| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashb593eb39329cfe060d55be5e4a5405e2 78e46c1028e9f94f8569303ad2d90d7df13a059a 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 14:07:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xcdDEt28SWzwcZkQqQyRaYtzNIWGroNjdgXVG9l1zAE81AbJqb6BVw==
Age: 171
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash76d5eb597558e3dee0d99719d17e71e0 f3a0f3932fa8059f27dc9422d523b938fa9a7d09 d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8058
Expires: Sun, 11 Sep 2022 16:24:47 GMT
Date: Sun, 11 Sep 2022 14:10:29 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -t0rhsgI8vC_LNvg883-rnlVMZOAWjIi55vYt_5tnGjYnCu4wF0V1w==
age: 24797
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| nxbrew.com/favicon.ico | 104.21.54.76 | 200 OK | 0 B |
IP104.21.54.76:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
vary: X-Forwarded-Proto,User-Agent, Accept-Encoding
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 13:25:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQCdHHpnb9K8BofkM6ZSswKi%2BGjCsyAFnJCtk3M1K5w6LN29vIndFb6TGvw1zikv9cGGSEzmeToTiNsT%2BKjNccrEq658%2BYFu6TVgPI7Tu6%2Fqt%2FTQ1%2FKKhPxjOTNt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcb8bd101bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nxbrew.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7490fcb679c91bfe | 104.21.54.76 | 200 OK | 42 B |
URL HTTP/2nxbrew.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7490fcb679c91bfe IP104.21.54.76:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7490fcb679c91bfe HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 06 Sep 2022 17:30:38 GMT
etag: "631783be-2a"
server: cloudflare
cf-ray: 7490fcb97df51bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 11 Sep 2022 16:10:29 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 13:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 14:22:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h6e_RamvLewnc3e9xjPqYF3wlZA6On6lbinHhSHG71AJqWXQ-35aRQ==
Age: 863
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash26e829ba5f754918e20cbd316dc4348e ba198501da0812dd11ca3b38a51325b5de6cfa60 4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:30 GMT
Last-Modified: Sun, 11 Sep 2022 13:06:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 35.164.183.116 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.164.183.116:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CU9bnV9ncjEmvou0fy7c5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Be4TUcG4JiBF4IimVG4CXF4HW7w=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash65deebab57142db522e6c874673bdd9f bfd022181afaec5035f868ccd05fac58113f81dc 7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash65deebab57142db522e6c874673bdd9f bfd022181afaec5035f868ccd05fac58113f81dc 7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 1.7 kB |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash29cc14c4457b1aa145e171c5d89986f0 e415fd0368c5d028afc4773b83527c11cb1a70d9 60a5a167ad72f70282fc06ba8b4e929ec489cbe5229c9438fdad8e39cec2a447
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09EB0C26850BDD39A30C490F909598DDE568B3D232A40D4B0E12C12B5B6B5A97"
Last-Modified: Fri, 09 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18185
Expires: Sun, 11 Sep 2022 19:13:36 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive
|
|
| d28u86vqawvw52.cloudfront.net/?aqvud=951559 | 54.230.245.117 | 200 OK | 118 kB |
URL HTTP/2d28u86vqawvw52.cloudfront.net/?aqvud=951559 IP54.230.245.117:0
Size118 kB (117670 bytes) Hash81b372f84966d78b46a4a5ec1729b388 c9cb3c4ba26e7e6304b92f5f33cea861b9f75370 7cfb2ee94dd97b9ba535a340c2ce744ab6413e9fcbee748d3cf6bdbbf10e85f7
GET /?aqvud=951559 HTTP/1.1
Host: d28u86vqawvw52.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 116039
date: Sun, 11 Sep 2022 14:10:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7UKHbi3zJ6SNMOqcAYTR-WuPFlze--kIRGvw5vkNij9sayJr28hGvw==
X-Firefox-Spdy: h2
|
|
| nxbrew.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7490fcb679c91bfe | 104.21.54.76 | 200 OK | 30 kB |
URL HTTP/2nxbrew.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7490fcb679c91bfe IP104.21.54.76:0
File typeASCII text, with very long lines (61950), with no line terminators Hash763769c72b728accef756119cb5df725 0dc85b5cac130f7881865a145b6a2d40d1fc2aad 58dc3b2813883ece07e93ddae577f2f2592818aebe3322cf8a2eb5915a2ef81f
GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7490fcb679c91bfe HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/?__cf_chl_rt_tk=hZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulpO702xQZiICEmsIPiSmNhYmaz75LqCB3xK05wbqYe%2FsI7lur9SOUCQSQKtAusXDly%2FtXCT5Ox9FUKHNL5Tew5BwQ%2FJBrv8%2B5nh5LRB2lGLCsIHG1Dg9jUeND2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcb97e061bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| shorantonto.com/fRla010yjjE/53625 | 23.109.248.134 | 200 OK | 26 B |
URL HTTP/1.1shorantonto.com/fRla010yjjE/53625 IP23.109.248.134:0
File typeASCII text, with no line terminators Hash4e5d65669f8dcd928dad06adf883f025 d771713d758c3348dd7e5b38bb40c7935399ae46 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /fRla010yjjE/53625 HTTP/1.1
Host: shorantonto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 14:10:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nxbrew.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 12-Sep-2022 14:10:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 12-Sep-2022 14:10:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash32072ab048df69ad6db8b7e4ac7ea796 c7b466b36a3cc9b0b65a03283128b2a9004ec3c3 9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive
|
|
| shorantonto.com/fRla010yjjE/53625 | 23.109.248.134 | 200 OK | 26 B |
URL HTTP/1.1shorantonto.com/fRla010yjjE/53625 IP23.109.248.134:0
File typeASCII text, with no line terminators Hash4e5d65669f8dcd928dad06adf883f025 d771713d758c3348dd7e5b38bb40c7935399ae46 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
GET /fRla010yjjE/53625 HTTP/1.1
Host: shorantonto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 14:10:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nxbrew.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 645 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash295859ef8cbf9922e82bedd6f10fabcd f4eb6b87a1567fd42702bc8e9c0435abfe993fce 4bd5d61ca895e06d1a452b6cab7a5457776f3b7c026427e4309a4e943999b578
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash32072ab048df69ad6db8b7e4ac7ea796 c7b466b36a3cc9b0b65a03283128b2a9004ec3c3 9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash32072ab048df69ad6db8b7e4ac7ea796 c7b466b36a3cc9b0b65a03283128b2a9004ec3c3 9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 7.3 kB |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd2ca2365d06ca95158f9a15aa970d4ed 286690dbec9e6660f04d8771170b6ab2c3e77c43 bf7c29ebfcecbde51acc8a9cf4d262ea729f560e2ee0b28b011b322f2baba02f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash43e44f5fe147594a8dd7e263eabca2ae 99a970746a212194f339b3fdc7df516af9f2ffdf f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash43e44f5fe147594a8dd7e263eabca2ae 99a970746a212194f339b3fdc7df516af9f2ffdf f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash43e44f5fe147594a8dd7e263eabca2ae 99a970746a212194f339b3fdc7df516af9f2ffdf f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data Hash595fe3fc0b85f3cc9ef5aed2d519abc5 96e76de44987e9dec2f97f1e5eb7a18c738daf5d 747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:59:00 GMT
expires: Wed, 06 Sep 2023 22:59:00 GMT
cache-control: public, max-age=31536000
age: 400291
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| lcreatessque.xyz/ZlRyaEVJaxEbeDM+HgQQHDAaLCksMzZaDC0MJRsAPAUwOxwBN1QcLAJpS110U2FLTjUPME9ZYxUgExwwFWlDTiwIMh1VYxBpQ0Z2UnpAUGtXcgdVdEAgAgkiW2VUGDESOE9Zc1BmS1hwUmZCXnJf | 104.21.81.70 | 204 No Content | 0 B |
URL HTTP/2lcreatessque.xyz/ZlRyaEVJaxEbeDM+HgQQHDAaLCksMzZaDC0MJRsAPAUwOxwBN1QcLAJpS110U2FLTjUPME9ZYxUgExwwFWlDTiwIMh1VYxBpQ0Z2UnpAUGtXcgdVdEAgAgkiW2VUGDESOE9Zc1BmS1hwUmZCXnJf IP104.21.81.70:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZlRyaEVJaxEbeDM+HgQQHDAaLCksMzZaDC0MJRsAPAUwOxwBN1QcLAJpS110U2FLTjUPME9ZYxUgExwwFWlDTiwIMh1VYxBpQ0Z2UnpAUGtXcgdVdEAgAgkiW2VUGDESOE9Zc1BmS1hwUmZCXnJf HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWSEzmwlxzL4bEdjm9DzKfdhbJ7Gv1480%2FSFkCRwzoINTyj10LlScKMGIlQj8C094d8GQYdgrNH8ocXXLYOC2H%2BakghW5epyc22DA8%2BVZu55KVLbomvkhrU%2BaRb4Zk3mQsOY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcc3fad5b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lcreatessque.xyz/dWxlQVZaUwYyaxc4KzYEGSIwAj0dFj8XbjA/PQM9Iy0BADUYOUM1PxFRXHRnQFpVZyYcCFhwblMfESAiAB9YcHAcAgMua1MaWHB4RUJUb2VTGVhwcAEcBCZrREoVNSIZUVR3YEdVVXRiR1xTeW4 | 104.21.81.70 | 204 No Content | 319 B |
URL HTTP/2lcreatessque.xyz/dWxlQVZaUwYyaxc4KzYEGSIwAj0dFj8XbjA/PQM9Iy0BADUYOUM1PxFRXHRnQFpVZyYcCFhwblMfESAiAB9YcHAcAgMua1MaWHB4RUJUb2VTGVhwcAEcBCZrREoVNSIZUVR3YEdVVXRiR1xTeW4 IP104.21.81.70:0
Hash50ca8d7aa9c80db992e9aca5e87703ad f9061acec54d0d503159a20058f9b1b456908936 19f756d6ecdc1ef70b853ebfdffc56080bde1ee53c646ae116e82ef00892de6e
GET /dWxlQVZaUwYyaxc4KzYEGSIwAj0dFj8XbjA/PQM9Iy0BADUYOUM1PxFRXHRnQFpVZyYcCFhwblMfESAiAB9YcHAcAgMua1MaWHB4RUJUb2VTGVhwcAEcBCZrREoVNSIZUVR3YEdVVXRiR1xTeW4 HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlyzIJfgVLlP%2FrcdS6S%2BimI8GtpS0qo%2BhpOtJuPa2RXgDDtHfLAI76m6VXkNjjnvfamjJ0CcPMRMJyMjtZWg48tMu7yaLGWv2IpNh8g4T7SXxublFfJyz%2BKm8Y8Z9x7MzYoJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcc3faddb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lcreatessque.xyz/STVKQXdmCikySipifnMlJ38JFxB8BxhxHxN3JBMzGAQTBxF5Vmw1Hi0Ic3RGfAN7ZwcgUXdwUTpBKzUCOgh7Zx4nUyV8UT8Ie29EfRt4eVl4Ez98Rm9BOiAQdARsMQM9WXdwQX8Hc3FCfQd6d05+ | 104.21.81.70 | 204 No Content | 0 B |
URL HTTP/2lcreatessque.xyz/STVKQXdmCikySipifnMlJ38JFxB8BxhxHxN3JBMzGAQTBxF5Vmw1Hi0Ic3RGfAN7ZwcgUXdwUTpBKzUCOgh7Zx4nUyV8UT8Ie29EfRt4eVl4Ez98Rm9BOiAQdARsMQM9WXdwQX8Hc3FCfQd6d05+ IP104.21.81.70:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /STVKQXdmCikySipifnMlJ38JFxB8BxhxHxN3JBMzGAQTBxF5Vmw1Hi0Ic3RGfAN7ZwcgUXdwUTpBKzUCOgh7Zx4nUyV8UT8Ie29EfRt4eVl4Ez98Rm9BOiAQdARsMQM9WXdwQX8Hc3FCfQd6d05+ HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SImUSG%2FCoXUBnVqNTsgy3PUItTXzCo4joP0VYvMu0Obh9ppiY%2B%2B3NFsfEhiQ01i2f%2B2n7JeVKcKBvX5S0LtECvzrA0AabYNmkqMYR4AMgo8tvu3lyjMVAg0owMc5agQWrGZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcc3fadfb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lcreatessque.xyz/popunder.gif | 104.21.81.70 | 200 OK | 32 kB |
URL HTTP/2lcreatessque.xyz/popunder.gif IP104.21.81.70:0
Hash146bc80f5310c3e33d684b4671ec1364 35057a9b7861a72de3fd3a1da57d5277676eabe0 2e62a9b0a9de3d682747dfddd8d1d2870c522a7f2f44fd4add278a723a7ac53b
GET /popunder.gif HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:31 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 95710
last-modified: Sat, 10 Sep 2022 11:35:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIqXKMtJ0GWnSgtTQxbq3CsAw54At0Mp0KI4lZAHnLaGSvQYUZc0PMve5shwMoFobniDSx5fxR%2BuVQoOmNwH0dhWEHqyno8GuTKbwubFaAAQeIhwrw%2FRRH4Nuf2tPHznr181"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fcc3fadbb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 | 142.250.74.163 | 200 OK | 20 kB |
URL HTTP/2fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 IP142.250.74.163:0
Hash7a6f3e2c576d0bb3cef794dd12dceffa 0059d22832bd170491dc4d49a730352413d6fa4e 3a4b5402a8b749a39afdc6e21570a752616c09576aacd5f84f6a0ccbcd5d6263
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:17:40 GMT
expires: Wed, 06 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 402771
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash43e44f5fe147594a8dd7e263eabca2ae 99a970746a212194f339b3fdc7df516af9f2ffdf f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Sun, 11 Sep 2022 16:52:49 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Sun, 11 Sep 2022 16:52:49 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 6.4 kB |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash34bd80ca813bdf2b3427c7ec1a0a5f2c fbb5d720e11350d544a9a3ea505ccad858740d4b e623cdb7d240d139f9f55c793786f14559d9141b3ac0e062ad23c257a5704cfb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Sun, 11 Sep 2022 16:52:49 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash477fd76de0b69553430d504fe527cc06 88fe80a099e610212f27427ae6fd5b4e03b3df16 f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Sun, 11 Sep 2022 16:52:49 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash84e816d3cca749c83e008e14cd023553 eefe21db0ef06f0776324292f5ebed084ac2f998 d71ac4bc9fb1628ff2eabbda02e88728b16afae46b3133fe992ccaf7735aa656
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D71AC4BC9FB1628FF2EABBDA02E88728B16AFAE46B3133FE992CCAF7735AA656"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16190
Expires: Sun, 11 Sep 2022 18:40:22 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8c35b7f5f8e1b0b24570a41b7d18533a c5b82c9d77851820b8d206573d5c03cd36d27a20 bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnkjEbkwVPPR1stEuMkkuFcQ4WZMDjsuYKA46ZcxejvotwfCG6huhQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:03 GMT
age: 59249
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg | 34.120.237.76 | 200 OK | 43 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg IP34.120.237.76:0
Hash312a1881db69ca0f52ee8cc6dff2a893 b3a575ed8ac3c58f6dbe1192486a20eea549a787 2890b1a46dac660b73c4228afa856175b3f5e5b229b8d1c2a58d5d2e6d40afc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: 39c8c044-5287-47bb-8731-5706c27a73e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0feFFtkIAMF9NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ac59-246e1b7e019965f74db95df0;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FVraudPaXgrkcCLGkaxntfC3h4XtbSfnRgzyp72Wgwb-WgWkDwjYPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 08:44:26 GMT
age: 19566
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe407da4d97d497925b1ab523fd416787 166741631fb93d109b18dde6d316b3fa3276aa8f 707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:57:28 GMT
age: 58384
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg | 34.120.237.76 | 200 OK | 6.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash57d797a1c3f6589746a1135bdb19f54f 7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97 ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 59246
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfea5dfc4a6a5093fd81899ee4a79d446 c893d7475856809a59486e0bcebd6d662d1fc56f 915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YRgmbTGaMvU9Kf47U90cPYhgpXaYgoNVA8ut6LOUStK4UfWahpSqVA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:08 GMT
age: 59364
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=5.1.14 | 142.250.74.10 | 200 OK | 8.5 kB |
URL HTTP/2fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=5.1.14 IP142.250.74.10:0
Hash446b968df8f8048f2c77034d41d80e82 419ca0ea68a73ba862b1f7f1f0e85fb02d8529b4 d7c6238e03d95d28e2770f1f1388849031967beb894bc64d03abbb44251aafb4
GET /css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=5.1.14 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 14:10:31 GMT
date: Sun, 11 Sep 2022 14:10:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| departgross.com/060d8f743e909da8c28a6535c4eec811/invoke.js | 192.243.61.225 | 200 OK | 9.8 kB |
URL HTTP/1.1departgross.com/060d8f743e909da8c28a6535c4eec811/invoke.js IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typeexported SGML document, ASCII text, with very long lines (27004), with no line terminators Hashebcd0cbb8bee7de83391950995427c27 5f1b72de93d3672a19dacdc2121de5c5723c9fdf a167958b8b5881de34716e18900ce6b8c1f43222c520850d2b18346dd50a2218
GET /060d8f743e909da8c28a6535c4eec811/invoke.js HTTP/1.1
Host: departgross.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 11 Sep 2022 14:10:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bca43ab9e877e4d86d1d78b548e1e595
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.118 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.118:0
Hash25e0740748990b9579a321d1b28983a2 849ef01a23e905d5a6c4a5f823fad713aa9a05e7 ec3c3120565756a22cb396a95382340b4a14eb69115c66ae5538190907974f8e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 14:10:32 GMT
Last-Modified: Sun, 11 Sep 2022 13:45:01 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _s2KIdVggSAs3Aipo90Od_dqV_meGfoN47gk6duir6fIB91sYxgtsw==
Age: 1531
|
|
| simplewebanalysis.com/stats | 52.28.172.243 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.28.172.243:0
File typeASCII text, with no line terminators Hash41498cd140d19d2d344936450a4a4807 1f8b42a5528fe6a85fd2e99cdb3f7e8c183f84a3 32fff5d94387a67bf5b89a4aac8921da25e444ec374ad420ad63c66d3b28232e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
set-cookie: uid_id2=10028db7-6ddb-40b1-824f-329f1a433579:1:1; expires=Wed, 08 Sep 2032 14:10:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| s.w.org/images/core/emoji/11.2.0/svg/2728.svg | 192.0.77.48 | 200 OK | 13 kB |
URL HTTP/2s.w.org/images/core/emoji/11.2.0/svg/2728.svg IP192.0.77.48:0
Hasha3cca62f8105171c32f3d63559cc3ff8 eae42181c45366dd39fc20d788d2bae3b8e57404 9c15c63aa7585542032fb0b684f1f4e2a1990152309e38f6ba0beba6e107b985
GET /images/core/emoji/11.2.0/svg/2728.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 18 Jan 2019 01:27:58 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| secure.gravatar.com/avatar/f0ee859a12a8c3371054509430927131?s=96&d=wavatar&r=g | 192.0.73.2 | 200 OK | 8.4 kB |
URL HTTP/2secure.gravatar.com/avatar/f0ee859a12a8c3371054509430927131?s=96&d=wavatar&r=g IP192.0.73.2:0
File typePNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data Hashab2f8f6a434dc3ec402a2b26b0185e60 c654714a0a7ca751b2cd5bff532b1eeb505bd5bd 33a7ddfa6dbdc5fab9e24b947a43b8e75786102d193279be5775a361109d8d95
GET /avatar/f0ee859a12a8c3371054509430927131?s=96&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: image/png
content-length: 8393
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/f0ee859a12a8c3371054509430927131?s=96&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
expires: Sun, 11 Sep 2022 14:15:32 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| secure.gravatar.com/avatar/e85b67de54b37c48dec589f4aca5badb?s=96&d=wavatar&r=g | 192.0.73.2 | 200 OK | 8.7 kB |
URL HTTP/2secure.gravatar.com/avatar/e85b67de54b37c48dec589f4aca5badb?s=96&d=wavatar&r=g IP192.0.73.2:0
File typePNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data Hash2b2e7e8cdccf5b4d804da0a150c8565a 10fa24ec1989bd624f033484ee96b204387c16af a38645b5bca3aedba6535d08141207d365cf3b3b1ad1a981f0d885708b572951
GET /avatar/e85b67de54b37c48dec589f4aca5badb?s=96&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: image/png
content-length: 8694
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/e85b67de54b37c48dec589f4aca5badb?s=96&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
expires: Sun, 11 Sep 2022 14:15:32 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5519d9b94876284556136b01d3dcb35c bce65aca1b9c5663b816af17c5fab2b10e42ef1e b3a83fb0b49eae3710990cd4461e216dea2aca5ba1d6dfbdb4a89dc328fc95ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:32 GMT
Last-Modified: Sun, 11 Sep 2022 12:21:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
|
| secure.gravatar.com/avatar/be03599f480651e7e36e4e7756da0e58?s=96&d=wavatar&r=g | 192.0.73.2 | 200 OK | 10 kB |
URL HTTP/2secure.gravatar.com/avatar/be03599f480651e7e36e4e7756da0e58?s=96&d=wavatar&r=g IP192.0.73.2:0
File typePNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data Hash3e516d70c601253b2c5bf4711db26d1c cb60de7a75f1c576c0eb6a8051ea878b4a9d7d83 2bdf2df5d4d7239482bd00cd3300d80e6f165f1fcccba8051a6281576bd4cfd7
GET /avatar/be03599f480651e7e36e4e7756da0e58?s=96&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: image/png
content-length: 10308
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/be03599f480651e7e36e4e7756da0e58?s=96&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
expires: Sun, 11 Sep 2022 14:15:32 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash8a3f147ac37bcccd79750e4229a8d99b f76459233b24f681045ed0476a63d95a0f12623e 6ecda86d440d58447955acca8d5181db4951cd6f92cd7ad595511d3c9c54d82a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash8a3f147ac37bcccd79750e4229a8d99b f76459233b24f681045ed0476a63d95a0f12623e 6ecda86d440d58447955acca8d5181db4951cd6f92cd7ad595511d3c9c54d82a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 345 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash4ab4266788d64f4bfdc9f1efb429c49a 3533a113e8560a9dc1bb01888a538cf405f86069 17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Sun, 11 Sep 2022 16:57:15 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 345 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash4ab4266788d64f4bfdc9f1efb429c49a 3533a113e8560a9dc1bb01888a538cf405f86069 17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Sun, 11 Sep 2022 16:57:15 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashde9d4a9aea0fa2cc1f309ad17b1f28c6 b9fc91f6dbe64aa1da9c065e801314343b965459 f38ceb11289962edfa3be65c74c2444ffe912552825bb6260bdd569779d1a2ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F38CEB11289962EDFA3BE65C74C2444FFE912552825BB6260BDD569779D1A2EA"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9731
Expires: Sun, 11 Sep 2022 16:52:43 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf9586374bb1bef58a7f21c55bdcccbcf f4dfc53e23c579b828c19a2ab88d095b05d7b8df 545d01bc8dd9ba4d616be5179a3ae220c605bfba00982fd639835ca09a4dc56f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "545D01BC8DD9BA4D616BE5179A3AE220C605BFBA00982FD639835CA09A4DC56F"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10526
Expires: Sun, 11 Sep 2022 17:05:58 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 216.58.207.237 | 302 Found | 398 B |
URL HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP216.58.207.237:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385) Hashf3b31d23b3ecf5eb61b991e5c8c18dad 9e246bf6ae6579ca059bde03fba30d81ad2cf10b 7968592bdc48844bc391e4500f6af8ee7b53db66af24387805e951b3ad32fb93
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 14:10:32 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1894831008%3A1662905432933561&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrZIjb4C-chjV_wgx04zaxAkTCX5coJapD2l9J08-a6T9RPMMLmwDd9vc7EY4v-hEqLORTEQw
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-WgNtEwNF5FUkI2ItGD1ayA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:uasXDbWMyTDndNeifppa6zzMi87j9Q:IiMMokeZbCoos1FX;Path=/;Expires=Tue, 10-Sep-2024 14:10:32 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| d28u86vqawvw52.cloudfront.net/5QXZnTWkiGQkrVjUfA3BQdEdSeFBnHBQiBzFLBAAEc05UewcKIT4DPXFDI2sdOxJafU8tFwkqVGcTCS5UcFAGKQt8RkE5GS4dWiUIOBEKKgQ3FRJrHCBLCiITKBoLLExzMFJjWWREV2URcEdCfitkRFchAC8DH2hbcQ5fezZ3QkJ+K2REVz8fZEUmdF9vRk-5oW3ERAi4CLlNVC1txR1d9WHFHQn9ZJx8VKA8uDkJ/L3hASX1PNEtW | 54.230.245.117 | 200 OK | 569 B |
URL HTTP/2d28u86vqawvw52.cloudfront.net/5QXZnTWkiGQkrVjUfA3BQdEdSeFBnHBQiBzFLBAAEc05UewcKIT4DPXFDI2sdOxJafU8tFwkqVGcTCS5UcFAGKQt8RkE5GS4dWiUIOBEKKgQ3FRJrHCBLCiITKBoLLExzMFJjWWREV2URcEdCfitkRFchAC8DH2hbcQ5fezZ3QkJ+K2REVz8fZEUmdF9vRk-5oW3ERAi4CLlNVC1txR1d9WHFHQn9ZJx8VKA8uDkJ/L3hASX1PNEtW IP54.230.245.117:0
File typeASCII text, with very long lines (780), with no line terminators Hash8748744a9b39645ae1a226f2d0f8f092 d0b0b715ff150f3be4885a97f390b5067918e4ff d56dd1e1800b88777d2dc97facc98141a4defed217c36effad7b45384953e28a
GET /5QXZnTWkiGQkrVjUfA3BQdEdSeFBnHBQiBzFLBAAEc05UewcKIT4DPXFDI2sdOxJafU8tFwkqVGcTCS5UcFAGKQt8RkE5GS4dWiUIOBEKKgQ3FRJrHCBLCiITKBoLLExzMFJjWWREV2URcEdCfitkRFchAC8DH2hbcQ5fezZ3QkJ+K2REVz8fZEUmdF9vRk-5oW3ERAi4CLlNVC1txR1d9WHFHQn9ZJx8VKA8uDkJ/L3hASX1PNEtW HTTP/1.1
Host: d28u86vqawvw52.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 569
date: Sun, 11 Sep 2022 14:10:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _ueJXjLc6Cl7ope0-OpyigLU7WECeWBbvxwM5eLGxRVdJ8t-Lrivnw==
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 216.58.207.237 | 302 Found | 394 B |
URL HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP216.58.207.237:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379) Hash6d745bfaa4755bdc1464d858c3e7492f b7fabb78c369a776203fa82aae06dd969c7d7287 2d5f34a73d9ce68a6897534025f47cfc9b6276e5dba0fc9afb84f1a89a095c53
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 14:10:32 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S487419882%3A1662905432947113&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSnWi2yM3D6i3g1PhuZFZ9coIxyMVOZ4UDTa3vBG-Pxm_q_DlxQIlv_HMVQg9-75OfVLMvIQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-MHG0jJJBb6HGEX7f68i6aw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:VkFzkKaoNxSmPk-VeGmfulCGhF-kgg:cbeYxkTDEPGC7tE5;Path=/;Expires=Tue, 10-Sep-2024 14:10:32 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| d28u86vqawvw52.cloudfront.net/eNWFSS1dWDjwtaEEINnZuAFBnfWcTCyEkOUVcOw9ubTYwL2N9WRAqIHg5dD8tUVxibTtUDzV2cVAPMXZmEwA2KWoFRycqalgOKCI7WQB3eREAT2JuZQVJKnpmEFIQbmUFDTslIk1EYHsvDVcNfWMQUhBuZQUTJG5kdFhkZWccRGB7MFACOSRyBydge2YFUW-N7ZhBTYi0+RwQ0JC8QUxRyYRtRdD5qBA | 54.230.245.117 | 200 OK | 192 B |
URL HTTP/2d28u86vqawvw52.cloudfront.net/eNWFSS1dWDjwtaEEINnZuAFBnfWcTCyEkOUVcOw9ubTYwL2N9WRAqIHg5dD8tUVxibTtUDzV2cVAPMXZmEwA2KWoFRycqalgOKCI7WQB3eREAT2JuZQVJKnpmEFIQbmUFDTslIk1EYHsvDVcNfWMQUhBuZQUTJG5kdFhkZWccRGB7MFACOSRyBydge2YFUW-N7ZhBTYi0+RwQ0JC8QUxRyYRtRdD5qBA IP54.230.245.117:0
File typeASCII text, with no line terminators Hash773f3242182a2301441e5898baec044a 4601512fa974c6eecbd5689640434ab101568199 0c51b51eef6a3e18ea8435a522b4e41a478671a23c99f6a2f3652fb10febfc1b
GET /eNWFSS1dWDjwtaEEINnZuAFBnfWcTCyEkOUVcOw9ubTYwL2N9WRAqIHg5dD8tUVxibTtUDzV2cVAPMXZmEwA2KWoFRycqalgOKCI7WQB3eREAT2JuZQVJKnpmEFIQbmUFDTslIk1EYHsvDVcNfWMQUhBuZQUTJG5kdFhkZWccRGB7MFACOSRyBydge2YFUW-N7ZhBTYi0+RwQ0JC8QUxRyYRtRdD5qBA HTTP/1.1
Host: d28u86vqawvw52.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 192
date: Sun, 11 Sep 2022 14:10:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: npWgHZdO9MCroWR2jeyDHG9T36JcA0sBzxRA_SI8Cz8hswvJeKknEg==
X-Firefox-Spdy: h2
|
|
| s10.histats.com/js15_as.js | 46.105.201.240 | 200 OK | 4.4 kB |
URL HTTP/2s10.histats.com/js15_as.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (11440), with no line terminators Hashed192092c129db6123a3397855f42619 067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:09:54 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 993394955
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
|
|
| oulukdliketo.shop/utx?cb=2wut7G5ZbZ05&top=nxbrew.com&tid=951561 | 143.204.55.49 | 204 No Content | 0 B |
URL HTTP/2oulukdliketo.shop/utx?cb=2wut7G5ZbZ05&top=nxbrew.com&tid=951561 IP143.204.55.49:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=2wut7G5ZbZ05&top=nxbrew.com&tid=951561 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://nxbrew.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 14:11:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9VdFQi8Ld6_YQ-CkX-ci7-FinIvWia5dBjO6u9d-MEMYmOu7al9gqw==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash6c2fea93ba89de81c2b01aaca1a87835 0a7f50001f709285bc10f6ef044ef39a60535bff 6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| d28u86vqawvw52.cloudfront.net/9c0tIZEIQJCYCfQciLFl7Rnp9UnNVITsLLAN2HAUvAwM+KScdCW4QOBd2eEIuEiUvWWQWJStZc1UqLAZ/Q208FC0YdiAFOxQmLwk0ED5uESNOJiceKx8nKUFwNX5mVGdBe2Acc0JueyZnQXskDSwGM21Wcgtzfjt0R257JmdBezoSZ0AKcVJsQ2JtVnIULi-sPLVZ5DlZyQnt4VXJCbnpUJBo5LQItC256IntFZXhCN056 | 54.230.245.117 | 200 OK | 632 B |
URL HTTP/2d28u86vqawvw52.cloudfront.net/9c0tIZEIQJCYCfQciLFl7Rnp9UnNVITsLLAN2HAUvAwM+KScdCW4QOBd2eEIuEiUvWWQWJStZc1UqLAZ/Q208FC0YdiAFOxQmLwk0ED5uESNOJiceKx8nKUFwNX5mVGdBe2Acc0JueyZnQXskDSwGM21Wcgtzfjt0R257JmdBezoSZ0AKcVJsQ2JtVnIULi-sPLVZ5DlZyQnt4VXJCbnpUJBo5LQItC256IntFZXhCN056 IP54.230.245.117:0
File typeASCII text, with very long lines (974), with no line terminators Hash2a780412fe290630e900252e9c5b103a 25455a6e86fcb92d10603f2311aa68ca8ce5be93 bc96a8656ab3da27904b585b469f406bb5211028e2a1bd0df3fcb1f98c5ed59c
GET /9c0tIZEIQJCYCfQciLFl7Rnp9UnNVITsLLAN2HAUvAwM+KScdCW4QOBd2eEIuEiUvWWQWJStZc1UqLAZ/Q208FC0YdiAFOxQmLwk0ED5uESNOJiceKx8nKUFwNX5mVGdBe2Acc0JueyZnQXskDSwGM21Wcgtzfjt0R257JmdBezoSZ0AKcVJsQ2JtVnIULi-sPLVZ5DlZyQnt4VXJCbnpUJBo5LQItC256IntFZXhCN056 HTTP/1.1
Host: d28u86vqawvw52.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 632
date: Sun, 11 Sep 2022 14:10:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Wy2M46Z0wDwg5iMfsHJI4X_thubaOBnvAUQr-wClPPNt03yCS2tu1A==
X-Firefox-Spdy: h2
|
|
| oulukdliketo.shop/utx?cb=dA6fgPKLQ8Wv&top=nxbrew.com&tid=951559 | 143.204.55.49 | 204 No Content | 0 B |
URL HTTP/2oulukdliketo.shop/utx?cb=dA6fgPKLQ8Wv&top=nxbrew.com&tid=951559 IP143.204.55.49:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=dA6fgPKLQ8Wv&top=nxbrew.com&tid=951559 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://nxbrew.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 14:11:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yAckq9G1uR2X4s4uytVcP4VsoBf7s-cFZAOcxfOyvCh8hCYUxs4gtw==
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5519d9b94876284556136b01d3dcb35c bce65aca1b9c5663b816af17c5fab2b10e42ef1e b3a83fb0b49eae3710990cd4461e216dea2aca5ba1d6dfbdb4a89dc328fc95ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6567
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:33 GMT
Last-Modified: Sun, 11 Sep 2022 12:21:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
|
| accounts.google.com/v3/signin/identifier?dsh=S-1894831008%3A1662905432933561&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrZIjb4C-chjV_wgx04zaxAkTCX5coJapD2l9J08-a6T9RPMMLmwDd9vc7EY4v-hEqLORTEQw | 216.58.207.237 | 403 Forbidden | 1.2 kB |
URL HTTP/2accounts.google.com/v3/signin/identifier?dsh=S-1894831008%3A1662905432933561&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrZIjb4C-chjV_wgx04zaxAkTCX5coJapD2l9J08-a6T9RPMMLmwDd9vc7EY4v-hEqLORTEQw IP216.58.207.237:0
Hash16f5a6394f148301d396cee242e8d13b ce68dc64b32f2a14571860bf0f52f7ffccc0e261 e042b86d50e627f8c9c87b3b1a7d637cdb3b36be7f5281441350afe05b1cfa16
GET /v3/signin/identifier?dsh=S-1894831008%3A1662905432933561&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrZIjb4C-chjV_wgx04zaxAkTCX5coJapD2l9J08-a6T9RPMMLmwDd9vc7EY4v-hEqLORTEQw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nxbrew.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 14:10:32 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-lqpGQqAdLskxfZrse1fyqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=nwCdc-peNwp7Z18zwiEzHtFHuZWb_AVppMgVjyLZMx0W2GzCjIcwSl1gHr6X8tvkgDsLP74UawSc7qbJlAvY28ojgja7y3_oR4j-JLR5OLfYGA2YcqE7VviyHwZD8BQ32TTdX6iu44ifSgW998b9J-Y_JuIF120lwV6B2KrSUvY; expires=Mon, 13-Mar-2023 14:10:32 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js | 192.243.59.20 | 200 OK | 29 kB |
URL HTTP/1.1www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators Hash1086aad9cbe6eb08a835691725990114 e7b9e63a675b455fd6cbdc33b8a037a2013e6221 0443bb76d684242cc113b5126f97a6f6602f3386c9162cef0f79cf88a243d2cc
GET /d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 14:10:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2810b68e6a548daae9a5e1118b2684c8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| simplewebanalysis.com/stats | 52.28.172.243 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.28.172.243:0
File typeASCII text, with no line terminators Hash41498cd140d19d2d344936450a4a4807 1f8b42a5528fe6a85fd2e99cdb3f7e8c183f84a3 32fff5d94387a67bf5b89a4aac8921da25e444ec374ad420ad63c66d3b28232e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Cookie: uid_id2=10028db7-6ddb-40b1-824f-329f1a433579:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb32a5e9b733c4d6d00fa0ae101956367 a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997 6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9819
Expires: Sun, 11 Sep 2022 16:54:12 GMT
Date: Sun, 11 Sep 2022 14:10:33 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash35447e91db1a2ed242507a08c643784f 0a892b1cc681fc71816bc7d9faf117aff61f3ce2 8ea6f18b7edf14d2df9483db9daf05e05d6c28d4ba2726e89370a3a7864fcdb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EA6F18B7EDF14D2DF9483DB9DAF05E05D6C28D4BA2726E89370A3A7864FCDB0"
Last-Modified: Sat, 10 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14771
Expires: Sun, 11 Sep 2022 18:16:44 GMT
Date: Sun, 11 Sep 2022 14:10:33 GMT
Connection: keep-alive
|
|
| s4.histats.com/stats/4258988.php?4258988&@f16&@g1&@h1&@i1&@j1662905422093&@k0&@l1&@mNXBrew.com%20%7C%20Free%20Nintendo%20Switch%20Gaming%20XCI%2C%20NSP%20Downloads&@n0&@ohttps%3A%2F%2Fnxbrew.com%2F%3F__cf_chl_tk%3DhZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU&@q0&@r0&@s1033&@ten-US&@u1280&@b1:44727524&@b3:1662905422&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnxbrew.com%2F&@w | 192.99.8.27 | 200 OK | 46 B |
URL HTTP/1.1s4.histats.com/stats/4258988.php?4258988&@f16&@g1&@h1&@i1&@j1662905422093&@k0&@l1&@mNXBrew.com%20%7C%20Free%20Nintendo%20Switch%20Gaming%20XCI%2C%20NSP%20Downloads&@n0&@ohttps%3A%2F%2Fnxbrew.com%2F%3F__cf_chl_tk%3DhZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU&@q0&@r0&@s1033&@ten-US&@u1280&@b1:44727524&@b3:1662905422&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnxbrew.com%2F&@w IP192.99.8.27:0
File typeASCII text, with no line terminators Hash369d74e837308f698426cf95f3fd66de ca175662464691e05c3648f0ec6f815e136ef3be de9b0208a8feca31e200d6fa8c3356c0c6ee8c41d8430a64cd4dc6e2e7e5d134
GET /stats/4258988.php?4258988&@f16&@g1&@h1&@i1&@j1662905422093&@k0&@l1&@mNXBrew.com%20%7C%20Free%20Nintendo%20Switch%20Gaming%20XCI%2C%20NSP%20Downloads&@n0&@ohttps%3A%2F%2Fnxbrew.com%2F%3F__cf_chl_tk%3DhZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU&@q0&@r0&@s1033&@ten-US&@u1280&@b1:44727524&@b3:1662905422&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnxbrew.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:10:33 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 46
Connection: close
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb32a5e9b733c4d6d00fa0ae101956367 a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997 6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9819
Expires: Sun, 11 Sep 2022 16:54:12 GMT
Date: Sun, 11 Sep 2022 14:10:33 GMT
Connection: keep-alive
|
|
| www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid= | 192.243.59.20 | 307 Temporary Redirect | 0 B |
URL HTTP/1.1www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid= IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid= HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 14:10:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nxbrew.com
Access-Control-Allow-Origin: https://nxbrew.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=&shu=ed68c44f757c093d90b648705e7a8f48df215601b524cdb83c50cf3302d58328845c53e465148c09c7b18f7179f81d95f952a0465159a96de013724b8729c748fe0e18485b8d2ddc02fc03005258ea9cfdfa16&pst=1662905493&rmtc=t
Set-Cookie: u_pl=15120059; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMDA1OSwiayI6IjA2MGQ4Zjc0M2U5MDlkYThjMjhhNjUzNWM0ZWVjODExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDQ3MDUsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJza2N0ZTRibiIsImNwa3MiOnsgIjI4IjoiZDc0YzQ3MWRmOThmMjRkNmQyYjM2NzI2Y2I4OGFkMGYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL254YnJldy5jb20vIn19.Bi20eqn_zVAt2QIH2TU4qYNalvOQGb5qAXS8uTBq1g0; expires=Sun, 11 Sep 2022 14:11:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9d52cfac8bbcff09333c7de01e7b68a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| pogothere.xyz/ | 104.21.86.231 | 200 OK | 28 B |
IP104.21.86.231:0
File typeASCII text, with no line terminators Hash4221c68aa5b0efa6cf22e3a795ea1c52 da3892691c1beae5cfab01e395cacb3465c2a54a bd9cb5d64c9aa014414f888f2454a5ce453cff5bf3ae00f3b213d967e09f783f
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: text/plain
set-cookie: csu=2110500594233376@1@1662905433; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08vGeKhxlyw6kT0DsAD3eQZGJXQbaiJvKZHa3H1X6NSCxx3fN0A8o%2FSedB4uDTr8arRpTC1LwRc%2FVnwVUc1VSwwL5zoHIrfOe7wyv8kXMiKNjj%2B9V4Kbsmav%2ByM4%2BbGs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fccc89160b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=&shu=ed68c44f757c093d90b648705e7a8f48df215601b524cdb83c50cf3302d58328845c53e465148c09c7b18f7179f81d95f952a0465159a96de013724b8729c748fe0e18485b8d2ddc02fc03005258ea9cfdfa16&pst=1662905493&rmtc=t | 192.243.59.20 | 200 OK | 2.1 kB |
URL HTTP/1.1www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=&shu=ed68c44f757c093d90b648705e7a8f48df215601b524cdb83c50cf3302d58328845c53e465148c09c7b18f7179f81d95f952a0465159a96de013724b8729c748fe0e18485b8d2ddc02fc03005258ea9cfdfa16&pst=1662905493&rmtc=t IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document, ASCII text, with very long lines (2581) Hash3cbb1cde6b81df2f1a000b95e63fb383 42086edfd2f8e2277003526342dcf09592f1ef0a c17a247c4e31e77543a408f040c96ba6ac308bd462d9d8682f0e33770acf62cb
GET /watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=&shu=ed68c44f757c093d90b648705e7a8f48df215601b524cdb83c50cf3302d58328845c53e465148c09c7b18f7179f81d95f952a0465159a96de013724b8729c748fe0e18485b8d2ddc02fc03005258ea9cfdfa16&pst=1662905493&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Referer: https://nxbrew.com/
Connection: keep-alive
Cookie: u_pl=15120059; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMDA1OSwiayI6IjA2MGQ4Zjc0M2U5MDlkYThjMjhhNjUzNWM0ZWVjODExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDQ3MDUsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJza2N0ZTRibiIsImNwa3MiOnsgIjI4IjoiZDc0YzQ3MWRmOThmMjRkNmQyYjM2NzI2Y2I4OGFkMGYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL254YnJldy5jb20vIn19.Bi20eqn_zVAt2QIH2TU4qYNalvOQGb5qAXS8uTBq1g0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 14:10:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nxbrew.com
Access-Control-Allow-Origin: https://nxbrew.com
Access-Control-Allow-Credentials: true
Set-Cookie: iprc3c08781e23d2d6a37ff5aadac0d24582=3569805; expires=Sun, 11 Sep 2022 18:10:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
uncs=1; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
pdhtkv25=true; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
uncs25=1; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c05c47c0d344ca0639f9d3c9d30d1527
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| s10.histats.com/counters/cc_1033.js | 46.105.201.240 | 200 OK | 5.6 kB |
URL HTTP/2s10.histats.com/counters/cc_1033.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (15425), with no line terminators Hash39bd345b9bdae7b62238cc91633d4224 12fd38b309bb412f0f5c8ce680d90424b638c1e8 a8eb8ad364cdc23599d9bf5ee34657e847646e54077d85cd60552b22efc3a9ea
GET /counters/cc_1033.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:05:43 GMT
etag: "77917907"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 918193189
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5570
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 52.28.172.243 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.28.172.243:0
File typeASCII text, with no line terminators Hash41498cd140d19d2d344936450a4a4807 1f8b42a5528fe6a85fd2e99cdb3f7e8c183f84a3 32fff5d94387a67bf5b89a4aac8921da25e444ec374ad420ad63c66d3b28232e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Cookie: uid_id2=10028db7-6ddb-40b1-824f-329f1a433579:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha1543fa75949583b4223a1d3f0f8b937 fe06a05582a0cdc1cde39f17fac440a1d43495ab 46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8701
Expires: Sun, 11 Sep 2022 16:35:34 GMT
Date: Sun, 11 Sep 2022 14:10:33 GMT
Connection: keep-alive
|
|
| cdn.cloudimagesb.com/cti/de/3f/62/de3f624c0734dbfc05348cda21b5c98d/1658920011.png | 45.133.44.9 | 200 OK | 214 kB |
URL HTTP/2cdn.cloudimagesb.com/cti/de/3f/62/de3f624c0734dbfc05348cda21b5c98d/1658920011.png IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data Size214 kB (213839 bytes) Hash1d5c0c87729ad8b2ac5175c523b4968f a56f93542e7ee8728fc8334d7cc5f4b53c080278 01c52194020d1ab2c4ada1c8fde8fe082ea4d3e80e03b3562e0d4a21c0616ab5
GET /cti/de/3f/62/de3f624c0734dbfc05348cda21b5c98d/1658920011.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: image/png
content-length: 213839
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:06:58 GMT
etag: "62e11c52-3434f"
expires: Tue, 13 Sep 2022 14:10:33 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash090a097732f15b625208ab10faeea110 33b4fbb528d5b24e6edeebec3887e9b92bed4272 dd912cb8f4b18a02f086446af981c96af8de389bb8872f8bb6dd76cb5b018194
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD912CB8F4B18A02F086446AF981C96AF8DE389BB8872F8BB6DD76CB5B018194"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9734
Expires: Sun, 11 Sep 2022 16:52:48 GMT
Date: Sun, 11 Sep 2022 14:10:34 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=10028db7-6ddb-40b1-824f-329f1a433579&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=10028db7-6ddb-40b1-824f-329f1a433579&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=10028db7-6ddb-40b1-824f-329f1a433579&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 11 Sep 2022 14:10:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c7efc81c218d9a7e416851ef00c5970
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| accounts.google.com/v3/signin/identifier?dsh=S487419882%3A1662905432947113&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSnWi2yM3D6i3g1PhuZFZ9coIxyMVOZ4UDTa3vBG-Pxm_q_DlxQIlv_HMVQg9-75OfVLMvIQ | 216.58.207.237 | 403 Forbidden | 0 B |
URL HTTP/2accounts.google.com/v3/signin/identifier?dsh=S487419882%3A1662905432947113&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSnWi2yM3D6i3g1PhuZFZ9coIxyMVOZ4UDTa3vBG-Pxm_q_DlxQIlv_HMVQg9-75OfVLMvIQ IP216.58.207.237:0
GET /v3/signin/identifier?dsh=S487419882%3A1662905432947113&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSnWi2yM3D6i3g1PhuZFZ9coIxyMVOZ4UDTa3vBG-Pxm_q_DlxQIlv_HMVQg9-75OfVLMvIQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nxbrew.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 14:10:33 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-ALV7WDNinWsAEhm6o3bJ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=MbRcuqe0AzY7-s8wp-_Y-n4J7Wm1zZ6Lm30qbENzeKGCA4WTxuGB76ERCpLX3tpbC8p9s0aGw2_RdlFF_iynCIur8-1wf2qm0QJa45-M9vimY3fOKdhgeV6QgdMIIvBTovtCRjGAOsrfQmZnHjfywZ6HrmkaLimEEVd1HM4Ucrk; expires=Mon, 13-Mar-2023 14:10:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/asd100.bin | 104.21.86.231 | 200 OK | 0 B |
IP104.21.86.231:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 11:52:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGLObobaHsBZVCFU5zds8bD5r6KYgR0ULLUt4vwarhLLaEXZwu5vdrF2UOzMmz7jJUXqZkMj%2B6N36gw4Hr0oLFRzV7nUHJy%2FgUAAlVBVANO05b8cZkKSm2pev9L79CBI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fccbc80d0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nxbrew.com/cdn-cgi/styles/challenges.css | 104.21.54.76 | 200 OK | 0 B |
URL HTTP/2nxbrew.com/cdn-cgi/styles/challenges.css IP104.21.54.76:0
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: text/css
last-modified: Tue, 06 Sep 2022 17:30:38 GMT
etag: W/"631783be-1896"
server: cloudflare
cf-ray: 7490fcb8bd0a1bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 11 Sep 2022 16:10:29 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp | 157.240.200.35 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp IP157.240.200.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5xEkqkfHjk13URKQvXVEpZUibSrbmzWz8zgUJbJZ8UkgaJScjM2KVE2c5lGjsoSJbjZaalnvPQC1OOAbV/wLKw==
date: Sun, 11 Sep 2022 14:10:32 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/ | 104.21.86.231 | 200 OK | 0 B |
IP104.21.86.231:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: text/plain
set-cookie: csu=1735513755628117@1@1662905432; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkyWY4YIdXxDZGZOLPpzf2VD4udncKVkP%2BmT6JzeNI2liFoIAYc6H4rc0DUx5ElmEUmMvQqrsp8TfFFHaEQin3MdUQ57iJKTEdXUzb%2FZoT77sqHoICXg%2BBxuH6UH8uFe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fccbb8080b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/asd100.bin | 104.21.86.231 | 200 OK | 0 B |
IP104.21.86.231:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 11:52:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qtObmUeysoB%2Fgm3f8vtZd16vlCsLdbzgBVA1NRYIb8OafNI7gpcXGaRB%2BYENSywcvmpA77yaOa2zWllhVjEQHSm3we2LRqZsn82MqUi2LMKGBgbRwWaLRSn51vUjw7e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fccbb80a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nxbrew.com/ | 104.21.54.76 | 503 Service Unavailable | 0 B |
IP104.21.54.76:0
GET / HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 503 Service Unavailable
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gs%2FpJmLX0C6VvBa0IA%2F%2Fd6M8pElMIGTdXmus33yviky1pEyLpx1TC%2F7eX9TAYfLxgcSW3Br9kGsZdcZNg7JkTyCBZz6bP2fHYcQX527L6tvfXjeRvp0hhm%2Fi3rxc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fcb679c91bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| addresseepaper.com/sfp.js | 104.21.234.254 | 200 OK | 0 B |
URL HTTP/2addresseepaper.com/sfp.js IP104.21.234.254:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 862b5915bb82bfc4dd54b5f87bba306e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 14:10:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ADiyJsGis%2B2gqLp2sUmNS%2BF8SwvsNn6%2FFLDNhhR8zXrg5hTZGSgIM%2BQSyvERZj9K16o24S57TAjlBPXel%2BaDMs0%2Ft9kvvQgBPQLq7yARpF6QgcM3zZlRCVrZjY4NQVMPezlKIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fcce0dda71c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|