZXl-g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-TYCfVxdzPpyAij8mlNIeZA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
68e98363f930b3ef10efe3f848d4b441
de398874bc8e97a4f3da7023ca4c32c91b4dd847
442199edd1d2acf6f9dcc726a70c7fdd168eb1444f2fbb999408a6cb32b59028

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 16:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d2bkkt3kqfmyo0.cloudfront.net/XVjB6TW41XxQrUSJZHnBXYgdCflhwWgkiACYNHDctI1Qwe1YxdBIdOz97XDkUMg1KawI3Xh1wSDNeGXBfcFEeL1NiFg49AT0NDTsII0IXKxc/R1w4D2tdFTcHOlwbaFwQBVR9S2QAUjVfZxVJD0tkABYkACNIX39eLghMElhiFUkPS2QACDtLZXFLfVd4AF-NoXGZXHy4FORVIC1xmAUp9X2YBX39eMFkIKAg5SF9/KGcBS2NecEVHfA

54.230.245.98

559 B

URL
d2bkkt3kqfmyo0.cloudfront.net/XVjB6TW41XxQrUSJZHnBXYgdCflhwWgkiACYNHDctI1Qwe1YxdBIdOz97XDkUMg1KawI3Xh1wSDNeGXBfcFEeL1NiFg49AT0NDTsII0IXKxc/R1w4D2tdFTcHOlwbaFwQBVR9S2QAUjVfZxVJD0tkABYkACNIX39eLghMElhiFUkPS2QACDtLZXFLfVd4AF-NoXGZXHy4FORVIC1xmAUp9X2YBX39eMFkIKAg5SF9/KGcBS2NecEVHfA
IP
54.230.245.98:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (795), with no line terminators
Size
559 B (559 bytes)
Hash
075a5fa67db8f9c659e16532a62ebd82
b225e559d93f8bb6d288d720fba54141041f9330
e2be2d2cdf9b8a1d45afe8e3ca69c5f512aeed2e68a425f13086fee774a31813

HTTP Headers

GET /XVjB6TW41XxQrUSJZHnBXYgdCflhwWgkiACYNHDctI1Qwe1YxdBIdOz97XDkUMg1KawI3Xh1wSDNeGXBfcFEeL1NiFg49AT0NDTsII0IXKxc/R1w4D2tdFTcHOlwbaFwQBVR9S2QAUjVfZxVJD0tkABYkACNIX39eLghMElhiFUkPS2QACDtLZXFLfVd4AF-NoXGZXHy4FORVIC1xmAUp9X2YBX39eMFkIKAg5SF9/KGcBS2NecEVHfA HTTP/1.1
Host: d2bkkt3kqfmyo0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyrincelewasgild.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 559
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: diG_D0zGwj7RTFRYi19yCeLWcFRM2YZwqm1fKspA1u0Cn8chGxRGbw==
X-Firefox-Spdy: h2

d2bkkt3kqfmyo0.cloudfront.net/VamRsbGIJCwIKXR4NCFFbWVxaXlNMDh8DDBpZBiolHSI2WyAoUxggNC4OC0oWEABRXEQGBQILX0wBAg9fW0INCABXUEoYEgUPURsUDBEeAQQTDRtKFwtZAQMYAwgADUdYIllCUk9WXEQaW1VJXyBPVlwACwQRFElQWhxUWj1cUElfIE9WXB4UT1ctXVJTSl-xFR1hUCwkBAQtJXiRYVF1cUltUXUlQWgIFHgcMCxRJUCxVXV1MWkIZUVM

54.230.245.98

600 B

URL
d2bkkt3kqfmyo0.cloudfront.net/VamRsbGIJCwIKXR4NCFFbWVxaXlNMDh8DDBpZBiolHSI2WyAoUxggNC4OC0oWEABRXEQGBQILX0wBAg9fW0INCABXUEoYEgUPURsUDBEeAQQTDRtKFwtZAQMYAwgADUdYIllCUk9WXEQaW1VJXyBPVlwACwQRFElQWhxUWj1cUElfIE9WXB4UT1ctXVJTSl-xFR1hUCwkBAQtJXiRYVF1cUltUXUlQWgIFHgcMCxRJUCxVXV1MWkIZUVM
IP
54.230.245.98:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (844), with no line terminators
Size
600 B (600 bytes)
Hash
26f7d673f466578b9cdd3fbf9b4119df
4cca89e57415cb6fda20d49cf0d942ce4f05c6b6
223d6c8074e63a0a7d8131338c5d6c9270a9fcd6cfe62997d500367981d92543

HTTP Headers

GET /VamRsbGIJCwIKXR4NCFFbWVxaXlNMDh8DDBpZBiolHSI2WyAoUxggNC4OC0oWEABRXEQGBQILX0wBAg9fW0INCABXUEoYEgUPURsUDBEeAQQTDRtKFwtZAQMYAwgADUdYIllCUk9WXEQaW1VJXyBPVlwACwQRFElQWhxUWj1cUElfIE9WXB4UT1ctXVJTSl-xFR1hUCwkBAQtJXiRYVF1cUltUXUlQWgIFHgcMCxRJUCxVXV1MWkIZUVM HTTP/1.1
Host: d2bkkt3kqfmyo0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyrincelewasgild.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 600
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kA7cDw6SIU5HSfcsosIM84cWJLodkcQj5E8i7UhiTQtLT2UxzaQWkA==
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGQYjaq0eS46i-0hmjYqwbUBD1d5o0hd0UktsGHIOr0JE6gr5eWDu5EytVAkTpwPR6PQ8eSkA

216.58.207.237

302 Found

401 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGQYjaq0eS46i-0hmjYqwbUBD1d5o0hd0UktsGHIOr0JE6gr5eWDu5EytVAkTpwPR6PQ8eSkA
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:0F:22:73:39:64:7E:80:9B:85:2E:C3:A9:69:6F:0F:93:58:57:95
ValidityMon, 24 Apr 2023 12:01:17 GMT - Mon, 17 Jul 2023 12:01:16 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Size
401 B (401 bytes)
Hash
093986ec7b713420793190d619c737d3
f3d499062acac602dc21e800cb3b1aa0e35afbdf
60bb21fc74d3afc7933aa54a25bcae030b978af89e919f2da42c3f8a8fdec403

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGQYjaq0eS46i-0hmjYqwbUBD1d5o0hd0UktsGHIOr0JE6gr5eWDu5EytVAkTpwPR6PQ8eSkA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:S9u3FE0f_PvklQnMZ6SKUbmybM_EWQ:ag_yS7l-qOIGAyHr;Path=/;Expires=Tue, 20-May-2025 16:21:20 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2130435570%3A1684686080483866&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG2Pjm1VJS7eTMltR32NTuVeuyEYNaU7K1FKVSdVrBV7Gx2NZ1H_J_LLa0UddnEVI7e5ZxRhw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-QsGREvOyHl36cLSosixtCQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2bkkt3kqfmyo0.cloudfront.net/Qcmh3T3ARBxkpTwYBE3JJQVFBeUBUAgQgHgJVNBtJFycdOxQXHjBpBAgMSn9WHgkZKE1UDRksTUNOFisST1xROhFPBRg1GR4EFmpCNF1Zf1VAWF83QUNNRA1VQFgbJh4HEFJ9QApQQRBGRk1EDVVAWAU5VUEpRn9JXFheakJCDxIsGx1NRQlCQllHf0FCWV-J9QBQBBSoWHRBSfTZDWUZhQFQdSn4

54.230.245.98

196 B

URL
d2bkkt3kqfmyo0.cloudfront.net/Qcmh3T3ARBxkpTwYBE3JJQVFBeUBUAgQgHgJVNBtJFycdOxQXHjBpBAgMSn9WHgkZKE1UDRksTUNOFisST1xROhFPBRg1GR4EFmpCNF1Zf1VAWF83QUNNRA1VQFgbJh4HEFJ9QApQQRBGRk1EDVVAWAU5VUEpRn9JXFheakJCDxIsGx1NRQlCQllHf0FCWV-J9QBQBBSoWHRBSfTZDWUZhQFQdSn4
IP
54.230.245.98:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
196 B (196 bytes)
Hash
918100fb319dc76ba5b9e6d7c7d6d824
65aff3034bb4e31574b9935b3a9bff9af6b13682
52ef77eefe66783ecc795e1111a423ab9eae962cbced03f476bc4fa41d4d2af3

HTTP Headers

GET /Qcmh3T3ARBxkpTwYBE3JJQVFBeUBUAgQgHgJVNBtJFycdOxQXHjBpBAgMSn9WHgkZKE1UDRksTUNOFisST1xROhFPBRg1GR4EFmpCNF1Zf1VAWF83QUNNRA1VQFgbJh4HEFJ9QApQQRBGRk1EDVVAWAU5VUEpRn9JXFheakJCDxIsGx1NRQlCQllHf0FCWV-J9QBQBBSoWHRBSfTZDWUZhQFQdSn4 HTTP/1.1
Host: d2bkkt3kqfmyo0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pyrincelewasgild.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 196
date: Sun, 21 May 2023 16:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IR8b2NHJ7Bsi_KhT_T30quH85gRhU98OlmFzA0GkmIhGGnmGwpl8NQ==
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?dsh=S-1375093495%3A1684686080420681&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFMsnO3T370fqI33ZXGsvhbcze5GnnlyTTnTzc6TrqszTSrB2aDHijZxf5Xflgo7SGZZXl-g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

216.58.207.237

403 Forbidden

4.0 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?dsh=S-1375093495%3A1684686080420681&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFMsnO3T370fqI33ZXGsvhbcze5GnnlyTTnTzc6TrqszTSrB2aDHijZxf5Xflgo7SGZZXl-g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
gzip compressed data, max compression\012- data
Size
4.0 kB (4040 bytes)
Hash
de6f31290f86e40d29f0e93f3723f6df
295ec619ad961737184f1c108e7e230bdfd4e5d6
ce77cf2b79012b328008e466f876aa76f0d95b05c2518b5cbd2ea2a7005ff2e7

HTTP Headers

GET /v3/signin/identifier?dsh=S-1375093495%3A1684686080420681&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFFMsnO3T370fqI33ZXGsvhbcze5GnnlyTTnTzc6TrqszTSrB2aDHijZxf5Xflgo7SGZZXl-g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-OgkAZEHtfnGMOkiPU4_8Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

hexrom.com/wp-content/uploads/2021/08/telegram.jpg

172.67.71.40

200 OK

1.1 kB

URL GET HTTP/2
hexrom.com/wp-content/uploads/2021/08/telegram.jpg
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 69x66, components 3\012- data
Size
1.1 kB (1107 bytes)
Hash
017eae532232751aee060e6cadfff81b
1f4ead831b94c822ec048f2bc097fecc0fed6f09
b1fe061cc0fa590e5c191305bea72207662f1a0353485794a6b5a42c77bef00d

HTTP Headers

GET /wp-content/uploads/2021/08/telegram.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/jpeg
content-length: 1107
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1939, status=webp_bigger
expires: Sat, 24 Feb 2024 23:54:34 GMT
last-modified: Tue, 03 Aug 2021 20:27:54 GMT
cf-cache-status: HIT
age: 979566
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsNJJw%2BDjsI7xDgTUYrqJiDuFwfPeivBXd%2BnUqKbQfRtnEba09%2BSXhX%2F0HlXgKMqeCutzQmWMdUymv02rgcots%2F%2BsVF5HL7OdSPdjdQrV4rR9auaQp%2BIoiLdEOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e45dcfb51e-OSL
X-Firefox-Spdy: h2

hexrom.com/images/icon/Jet%20Set%20Radio%20Future.jpg

172.67.71.40

200 OK

20 kB

URL GET HTTP/2
hexrom.com/images/icon/Jet%20Set%20Radio%20Future.jpg
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 176x250, components 3\012- data
Size
20 kB (19755 bytes)
Hash
54ddb62b9637e9d31061b01569b9c406
d83b23ec1ffca2ccad3dc1aa875e4d7cc2bd370a
ca82a84f0f0c59525f7d80de71a99fdaf864b5a35def6dfab190360163080d0a

HTTP Headers

GET /images/icon/Jet%20Set%20Radio%20Future.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/jpeg
content-length: 19755
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=21509, status=webp_bigger
expires: Sat, 18 May 2024 21:01:33 GMT
last-modified: Sat, 04 Jul 2020 10:04:34 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwbezAvXvemmc7QEXWBCKuVe2eFZ5NXnH75Hk%2BoeZR%2ByuEqsHcKzVrnf9PVcYpPLWapNlROmeqEmSt4SLiv56aQZSUrgNLy2O41QfFep8TLMsc7fjWpJtK2%2BjLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e45dccb51e-OSL
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.199.35

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.199.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://hexrom.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6794
last-modified: Sun, 21 May 2023 14:28:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkcjvRhhBVhpRGRu3tGVQGjSvfpMxbCy8UNL7KwWTaPss6gVkbvBg0%2BxSXnKZgZCuzeE76GqbVqTbU7MjFgAIFuwOxYRksJ2NlyWO5PZoWVVNmJnldszXdCjXatj8p4U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e25edb4089-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.199.35

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.199.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://hexrom.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6794
last-modified: Sun, 21 May 2023 14:28:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL3ngktOOZT6d1fNNr7%2BPVTYpsEqBHvfq6of1Q16eUCqH9oaDaYfTj4s2tLrrGuKNbrBZsF3kbiarIwqcN9z%2Bx4WSfREOhg4CDDZ%2Btc2IEcuJDb5u2FQtaX%2BDRkIqvWW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e25ede4089-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

216.58.207.237

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:0F:22:73:39:64:7E:80:9B:85:2E:C3:A9:69:6F:0F:93:58:57:95
ValidityMon, 24 Apr 2023 12:01:17 GMT - Mon, 17 Jul 2023 12:01:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
set-cookie: __Host-GAPS=1:yzif8QiYIQKGqnVCCUVFPe84G1jAUw:TCJdN90y_2YjeIOr; Expires=Tue, 20-May-2025 16:21:20 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFXvv8sEb7DtAauqtS6oncRTUPNYAAEvuFzsI8T-ofMVkiGNoHWdBlfV5JiYe3VHZwtKMomow
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-c37_buuX3uAZmTiFDYUcRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pogothere.xyz/

172.64.199.35

200 OK

26 B

URL GET HTTP/2
pogothere.xyz/
IP
172.64.199.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
36eb91fc17de63eb58de5800c80db776
ddaf2752ca01e5f6f57af93d91cd6071a233a0c7
8f8ba9d9b5b1d325af676b7325e9a85bdc23841715aee07812248e1d2db6f038

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: text/plain
set-cookie: csu=226038962576811@1@1684686080; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://hexrom.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLdYt1ucY7TuIc6%2FNI7kXAbJBEAE6v1d9qPCFNjojzcRGyoY2OAQ4k0YpKJSyJp1Fhr3te9pa3j8WPFHCjv9mVj%2FBGnO4kVJHg0DNGCFnoqI%2B3%2BRVIQ0eaOfMyl2w%2F9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26e23ec14089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hexrom.com/jet-set-radio-future/download/

172.67.71.40

200 OK

34 kB

URL User Request GET HTTP/2
hexrom.com/jet-set-radio-future/download/
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type

Size
34 kB (33885 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jet-set-radio-future/download/ HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: text/html; charset=UTF-8
cf-ray: 7cae26dbc9fbb51e-OSL
vary: Accept-Encoding
cf-cache-status: BYPASS
cf-apo-via: origin,page-rules
cf-edge-cache: cache,platform=wordpress
x-dns-prefetch-control: on
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6qXXXb9onyn8eiLULxoq3r9IKz0HIQJcmzOxIpJBze9FN1boSXk5EyMQuWoJy%2B52uU9As%2FdRVFZRsEK67Bapvzglib8mpm%2B8Ar5C%2FTDBUsTZ6ZAspUWBZA5Oc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

216.58.207.237

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:0F:22:73:39:64:7E:80:9B:85:2E:C3:A9:69:6F:0F:93:58:57:95
ValidityMon, 24 Apr 2023 12:01:17 GMT - Mon, 17 Jul 2023 12:01:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
set-cookie: __Host-GAPS=1:AurxrfZk72BJBvKDffpu-H7w5M_HyQ:8k1rQ2gXNAGFJYEh; Expires=Tue, 20-May-2025 16:21:20 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneGQYjaq0eS46i-0hmjYqwbUBD1d5o0hd0UktsGHIOr0JE6gr5eWDu5EytVAkTpwPR6PQ8eSkA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-JKZy3N4AFSFK2gjb5-u8Lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?dsh=S-2130435570%3A1684686080483866&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG2Pjm1VJS7eTMltR32NTuVeuyEYNaU7K1FKVSdVrBV7Gx2NZ1H_J_LLa0UddnEVI7e5ZxRhw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

216.58.207.237

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?dsh=S-2130435570%3A1684686080483866&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG2Pjm1VJS7eTMltR32NTuVeuyEYNaU7K1FKVSdVrBV7Gx2NZ1H_J_LLa0UddnEVI7e5ZxRhw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
IP
216.58.207.237:443
ASN
#15169 GOOGLE

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?dsh=S-2130435570%3A1684686080483866&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneG2Pjm1VJS7eTMltR32NTuVeuyEYNaU7K1FKVSdVrBV7Gx2NZ1H_J_LLa0UddnEVI7e5ZxRhw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 21 May 2023 16:21:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-AbxsDStcCZU5ZPe7y1jxmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pogothere.xyz/

172.64.199.35

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
172.64.199.35:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
ac93b94ebd89bc019d8094f23b6a899b
95e3106524c5441a133578615dbd9eba770127c1
61984ec47ff28e198d70751c3f90f8f510b163e7763fc97beca3c7d38f36fa86

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hexrom.com/
Origin: https://hexrom.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: text/plain
set-cookie: csu=2099303120310552@1@1684686080; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://hexrom.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIQkrcY%2BvWbqF9oYprhxbcoSSGd7ew%2BttB2%2BjdtjNoSj5WqpfpSO1%2FPBKNZO0uor51FTvqP6Nsr2tqZm6JTToM1tUo6IweOacpUZfKkqolj%2FtTrLf3CqQz8guJ9yDDKU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26e25edc4089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

hexrom.com/images/icon/nocover.jpg

172.67.71.40

200 OK

3.2 kB

URL GET HTTP/2
hexrom.com/images/icon/nocover.jpg
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 225x225, components 3\012- data
Size
3.2 kB (3233 bytes)
Hash
69a53f6152edc761a93e946651ef87a8
dccc91da1e61e9428a162234168aef94383b3711
c1ebc4580537e77ddda3ea42b082f909df79c0ac695edb148b4c23282ecde712

HTTP Headers

GET /images/icon/nocover.jpg HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/jpeg
content-length: 3233
cache-control: public, max-age=31557600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=4294, status=webp_bigger
expires: Sat, 24 Feb 2024 23:54:52 GMT
last-modified: Sat, 07 Nov 2020 15:09:58 GMT
cf-cache-status: HIT
age: 7423228
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmrpwHoerT28p5IwUub2HJgTgVHydvzbaKEOlTj387j%2B2lMT3Hph8ppeoFqdYWFunnro81nyh7Hx%2Flh79FHRI%2FGfiTdnqTIcQ7SiB12blEhwdDvbXrOsnSJUeD0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e45ddbb51e-OSL
X-Firefox-Spdy: h2

rdreamsofcryin.info/popunder.gif

172.67.186.81

200 OK

35 B

URL GET HTTP/3
rdreamsofcryin.info/popunder.gif
IP
172.67.186.81:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerGoogle Trust Services LLC
Subjectrdreamsofcryin.info
Fingerprint16:FC:0A:E4:63:1A:6A:7A:56:55:9C:1B:36:6F:21:55:32:72:7E:F5
ValidityFri, 05 May 2023 13:44:13 GMT - Thu, 03 Aug 2023 13:44:12 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: rdreamsofcryin.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 21 May 2023 16:21:20 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 9040
last-modified: Sun, 21 May 2023 13:50:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rENl4hs0F1%2Fbz8m%2F7bso3oarky8SY5HJS%2FyhUXLeFpGSpskiBS6%2BuQpj3syY84mb6HpNlDYp7aLIpXvw6uKDS9td9Zd%2BEARsPtxIj%2FEaSSa%2B%2FQRbQxghEBcCSlIN8FQcx5kUvYds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cae26e448ce0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

hexrom.com/wp-content/litespeed/css/4bc0347d8d8e7b84de8260bf908de5e1.css?ver=8ed8c

172.67.71.40

200 OK

40 kB

URL GET HTTP/2
hexrom.com/wp-content/litespeed/css/4bc0347d8d8e7b84de8260bf908de5e1.css?ver=8ed8c
IP
172.67.71.40:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hexrom.com/jet-set-radio-future/download/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEA:A1:34:96:63:DD:91:69:B6:2A:45:BA:E2:A7:59:3F:FB:1A:1C:20
ValidityThu, 26 Jan 2023 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT

File type

Size
40 kB (40390 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/litespeed/css/4bc0347d8d8e7b84de8260bf908de5e1.css?ver=8ed8c HTTP/1.1
Host: hexrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hexrom.com/jet-set-radio-future/download/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 21 May 2023 16:21:19 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=40424
expires: Mon, 20 May 2024 16:51:13 GMT
last-modified: Sun, 21 May 2023 10:51:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 17680
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqNdkU55zuqwqdCk8GjtIk0EM2PZlH%2FcO%2F8HM%2B7NHfphRNFVy5qrL37Xf5Iuc5s1W69f7EGd%2FBJ15BdQXf2A%2BX1je6Rhz1Hl1SDq2IOFYfE5VWuC9RGlzjCVbzw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cae26ddbdecb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML