Report - nxbrew.com/

Report Overview

Submitted URL
nxbrew.com/
IP
172.67.136.194
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-11 14:10:41
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
lcreatessque.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	35 kB	104.21.81.70
s.w.org	748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	13 kB	192.0.77.48
pogothere.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	3.4 kB	104.21.86.231
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
nxbrew.com	13914	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	33 kB	104.21.54.76
d28u86vqawvw52.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	121 kB	54.230.245.117
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	14 kB	95.101.11.115
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	77 kB	34.120.237.76
departgross.com	288428	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	11 kB	192.243.61.225
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	964 B	104.21.234.254
shorantonto.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.9 kB	23.109.248.134
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	458 B	9.2 kB	142.250.74.10
www.profitabledisplaycontent.com	138390	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	35 kB	192.243.59.20
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	214 kB	45.133.44.9
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	961 B	52.28.172.243
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	8.9 kB	216.58.207.237
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	2.9 kB	157.240.200.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.164.183.116
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.118
s10.histats.com	15211	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	711 B	11 kB	46.105.201.240
oulukdliketo.shop	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	1.3 kB	143.204.55.49
s4.histats.com	12782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	722 B	178 B	192.99.8.27
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	18 kB	95.101.11.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	6.3 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	37 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
secure.gravatar.com	1671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	29 kB	192.0.73.2
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	677 B	423 B	192.243.61.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-11	medium	unseenreport.com	Sinkholed

JavaScript (45)

	URL	Size	First Seen	Last Seen
	nxbrew.com/wp-includes/js/jquery/jquery.js?ver=1.12.4	97 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-05-10 21:03:54 Times Seen17937 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	nxbrew.com/	329 B	2023-03-07	2024-05-10
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 17:16:25 Times Seen3757 Hash 03d6d38af8c34d50a7d4f77919f3f6c7 90e18129a2b50addce02c98c923534d242233216 9f7a87d73cf34cd5d76d600a5ce326ac1ce32a021067b1bb50587fa488b13444 Loading...

	d28u86vqawvw52.cloudfront.net/eNWFSS1dWDjwtaEEINnZuAFBnfWcTCyEkOUVcOw9ubTYwL2N9WRAqIHg5dD8tUVxibTtUDzV2cVAPMXZmEwA2KWoFRycqalgOKCI7WQB3eREAT2JuZQVJKnpmEFIQbmUFDTslIk1EYHsvDVcNfWMQUhBuZQUTJG5kdFhkZWccRGB7MFACOSRyBydge2YFUW-N7ZhBTYi0+RwQ0JC8QUxRyYRtRdD5qBA	199 B	2023-03-07	2023-03-07
Pretty URL d28u86vqawvw52.cloudfront.net/eNWFSS1dWDjwtaEEINnZuAFBnfWcTCyEkOUVcOw9ubTYwL2N9WRAqIHg5dD8tUVxibTtUDzV2cVAPMXZmEwA2KWoFRycqalgOKCI7WQB3eREAT2JuZQVJKnpmEFIQbmUFDTslIk1EYHsvDVcNfWMQUhBuZQUTJG5kdFhkZWccRGB7MFACOSRyBydge2YFUW-N7ZhBTYi0+RwQ0JC8QUxRyYRtRdD5qBA IP 54.230.245.117 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash d3a90e56e7f889db63fbfa3ec5655b2e 0e9c7dd5997a0ce8f1bb3a2eac8bbc104567aa6b 922bc4ce6edf7a812a2a753dfb7a72364e000e845c5dde1249bb45bda2153648 Loading...

	www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js	85 kB	2023-03-07	2023-03-07
Pretty URL www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash fefac94d9f0a77b7f1a2c28e9b177865 ea937dd2710daac7fd90e0d58d842c205e132b8a 7b6cf518b86ddd083e9ef07d6bd0115f89a41271cbde0f5c5980bdad6e2f5f61 Loading...

	s10.histats.com/counters/cc_1033.js	15 kB	2023-03-07	2023-03-13
Pretty URL s10.histats.com/counters/cc_1033.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-13 01:43:37 Times Seen1 Hash a58c95c6e79f8f9460fb9ff2456b01c8 f77d9d6999249b327ee78d0e735d0a098619e8c2 734c14e84ff8761bc051ed5aaaf859e6405762c676239af86a63243231e01173 Loading...

	nxbrew.com/wp-content/themes/boxstyle/js/jq-sticky-anything.min.js?ver=5.1.14	4.8 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-content/themes/boxstyle/js/jq-sticky-anything.min.js?ver=5.1.14 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:49 Last Seen2024-05-10 09:13:24 Times Seen418 Hash c1ee5c04018a1cd6b43b638266b97bd4 7fade358eb21dbc338e7cecb66d3439a4c5777e5 f134232a9a19dd6ab40fd09f335cb368f4441e2573462dea23b6201274d0b70b Loading...

	nxbrew.com/	1.0 kB	2023-03-07	2023-03-07
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash 4a1943f3cecc67fe5fa27f72e238c98e acdb2377aadcb7043fad64d1376f8e957d43d77e 1a4cec59265c7d3c06ff26e670e67bff912a73b9038c4490d4f4c31eb243288b Loading...

	nxbrew.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	10 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-05-10 23:42:22 Times Seen37736 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	nxbrew.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.1.14	23 kB	2023-03-07	2024-05-09
Pretty URL nxbrew.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.1.14 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:12 Last Seen2024-05-09 16:30:04 Times Seen1348 Hash 3229aa93c44fa4628707e80959a97bc1 5a2d4dbc4d1df02e7a386489e7b5c5a9e22dd40f 095834cc86bd018fdb4a9e31c99f9f96904b819be2b9dc16b3390383288d4d90 Loading...

	nxbrew.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.14	12 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.14 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:16 Last Seen2024-05-10 13:34:40 Times Seen2129 Hash 33479c6b333bb34fd771bf50df1fefc3 4869e92709eee1d1a42a697a80879e303aea7572 d9160bf5ee2c9435a62c8b1d991b7f419417cab5d5a37eefcee79767a292b4b7 Loading...

	d28u86vqawvw52.cloudfront.net/5QXZnTWkiGQkrVjUfA3BQdEdSeFBnHBQiBzFLBAAEc05UewcKIT4DPXFDI2sdOxJafU8tFwkqVGcTCS5UcFAGKQt8RkE5GS4dWiUIOBEKKgQ3FRJrHCBLCiITKBoLLExzMFJjWWREV2URcEdCfitkRFchAC8DH2hbcQ5fezZ3QkJ+K2REVz8fZEUmdF9vRk-5oW3ERAi4CLlNVC1txR1d9WHFHQn9ZJx8VKA8uDkJ/L3hASX1PNEtW	780 B	2023-03-07	2023-03-07
Pretty URL d28u86vqawvw52.cloudfront.net/5QXZnTWkiGQkrVjUfA3BQdEdSeFBnHBQiBzFLBAAEc05UewcKIT4DPXFDI2sdOxJafU8tFwkqVGcTCS5UcFAGKQt8RkE5GS4dWiUIOBEKKgQ3FRJrHCBLCiITKBoLLExzMFJjWWREV2URcEdCfitkRFchAC8DH2hbcQ5fezZ3QkJ+K2REVz8fZEUmdF9vRk-5oW3ERAi4CLlNVC1txR1d9WHFHQn9ZJx8VKA8uDkJ/L3hASX1PNEtW IP 54.230.245.117 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash 47156de27fc52fa7e969f8ecae5ac539 7b3e01e1dde51cf43615349de3ce28c0a91fc0d5 d213bf734104d1677e352dba33017da0c38dfc82aa65b48faba683fbf4aca732 Loading...

	nxbrew.com/	192 B	2023-03-07	2023-03-07
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash 87b7ddacba6f0156d08a2a51a1255326 f6345cc4a1de8d77d98c2e68d462a44ffd0ee503 fd9a1c2f80cfb06624527f70b9d15670ea077f3ed78cf9e31196356597f22776 Loading...

	nxbrew.com/	2.9 kB	2023-03-07	2023-03-07
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash dbe1d2a0c5cbfdb44e7df009bd98646f 016d8c4e1b634e53138a57b278a3ff9929edbaee beea4b5736269eea458ffe5faca9dd9ea67cc4fc7a118870fd9448206313cfb2 Loading...

	nxbrew.com/wp-includes/js/underscore.min.js?ver=1.8.3	16 kB	2023-03-07	2024-05-08
Pretty URL nxbrew.com/wp-includes/js/underscore.min.js?ver=1.8.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:46 Last Seen2024-05-08 19:08:24 Times Seen978 Hash 531c690707d18f60906bdf12d2ade193 0bddd39d059105bec8a13d3594b95e19146ee13d e5f5736867880dc34e00e9d915d49094d5aa572c73771e87a082bd721b5a4f7c Loading...

	nxbrew.com/wp-content/plugins/ultimate-post-list/public/js/ultimate-post-list-public.min.js?ver=5.2.6	594 B	2023-03-07	2023-11-24
Pretty URL nxbrew.com/wp-content/plugins/ultimate-post-list/public/js/ultimate-post-list-public.min.js?ver=5.2.6 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-11-24 17:02:37 Times Seen15 Hash 7bd0f5d0b9dd1bc5001160f4b12073ae b2432bd8f64d1902005536928d28f15b96167a9e 2c68193c59a04f54b16f06d7a0b1c63fa06e29365502a06f5cacea5731d41a7f Loading...

	nxbrew.com/	334 B	2023-03-07	2023-03-07
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash 664dd997cbc30e298fe98b82e700652f 8c48588ec4d7a55e47f5e1d6ea9cd7cd6e00d5ad 69eed3e7d4bfc5c57fc05ca146fa89fe0dc0ea81e2a462fefdfc607ce6f79530 Loading...

	nxbrew.com/wp-content/themes/boxstyle/js/jquery.fitvids.js?ver=5.1.14	3.3 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-content/themes/boxstyle/js/jquery.fitvids.js?ver=5.1.14 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:02 Last Seen2024-05-10 09:13:24 Times Seen559 Hash 6e0892565e2b1daaa774e779447293ae e195dcaa1ad9b1aa1fb73e835426bc9ece4790f1 9c29ff6cb8ebb7a83af704c02a235b37fd77ce8cc48d87aaef2bfd9727fbd166 Loading...

	nxbrew.com/	209 B	2023-03-07	2023-03-13
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-13 01:43:37 Times Seen1 Hash 5f39465b8cf22e30c00dc9ada8c69947 2fcd4b8666afe23a8a7922dccce577885cfc9264 ea9dc12922762521a2ba9ce47cc5f39620240842ac0fbabbbe8b24aa84371017 Loading...

	http:blank	3.2 kB	2023-03-07	2023-03-07
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash b21b9fd60cb2cb6c81dd3847b4e4cde5 3e1b8ae8502de4a81257177a7e7ec7249d50eccf 51f03115a7b00498a92c2097579a7ed5ca69bd19c0eade04e1c3e3cac74a0fa8 Loading...

	nxbrew.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7490fcb679c91bfe	62 kB	2023-03-07	2023-03-07
Pretty URL nxbrew.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7490fcb679c91bfe IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash 65bdeb1a663ad43b6b335ef1c0111940 99d8a23cbe958db2164b5ed068c9e87f9671b657 775d73537b3c4e1702631cbc5ac33b2f96d39a4dc8f3ad38ba9211a9ddba51f2 Loading...

	nxbrew.com/wp-content/themes/boxstyle/js/jquery.flexslider.min.js?ver=5.1.14	17 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-content/themes/boxstyle/js/jquery.flexslider.min.js?ver=5.1.14 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:25 Last Seen2024-05-10 09:13:24 Times Seen289 Hash 6740c254abb1f3c24c554616a8cced91 ac0e2d049d46559ecb9176184e798beda4f774c0 f3dce99e558cff8cbd5f975a0a8682e79de9fc5946878229035cf75e09b51215 Loading...

	nxbrew.com/wp-content/themes/boxstyle/js/nav.js?ver=1658242377	9.1 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-content/themes/boxstyle/js/nav.js?ver=1658242377 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:38 Last Seen2024-05-10 09:13:23 Times Seen452 Hash 0133febd7b73b55f693f91eb81a495f6 10ed53f66c469cb4b5b8d68aedb43a6e940cc365 bcd1fc77d1d8787ac24a9383e483152dc4c59dbe2367e6081029b5158e44a065 Loading...

	nxbrew.com/wp-content/themes/boxstyle/js/scripts.js?ver=5.1.14	4.8 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-content/themes/boxstyle/js/scripts.js?ver=5.1.14 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2024-05-10 09:13:24 Times Seen101 Hash fb6bf68f61bdb865ebc7e85906b2f3bd d36c7d371501e238bd66462c440eacf2517a3186 d13a686f2e0fa30cd88a28f9ad691578ac4117c2044742dfda3f940db526f842 Loading...

	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-05-03
Pretty URL s10.histats.com/js15_as.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-03 06:50:30 Times Seen1983 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 00:16:28 Times Seen37531097 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	nxbrew.com/	448 B	2023-03-07	2023-03-07
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash b81e137319b2f92f3c5e6e58ef4c8697 aff5395d0bd91949db39369878ea517f1c330ddf 3916eecfe87d485c86e0699f83c29279b6304ab9278f0a7ecc899f64addb7ebd Loading...

	nxbrew.com/	430 B	2023-03-07	2023-03-13
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-13 01:43:37 Times Seen1 Hash d29333cee8a0ff53ffb616526085c594 e03af92c816a512f4732d159b4d636cb94bfd2c2 b846923e791db293d9c498f15c4a0cdd31cfaba61aecd5c0a124e8f7982bdaea Loading...

	nxbrew.com/wp-content/themes/boxstyle/js/cookie.min.js?ver=2.2.0	2.0 kB	2023-03-07	2024-01-21
Pretty URL nxbrew.com/wp-content/themes/boxstyle/js/cookie.min.js?ver=2.2.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2024-01-21 04:00:29 Times Seen93 Hash f495e3e7f00c2ffb4537ddf4973c5189 be7af21cf821ff4f78863f3ce7e3727c26171ffa 67f917a012acb162742da731a6a432b84f9a2a1450ec11afc61d6c4f1956365d Loading...

	nxbrew.com/wp-content/themes/boxstyle/js/switch.js?ver=2.0	835 B	2023-03-07	2024-01-21
Pretty URL nxbrew.com/wp-content/themes/boxstyle/js/switch.js?ver=2.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2024-01-21 04:00:29 Times Seen88 Hash 5b7a9524ad5114526ce1286635a2b370 9a488400f652075a3df5ca84bc16d1ffe7eacbf9 45e38143c4e64ff112d5e20b94316ee134475c59e2eb019381834b02881ca990 Loading...

	nxbrew.com/	17 B	2023-03-07	2023-04-05
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2023-04-05 02:12:11 Times Seen1946 Hash 8ff8851cc2351b1ece0667fc38808aca 1948720040e391039821b5f1e0ffb994f42af529 39dc54b6b6d6d57f0d76b09b6e775fa9bf57418049cbb68c31fa4176a8b81175 Loading...

	nxbrew.com/	94 B	2023-03-07	2024-05-10
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:14 Last Seen2024-05-10 09:13:23 Times Seen1969 Hash ef4c6f4ed2791029af6637c1ccd58340 ba0d690b1bec64d3a7d573abfe61416d9845e66a 9227f383e313ecc066c659fa9a86bfbbb5e3c828d16a096701b5775cdff65f25 Loading...

	nxbrew.com/	2.0 kB	2023-03-07	2023-03-07
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash 4cc4c8ea047384af8f4defb5b32da94c 8ac9abb934347bbca24b24c1bd1e30c5eba865dd 0dfbe21a56697b49a2d8e468927507786c902be7483e94ff5d059c8f4df77a18 Loading...

	nxbrew.com/wp-includes/js/wp-embed.min.js?ver=5.1.14	1.4 kB	2023-03-07	2024-05-03
Pretty URL nxbrew.com/wp-includes/js/wp-embed.min.js?ver=5.1.14 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-03 17:17:19 Times Seen2999 Hash 570ae0f3c201604926ea599d3d1f6c04 2c29243a73660964d4712b969d2a15e27777bc14 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b Loading...

	s4.histats.com/stats/4258988.php?4258988&@f16&@g1&@h1&@i1&@j1662905422093&@k0&@l1&@mNXBrew.com%20%7C%20Free%20Nintendo%20Switch%20Gaming%20XCI%2C%20NSP%20Downloads&@n0&@ohttps%3A%2F%2Fnxbrew.com%2F%3F__cf_chl_tk%3DhZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU&@q0&@r0&@s1033&@ten-US&@u1280&@b1:44727524&@b3:1662905422&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnxbrew.com%2F&@w	46 B	2023-03-07	2023-03-07
Pretty URL s4.histats.com/stats/4258988.php?4258988&@f16&@g1&@h1&@i1&@j1662905422093&@k0&@l1&@mNXBrew.com%20%7C%20Free%20Nintendo%20Switch%20Gaming%20XCI%2C%20NSP%20Downloads&@n0&@ohttps%3A%2F%2Fnxbrew.com%2F%3F__cf_chl_tk%3DhZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU&@q0&@r0&@s1033&@ten-US&@u1280&@b1:44727524&@b3:1662905422&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnxbrew.com%2F&@w IP 192.99.8.27 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash 369d74e837308f698426cf95f3fd66de ca175662464691e05c3648f0ec6f815e136ef3be de9b0208a8feca31e200d6fa8c3356c0c6ee8c41d8430a64cd4dc6e2e7e5d134 Loading...

	http:blank	145 B	2023-03-07	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-13 01:43:37 Times Seen1 Hash 38193ebd854ce3c578148589edc900ca 069a1a35b2d1c4d3e9d762d2b61a17e78c693339 b139878fd0b7aa1bc854edcdf0b6e6f5d52ab16415d563d01a57c42dd9d917e7 Loading...

	nxbrew.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.1	13 kB	2023-03-07	2024-05-08
Pretty URL nxbrew.com/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.4.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:12 Last Seen2024-05-08 11:34:44 Times Seen994 Hash 416d2c5e5425c640a7d63f25e0376fd6 a95b218161d94bdb148d108aedf065b4a4762045 b875bead01dfa1b02a553e8efda0f3a65d39da24f19ad37af95f06795eee76dc Loading...

	nxbrew.com/wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.27.12	5.6 kB	2023-03-07	2024-05-10
Pretty URL nxbrew.com/wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.27.12 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:49 Last Seen2024-05-10 07:46:43 Times Seen553 Hash 9cda9e740bbf260a190f4041132b5105 603599b494c5f0c9ed5d11ccea03ca6517da46dc ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba Loading...

	nxbrew.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.12	24 kB	2023-03-07	2024-05-03
Pretty URL nxbrew.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.27.12 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:58 Last Seen2024-05-03 19:49:15 Times Seen173 Hash 80f602ae586deb6e39d878515412eff0 2b9e5742e310773c4438690ba241b5381f317049 25ed4e3f92d17bc60fac51838b1b3650e17a07e289ac1c08b7e37abf03d76360 Loading...

	nxbrew.com/	129 B	2023-03-07	2023-03-07
Pretty URL nxbrew.com/ IP 104.21.54.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash 573f9214ad74315554ec810bfe2075e3 829c29b38fe739084edfd1861c2f16782a83e821 2cff227f2a5b84704ef98d3cb6f5aa27a98f38dd5acbef3bc0a2acf4e8a44003 Loading...

	departgross.com/060d8f743e909da8c28a6535c4eec811/invoke.js	27 kB	2023-03-07	2023-03-13
Pretty URL departgross.com/060d8f743e909da8c28a6535c4eec811/invoke.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-13 01:43:37 Times Seen1 Hash d8955c91b34ea40da280eb16be0b4307 282e1c5e3511b58a9d7df7c4cfea50bcbce758f6 482cb5118a98185b2cb6435f414e5df9a315058be9a7ba19037b3fbf150b0512 Loading...

	d28u86vqawvw52.cloudfront.net/9c0tIZEIQJCYCfQciLFl7Rnp9UnNVITsLLAN2HAUvAwM+KScdCW4QOBd2eEIuEiUvWWQWJStZc1UqLAZ/Q208FC0YdiAFOxQmLwk0ED5uESNOJiceKx8nKUFwNX5mVGdBe2Acc0JueyZnQXskDSwGM21Wcgtzfjt0R257JmdBezoSZ0AKcVJsQ2JtVnIULi-sPLVZ5DlZyQnt4VXJCbnpUJBo5LQItC256IntFZXhCN056	974 B	2023-03-07	2023-03-07
Pretty URL d28u86vqawvw52.cloudfront.net/9c0tIZEIQJCYCfQciLFl7Rnp9UnNVITsLLAN2HAUvAwM+KScdCW4QOBd2eEIuEiUvWWQWJStZc1UqLAZ/Q208FC0YdiAFOxQmLwk0ED5uESNOJiceKx8nKUFwNX5mVGdBe2Acc0JueyZnQXskDSwGM21Wcgtzfjt0R257JmdBezoSZ0AKcVJsQ2JtVnIULi-sPLVZ5DlZyQnt4VXJCbnpUJBo5LQItC256IntFZXhCN056 IP 54.230.245.117 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash fd2869608838a780b3d89e5c8241b60e 50c2bc74eea51208b8586f1c1fe80b39ace16377 b709688c36913b6f8cf0a310f0fe740677a06bb6f5a1f7ccdc52dda97dd849e6 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d0b91eb760d6065c25086d4c80d1d8ae	515 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash d0b91eb760d6065c25086d4c80d1d8ae e079564b42e7dda7e3e762b85172121bd45c565f a58a406a43f88ddfdeef4159891cb5d0eea1692d7841e5a79ad1ac6732617695 Loading...

	#2 Eval - b42e6f81921f619474139882b2440c40	2.0 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash b42e6f81921f619474139882b2440c40 2f3f3a6cb66d418c8cb6a52c8c683e9d7723cd08 c9ada81851b70867a5305e2a8b69d500949fd6924d8f11197cbe2e4b4c1a1bdb Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

	#2 Write - d7cab7cfcb10c282ff8a08dbcfbb4698	113 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 14:46:45 Last Seen2023-03-07 14:46:45 Times Seen1 Hash d7cab7cfcb10c282ff8a08dbcfbb4698 b710f6ab7192118338bf2eed15c70e4a3fcad7b4 31c7c0584950217fb4ae423bcfbd47ad4b95ef50cd846e0798af56f4bdf362d1 Loading...

HTTP Transactions (90)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 14:07:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xcdDEt28SWzwcZkQqQyRaYtzNIWGroNjdgXVG9l1zAE81AbJqb6BVw==
Age: 171

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8058
Expires: Sun, 11 Sep 2022 16:24:47 GMT
Date: Sun, 11 Sep 2022 14:10:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -t0rhsgI8vC_LNvg883-rnlVMZOAWjIi55vYt_5tnGjYnCu4wF0V1w==
age: 24797
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

nxbrew.com/favicon.ico

104.21.54.76

200 OK

0 B

URL HTTP/2
nxbrew.com/favicon.ico
IP
104.21.54.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
vary: X-Forwarded-Proto,User-Agent, Accept-Encoding
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 13:25:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQCdHHpnb9K8BofkM6ZSswKi%2BGjCsyAFnJCtk3M1K5w6LN29vIndFb6TGvw1zikv9cGGSEzmeToTiNsT%2BKjNccrEq658%2BYFu6TVgPI7Tu6%2Fqt%2FTQ1%2FKKhPxjOTNt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcb8bd101bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

nxbrew.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7490fcb679c91bfe

104.21.54.76

200 OK

42 B

URL HTTP/2
nxbrew.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7490fcb679c91bfe
IP
104.21.54.76:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7490fcb679c91bfe HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 06 Sep 2022 17:30:38 GMT
etag: "631783be-2a"
server: cloudflare
cf-ray: 7490fcb97df51bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 11 Sep 2022 16:10:29 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 13:56:07 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 14:22:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h6e_RamvLewnc3e9xjPqYF3wlZA6On6lbinHhSHG71AJqWXQ-35aRQ==
Age: 863

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:30 GMT
Last-Modified: Sun, 11 Sep 2022 13:06:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.164.183.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.183.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CU9bnV9ncjEmvou0fy7c5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Be4TUcG4JiBF4IimVG4CXF4HW7w=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

1.7 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.7 kB (1686 bytes)
Hash
29cc14c4457b1aa145e171c5d89986f0
e415fd0368c5d028afc4773b83527c11cb1a70d9
60a5a167ad72f70282fc06ba8b4e929ec489cbe5229c9438fdad8e39cec2a447

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09EB0C26850BDD39A30C490F909598DDE568B3D232A40D4B0E12C12B5B6B5A97"
Last-Modified: Fri, 09 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18185
Expires: Sun, 11 Sep 2022 19:13:36 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive

d28u86vqawvw52.cloudfront.net/?aqvud=951559

54.230.245.117

200 OK

118 kB

URL HTTP/2
d28u86vqawvw52.cloudfront.net/?aqvud=951559
IP
54.230.245.117:0
ASN
#16509 AMAZON-02

File type
data
Size
118 kB (117670 bytes)
Hash
81b372f84966d78b46a4a5ec1729b388
c9cb3c4ba26e7e6304b92f5f33cea861b9f75370
7cfb2ee94dd97b9ba535a340c2ce744ab6413e9fcbee748d3cf6bdbbf10e85f7

HTTP Headers

GET /?aqvud=951559 HTTP/1.1
Host: d28u86vqawvw52.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 116039
date: Sun, 11 Sep 2022 14:10:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7UKHbi3zJ6SNMOqcAYTR-WuPFlze--kIRGvw5vkNij9sayJr28hGvw==
X-Firefox-Spdy: h2

nxbrew.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7490fcb679c91bfe

104.21.54.76

200 OK

30 kB

URL HTTP/2
nxbrew.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7490fcb679c91bfe
IP
104.21.54.76:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (61950), with no line terminators
Size
30 kB (29989 bytes)
Hash
763769c72b728accef756119cb5df725
0dc85b5cac130f7881865a145b6a2d40d1fc2aad
58dc3b2813883ece07e93ddae577f2f2592818aebe3322cf8a2eb5915a2ef81f

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7490fcb679c91bfe HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/?__cf_chl_rt_tk=hZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulpO702xQZiICEmsIPiSmNhYmaz75LqCB3xK05wbqYe%2FsI7lur9SOUCQSQKtAusXDly%2FtXCT5Ox9FUKHNL5Tew5BwQ%2FJBrv8%2B5nh5LRB2lGLCsIHG1Dg9jUeND2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcb97e061bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

shorantonto.com/fRla010yjjE/53625

23.109.248.134

200 OK

26 B

URL HTTP/1.1
shorantonto.com/fRla010yjjE/53625
IP
23.109.248.134:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

HTTP Headers

GET /fRla010yjjE/53625 HTTP/1.1
Host: shorantonto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 14:10:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nxbrew.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Mon, 12-Sep-2022 14:10:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Mon, 12-Sep-2022 14:10:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive

shorantonto.com/fRla010yjjE/53625

23.109.248.134

200 OK

26 B

URL HTTP/1.1
shorantonto.com/fRla010yjjE/53625
IP
23.109.248.134:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95

HTTP Headers

GET /fRla010yjjE/53625 HTTP/1.1
Host: shorantonto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 14:10:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nxbrew.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

e1.o.lencr.org/

95.101.11.115

200 OK

645 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
645 B (645 bytes)
Hash
295859ef8cbf9922e82bedd6f10fabcd
f4eb6b87a1567fd42702bc8e9c0435abfe993fce
4bd5d61ca895e06d1a452b6cab7a5457776f3b7c026427e4309a4e943999b578

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
32072ab048df69ad6db8b7e4ac7ea796
c7b466b36a3cc9b0b65a03283128b2a9004ec3c3
9abf5e9d5bacc2f13c1366d4c90aea5caa66c2e34050a3ae575b3133eeecb0f2

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive

e1.o.lencr.org/

95.101.11.115

200 OK

7.3 kB

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
7.3 kB (7313 bytes)
Hash
d2ca2365d06ca95158f9a15aa970d4ed
286690dbec9e6660f04d8771170b6ab2c3e77c43
bf7c29ebfcecbde51acc8a9cf4d262ea729f560e2ee0b28b011b322f2baba02f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9ABF5E9D5BACC2F13C1366D4C90AEA5CAA66C2E34050A3AE575B3133EEECB0F2"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Sun, 11 Sep 2022 18:37:03 GMT
Date: Sun, 11 Sep 2022 14:10:31 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Size
16 kB (15528 bytes)
Hash
595fe3fc0b85f3cc9ef5aed2d519abc5
96e76de44987e9dec2f97f1e5eb7a18c738daf5d
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

HTTP Headers

GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:59:00 GMT
expires: Wed, 06 Sep 2023 22:59:00 GMT
cache-control: public, max-age=31536000
age: 400291
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lcreatessque.xyz/ZlRyaEVJaxEbeDM+HgQQHDAaLCksMzZaDC0MJRsAPAUwOxwBN1QcLAJpS110U2FLTjUPME9ZYxUgExwwFWlDTiwIMh1VYxBpQ0Z2UnpAUGtXcgdVdEAgAgkiW2VUGDESOE9Zc1BmS1hwUmZCXnJf

104.21.81.70

204 No Content

0 B

URL HTTP/2
lcreatessque.xyz/ZlRyaEVJaxEbeDM+HgQQHDAaLCksMzZaDC0MJRsAPAUwOxwBN1QcLAJpS110U2FLTjUPME9ZYxUgExwwFWlDTiwIMh1VYxBpQ0Z2UnpAUGtXcgdVdEAgAgkiW2VUGDESOE9Zc1BmS1hwUmZCXnJf
IP
104.21.81.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ZlRyaEVJaxEbeDM+HgQQHDAaLCksMzZaDC0MJRsAPAUwOxwBN1QcLAJpS110U2FLTjUPME9ZYxUgExwwFWlDTiwIMh1VYxBpQ0Z2UnpAUGtXcgdVdEAgAgkiW2VUGDESOE9Zc1BmS1hwUmZCXnJf HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWSEzmwlxzL4bEdjm9DzKfdhbJ7Gv1480%2FSFkCRwzoINTyj10LlScKMGIlQj8C094d8GQYdgrNH8ocXXLYOC2H%2BakghW5epyc22DA8%2BVZu55KVLbomvkhrU%2BaRb4Zk3mQsOY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcc3fad5b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lcreatessque.xyz/dWxlQVZaUwYyaxc4KzYEGSIwAj0dFj8XbjA/PQM9Iy0BADUYOUM1PxFRXHRnQFpVZyYcCFhwblMfESAiAB9YcHAcAgMua1MaWHB4RUJUb2VTGVhwcAEcBCZrREoVNSIZUVR3YEdVVXRiR1xTeW4

104.21.81.70

204 No Content

319 B

URL HTTP/2
lcreatessque.xyz/dWxlQVZaUwYyaxc4KzYEGSIwAj0dFj8XbjA/PQM9Iy0BADUYOUM1PxFRXHRnQFpVZyYcCFhwblMfESAiAB9YcHAcAgMua1MaWHB4RUJUb2VTGVhwcAEcBCZrREoVNSIZUVR3YEdVVXRiR1xTeW4
IP
104.21.81.70:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
319 B (319 bytes)
Hash
50ca8d7aa9c80db992e9aca5e87703ad
f9061acec54d0d503159a20058f9b1b456908936
19f756d6ecdc1ef70b853ebfdffc56080bde1ee53c646ae116e82ef00892de6e

HTTP Headers

GET /dWxlQVZaUwYyaxc4KzYEGSIwAj0dFj8XbjA/PQM9Iy0BADUYOUM1PxFRXHRnQFpVZyYcCFhwblMfESAiAB9YcHAcAgMua1MaWHB4RUJUb2VTGVhwcAEcBCZrREoVNSIZUVR3YEdVVXRiR1xTeW4 HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlyzIJfgVLlP%2FrcdS6S%2BimI8GtpS0qo%2BhpOtJuPa2RXgDDtHfLAI76m6VXkNjjnvfamjJ0CcPMRMJyMjtZWg48tMu7yaLGWv2IpNh8g4T7SXxublFfJyz%2BKm8Y8Z9x7MzYoJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcc3faddb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lcreatessque.xyz/STVKQXdmCikySipifnMlJ38JFxB8BxhxHxN3JBMzGAQTBxF5Vmw1Hi0Ic3RGfAN7ZwcgUXdwUTpBKzUCOgh7Zx4nUyV8UT8Ie29EfRt4eVl4Ez98Rm9BOiAQdARsMQM9WXdwQX8Hc3FCfQd6d05+

104.21.81.70

204 No Content

0 B

URL HTTP/2
lcreatessque.xyz/STVKQXdmCikySipifnMlJ38JFxB8BxhxHxN3JBMzGAQTBxF5Vmw1Hi0Ic3RGfAN7ZwcgUXdwUTpBKzUCOgh7Zx4nUyV8UT8Ie29EfRt4eVl4Ez98Rm9BOiAQdARsMQM9WXdwQX8Hc3FCfQd6d05+
IP
104.21.81.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /STVKQXdmCikySipifnMlJ38JFxB8BxhxHxN3JBMzGAQTBxF5Vmw1Hi0Ic3RGfAN7ZwcgUXdwUTpBKzUCOgh7Zx4nUyV8UT8Ie29EfRt4eVl4Ez98Rm9BOiAQdARsMQM9WXdwQX8Hc3FCfQd6d05+ HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SImUSG%2FCoXUBnVqNTsgy3PUItTXzCo4joP0VYvMu0Obh9ppiY%2B%2B3NFsfEhiQ01i2f%2B2n7JeVKcKBvX5S0LtECvzrA0AabYNmkqMYR4AMgo8tvu3lyjMVAg0owMc5agQWrGZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fcc3fadfb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lcreatessque.xyz/popunder.gif

104.21.81.70

200 OK

32 kB

URL HTTP/2
lcreatessque.xyz/popunder.gif
IP
104.21.81.70:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
32 kB (32473 bytes)
Hash
146bc80f5310c3e33d684b4671ec1364
35057a9b7861a72de3fd3a1da57d5277676eabe0
2e62a9b0a9de3d682747dfddd8d1d2870c522a7f2f44fd4add278a723a7ac53b

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: lcreatessque.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:31 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 95710
last-modified: Sat, 10 Sep 2022 11:35:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIqXKMtJ0GWnSgtTQxbq3CsAw54At0Mp0KI4lZAHnLaGSvQYUZc0PMve5shwMoFobniDSx5fxR%2BuVQoOmNwH0dhWEHqyno8GuTKbwubFaAAQeIhwrw%2FRRH4Nuf2tPHznr181"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fcc3fadbb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

142.250.74.163

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
20 kB (19742 bytes)
Hash
7a6f3e2c576d0bb3cef794dd12dceffa
0059d22832bd170491dc4d49a730352413d6fa4e
3a4b5402a8b749a39afdc6e21570a752616c09576aacd5f84f6a0ccbcd5d6263

HTTP Headers

GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:17:40 GMT
expires: Wed, 06 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 402771
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Sun, 11 Sep 2022 16:52:49 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Sun, 11 Sep 2022 16:52:49 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

6.4 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
6.4 kB (6386 bytes)
Hash
34bd80ca813bdf2b3427c7ec1a0a5f2c
fbb5d720e11350d544a9a3ea505ccad858740d4b
e623cdb7d240d139f9f55c793786f14559d9141b3ac0e062ad23c257a5704cfb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Sun, 11 Sep 2022 16:52:49 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9737
Expires: Sun, 11 Sep 2022 16:52:49 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84e816d3cca749c83e008e14cd023553
eefe21db0ef06f0776324292f5ebed084ac2f998
d71ac4bc9fb1628ff2eabbda02e88728b16afae46b3133fe992ccaf7735aa656

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D71AC4BC9FB1628FF2EABBDA02E88728B16AFAE46B3133FE992CCAF7735AA656"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16190
Expires: Sun, 11 Sep 2022 18:40:22 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6109 bytes)
Hash
8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnkjEbkwVPPR1stEuMkkuFcQ4WZMDjsuYKA46ZcxejvotwfCG6huhQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:03 GMT
age: 59249
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

43 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
43 kB (43008 bytes)
Hash
312a1881db69ca0f52ee8cc6dff2a893
b3a575ed8ac3c58f6dbe1192486a20eea549a787
2890b1a46dac660b73c4228afa856175b3f5e5b229b8d1c2a58d5d2e6d40afc7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: 39c8c044-5287-47bb-8731-5706c27a73e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0feFFtkIAMF9NA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ac59-246e1b7e019965f74db95df0;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FVraudPaXgrkcCLGkaxntfC3h4XtbSfnRgzyp72Wgwb-WgWkDwjYPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 08:44:26 GMT
age: 19566
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8485 bytes)
Hash
e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:57:28 GMT
age: 58384
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6889 bytes)
Hash
57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 59246
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7017 bytes)
Hash
fea5dfc4a6a5093fd81899ee4a79d446
c893d7475856809a59486e0bcebd6d662d1fc56f
915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YRgmbTGaMvU9Kf47U90cPYhgpXaYgoNVA8ut6LOUStK4UfWahpSqVA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:08 GMT
age: 59364
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=5.1.14

142.250.74.10

200 OK

8.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=5.1.14
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
8.5 kB (8458 bytes)
Hash
446b968df8f8048f2c77034d41d80e82
419ca0ea68a73ba862b1f7f1f0e85fb02d8529b4
d7c6238e03d95d28e2770f1f1388849031967beb894bc64d03abbb44251aafb4

HTTP Headers

GET /css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=5.1.14 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 14:10:31 GMT
date: Sun, 11 Sep 2022 14:10:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

departgross.com/060d8f743e909da8c28a6535c4eec811/invoke.js

192.243.61.225

200 OK

9.8 kB

URL HTTP/1.1
departgross.com/060d8f743e909da8c28a6535c4eec811/invoke.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (27004), with no line terminators
Size
9.8 kB (9816 bytes)
Hash
ebcd0cbb8bee7de83391950995427c27
5f1b72de93d3672a19dacdc2121de5c5723c9fdf
a167958b8b5881de34716e18900ce6b8c1f43222c520850d2b18346dd50a2218

HTTP Headers

GET /060d8f743e909da8c28a6535c4eec811/invoke.js HTTP/1.1
Host: departgross.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 11 Sep 2022 14:10:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bca43ab9e877e4d86d1d78b548e1e595
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
25e0740748990b9579a321d1b28983a2
849ef01a23e905d5a6c4a5f823fad713aa9a05e7
ec3c3120565756a22cb396a95382340b4a14eb69115c66ae5538190907974f8e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 11 Sep 2022 14:10:32 GMT
Last-Modified: Sun, 11 Sep 2022 13:45:01 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _s2KIdVggSAs3Aipo90Od_dqV_meGfoN47gk6duir6fIB91sYxgtsw==
Age: 1531

simplewebanalysis.com/stats

52.28.172.243

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.172.243:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
41498cd140d19d2d344936450a4a4807
1f8b42a5528fe6a85fd2e99cdb3f7e8c183f84a3
32fff5d94387a67bf5b89a4aac8921da25e444ec374ad420ad63c66d3b28232e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
set-cookie: uid_id2=10028db7-6ddb-40b1-824f-329f1a433579:1:1; expires=Wed, 08 Sep 2032 14:10:32 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/11.2.0/svg/2728.svg

192.0.77.48

200 OK

13 kB

URL HTTP/2
s.w.org/images/core/emoji/11.2.0/svg/2728.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
data
Size
13 kB (12746 bytes)
Hash
a3cca62f8105171c32f3d63559cc3ff8
eae42181c45366dd39fc20d788d2bae3b8e57404
9c15c63aa7585542032fb0b684f1f4e2a1990152309e38f6ba0beba6e107b985

HTTP Headers

GET /images/core/emoji/11.2.0/svg/2728.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 18 Jan 2019 01:27:58 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

secure.gravatar.com/avatar/f0ee859a12a8c3371054509430927131?s=96&d=wavatar&r=g

192.0.73.2

200 OK

8.4 kB

URL HTTP/2
secure.gravatar.com/avatar/f0ee859a12a8c3371054509430927131?s=96&d=wavatar&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data
Size
8.4 kB (8393 bytes)
Hash
ab2f8f6a434dc3ec402a2b26b0185e60
c654714a0a7ca751b2cd5bff532b1eeb505bd5bd
33a7ddfa6dbdc5fab9e24b947a43b8e75786102d193279be5775a361109d8d95

HTTP Headers

GET /avatar/f0ee859a12a8c3371054509430927131?s=96&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: image/png
content-length: 8393
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/f0ee859a12a8c3371054509430927131?s=96&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
expires: Sun, 11 Sep 2022 14:15:32 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2

secure.gravatar.com/avatar/e85b67de54b37c48dec589f4aca5badb?s=96&d=wavatar&r=g

192.0.73.2

200 OK

8.7 kB

URL HTTP/2
secure.gravatar.com/avatar/e85b67de54b37c48dec589f4aca5badb?s=96&d=wavatar&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data
Size
8.7 kB (8694 bytes)
Hash
2b2e7e8cdccf5b4d804da0a150c8565a
10fa24ec1989bd624f033484ee96b204387c16af
a38645b5bca3aedba6535d08141207d365cf3b3b1ad1a981f0d885708b572951

HTTP Headers

GET /avatar/e85b67de54b37c48dec589f4aca5badb?s=96&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: image/png
content-length: 8694
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/e85b67de54b37c48dec589f4aca5badb?s=96&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
expires: Sun, 11 Sep 2022 14:15:32 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5519d9b94876284556136b01d3dcb35c
bce65aca1b9c5663b816af17c5fab2b10e42ef1e
b3a83fb0b49eae3710990cd4461e216dea2aca5ba1d6dfbdb4a89dc328fc95ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:32 GMT
Last-Modified: Sun, 11 Sep 2022 12:21:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

secure.gravatar.com/avatar/be03599f480651e7e36e4e7756da0e58?s=96&d=wavatar&r=g

192.0.73.2

200 OK

10 kB

URL HTTP/2
secure.gravatar.com/avatar/be03599f480651e7e36e4e7756da0e58?s=96&d=wavatar&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data
Size
10 kB (10308 bytes)
Hash
3e516d70c601253b2c5bf4711db26d1c
cb60de7a75f1c576c0eb6a8051ea878b4a9d7d83
2bdf2df5d4d7239482bd00cd3300d80e6f165f1fcccba8051a6281576bd4cfd7

HTTP Headers

GET /avatar/be03599f480651e7e36e4e7756da0e58?s=96&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 14:10:32 GMT
content-type: image/png
content-length: 10308
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/be03599f480651e7e36e4e7756da0e58?s=96&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
expires: Sun, 11 Sep 2022 14:15:32 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8a3f147ac37bcccd79750e4229a8d99b
f76459233b24f681045ed0476a63d95a0f12623e
6ecda86d440d58447955acca8d5181db4951cd6f92cd7ad595511d3c9c54d82a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8a3f147ac37bcccd79750e4229a8d99b
f76459233b24f681045ed0476a63d95a0f12623e
6ecda86d440d58447955acca8d5181db4951cd6f92cd7ad595511d3c9c54d82a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Sun, 11 Sep 2022 16:57:15 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
4ab4266788d64f4bfdc9f1efb429c49a
3533a113e8560a9dc1bb01888a538cf405f86069
17549e4f8b4c5885030c9fa965bcf2d8ea33440e96819ae80f58dea13735a57f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "17549E4F8B4C5885030C9FA965BCF2D8EA33440E96819AE80F58DEA13735A57F"
Last-Modified: Fri, 09 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10003
Expires: Sun, 11 Sep 2022 16:57:15 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de9d4a9aea0fa2cc1f309ad17b1f28c6
b9fc91f6dbe64aa1da9c065e801314343b965459
f38ceb11289962edfa3be65c74c2444ffe912552825bb6260bdd569779d1a2ea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F38CEB11289962EDFA3BE65C74C2444FFE912552825BB6260BDD569779D1A2EA"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9731
Expires: Sun, 11 Sep 2022 16:52:43 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f9586374bb1bef58a7f21c55bdcccbcf
f4dfc53e23c579b828c19a2ab88d095b05d7b8df
545d01bc8dd9ba4d616be5179a3ae220c605bfba00982fd639835ca09a4dc56f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "545D01BC8DD9BA4D616BE5179A3AE220C605BFBA00982FD639835CA09A4DC56F"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10526
Expires: Sun, 11 Sep 2022 17:05:58 GMT
Date: Sun, 11 Sep 2022 14:10:32 GMT
Connection: keep-alive

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

216.58.207.237

302 Found

398 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Size
398 B (398 bytes)
Hash
f3b31d23b3ecf5eb61b991e5c8c18dad
9e246bf6ae6579ca059bde03fba30d81ad2cf10b
7968592bdc48844bc391e4500f6af8ee7b53db66af24387805e951b3ad32fb93

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 14:10:32 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1894831008%3A1662905432933561&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrZIjb4C-chjV_wgx04zaxAkTCX5coJapD2l9J08-a6T9RPMMLmwDd9vc7EY4v-hEqLORTEQw
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-WgNtEwNF5FUkI2ItGD1ayA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:uasXDbWMyTDndNeifppa6zzMi87j9Q:IiMMokeZbCoos1FX;Path=/;Expires=Tue, 10-Sep-2024 14:10:32 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d28u86vqawvw52.cloudfront.net/5QXZnTWkiGQkrVjUfA3BQdEdSeFBnHBQiBzFLBAAEc05UewcKIT4DPXFDI2sdOxJafU8tFwkqVGcTCS5UcFAGKQt8RkE5GS4dWiUIOBEKKgQ3FRJrHCBLCiITKBoLLExzMFJjWWREV2URcEdCfitkRFchAC8DH2hbcQ5fezZ3QkJ+K2REVz8fZEUmdF9vRk-5oW3ERAi4CLlNVC1txR1d9WHFHQn9ZJx8VKA8uDkJ/L3hASX1PNEtW

54.230.245.117

200 OK

569 B

URL HTTP/2
d28u86vqawvw52.cloudfront.net/5QXZnTWkiGQkrVjUfA3BQdEdSeFBnHBQiBzFLBAAEc05UewcKIT4DPXFDI2sdOxJafU8tFwkqVGcTCS5UcFAGKQt8RkE5GS4dWiUIOBEKKgQ3FRJrHCBLCiITKBoLLExzMFJjWWREV2URcEdCfitkRFchAC8DH2hbcQ5fezZ3QkJ+K2REVz8fZEUmdF9vRk-5oW3ERAi4CLlNVC1txR1d9WHFHQn9ZJx8VKA8uDkJ/L3hASX1PNEtW
IP
54.230.245.117:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (780), with no line terminators
Size
569 B (569 bytes)
Hash
8748744a9b39645ae1a226f2d0f8f092
d0b0b715ff150f3be4885a97f390b5067918e4ff
d56dd1e1800b88777d2dc97facc98141a4defed217c36effad7b45384953e28a

HTTP Headers

GET /5QXZnTWkiGQkrVjUfA3BQdEdSeFBnHBQiBzFLBAAEc05UewcKIT4DPXFDI2sdOxJafU8tFwkqVGcTCS5UcFAGKQt8RkE5GS4dWiUIOBEKKgQ3FRJrHCBLCiITKBoLLExzMFJjWWREV2URcEdCfitkRFchAC8DH2hbcQ5fezZ3QkJ+K2REVz8fZEUmdF9vRk-5oW3ERAi4CLlNVC1txR1d9WHFHQn9ZJx8VKA8uDkJ/L3hASX1PNEtW HTTP/1.1
Host: d28u86vqawvw52.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 569
date: Sun, 11 Sep 2022 14:10:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _ueJXjLc6Cl7ope0-OpyigLU7WECeWBbvxwM5eLGxRVdJ8t-Lrivnw==
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

216.58.207.237

302 Found

394 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Size
394 B (394 bytes)
Hash
6d745bfaa4755bdc1464d858c3e7492f
b7fabb78c369a776203fa82aae06dd969c7d7287
2d5f34a73d9ce68a6897534025f47cfc9b6276e5dba0fc9afb84f1a89a095c53

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 14:10:32 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S487419882%3A1662905432947113&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSnWi2yM3D6i3g1PhuZFZ9coIxyMVOZ4UDTa3vBG-Pxm_q_DlxQIlv_HMVQg9-75OfVLMvIQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-MHG0jJJBb6HGEX7f68i6aw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:VkFzkKaoNxSmPk-VeGmfulCGhF-kgg:cbeYxkTDEPGC7tE5;Path=/;Expires=Tue, 10-Sep-2024 14:10:32 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d28u86vqawvw52.cloudfront.net/eNWFSS1dWDjwtaEEINnZuAFBnfWcTCyEkOUVcOw9ubTYwL2N9WRAqIHg5dD8tUVxibTtUDzV2cVAPMXZmEwA2KWoFRycqalgOKCI7WQB3eREAT2JuZQVJKnpmEFIQbmUFDTslIk1EYHsvDVcNfWMQUhBuZQUTJG5kdFhkZWccRGB7MFACOSRyBydge2YFUW-N7ZhBTYi0+RwQ0JC8QUxRyYRtRdD5qBA

54.230.245.117

200 OK

192 B

URL HTTP/2
d28u86vqawvw52.cloudfront.net/eNWFSS1dWDjwtaEEINnZuAFBnfWcTCyEkOUVcOw9ubTYwL2N9WRAqIHg5dD8tUVxibTtUDzV2cVAPMXZmEwA2KWoFRycqalgOKCI7WQB3eREAT2JuZQVJKnpmEFIQbmUFDTslIk1EYHsvDVcNfWMQUhBuZQUTJG5kdFhkZWccRGB7MFACOSRyBydge2YFUW-N7ZhBTYi0+RwQ0JC8QUxRyYRtRdD5qBA
IP
54.230.245.117:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
192 B (192 bytes)
Hash
773f3242182a2301441e5898baec044a
4601512fa974c6eecbd5689640434ab101568199
0c51b51eef6a3e18ea8435a522b4e41a478671a23c99f6a2f3652fb10febfc1b

HTTP Headers

GET /eNWFSS1dWDjwtaEEINnZuAFBnfWcTCyEkOUVcOw9ubTYwL2N9WRAqIHg5dD8tUVxibTtUDzV2cVAPMXZmEwA2KWoFRycqalgOKCI7WQB3eREAT2JuZQVJKnpmEFIQbmUFDTslIk1EYHsvDVcNfWMQUhBuZQUTJG5kdFhkZWccRGB7MFACOSRyBydge2YFUW-N7ZhBTYi0+RwQ0JC8QUxRyYRtRdD5qBA HTTP/1.1
Host: d28u86vqawvw52.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 192
date: Sun, 11 Sep 2022 14:10:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: npWgHZdO9MCroWR2jeyDHG9T36JcA0sBzxRA_SI8Cz8hswvJeKknEg==
X-Firefox-Spdy: h2

s10.histats.com/js15_as.js

46.105.201.240

200 OK

4.4 kB

URL HTTP/2
s10.histats.com/js15_as.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (11440), with no line terminators
Size
4.4 kB (4364 bytes)
Hash
ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1

HTTP Headers

GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:09:54 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 993394955
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2

oulukdliketo.shop/utx?cb=2wut7G5ZbZ05&top=nxbrew.com&tid=951561

143.204.55.49

204 No Content

0 B

URL HTTP/2
oulukdliketo.shop/utx?cb=2wut7G5ZbZ05&top=nxbrew.com&tid=951561
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=2wut7G5ZbZ05&top=nxbrew.com&tid=951561 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://nxbrew.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 14:11:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9VdFQi8Ld6_YQ-CkX-ci7-FinIvWia5dBjO6u9d-MEMYmOu7al9gqw==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c2fea93ba89de81c2b01aaca1a87835
0a7f50001f709285bc10f6ef044ef39a60535bff
6cae8a5f9949975a3adedc41088196b8c9dd984e4023e54bbe655800a9478349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d28u86vqawvw52.cloudfront.net/9c0tIZEIQJCYCfQciLFl7Rnp9UnNVITsLLAN2HAUvAwM+KScdCW4QOBd2eEIuEiUvWWQWJStZc1UqLAZ/Q208FC0YdiAFOxQmLwk0ED5uESNOJiceKx8nKUFwNX5mVGdBe2Acc0JueyZnQXskDSwGM21Wcgtzfjt0R257JmdBezoSZ0AKcVJsQ2JtVnIULi-sPLVZ5DlZyQnt4VXJCbnpUJBo5LQItC256IntFZXhCN056

54.230.245.117

200 OK

632 B

URL HTTP/2
d28u86vqawvw52.cloudfront.net/9c0tIZEIQJCYCfQciLFl7Rnp9UnNVITsLLAN2HAUvAwM+KScdCW4QOBd2eEIuEiUvWWQWJStZc1UqLAZ/Q208FC0YdiAFOxQmLwk0ED5uESNOJiceKx8nKUFwNX5mVGdBe2Acc0JueyZnQXskDSwGM21Wcgtzfjt0R257JmdBezoSZ0AKcVJsQ2JtVnIULi-sPLVZ5DlZyQnt4VXJCbnpUJBo5LQItC256IntFZXhCN056
IP
54.230.245.117:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (974), with no line terminators
Size
632 B (632 bytes)
Hash
2a780412fe290630e900252e9c5b103a
25455a6e86fcb92d10603f2311aa68ca8ce5be93
bc96a8656ab3da27904b585b469f406bb5211028e2a1bd0df3fcb1f98c5ed59c

HTTP Headers

GET /9c0tIZEIQJCYCfQciLFl7Rnp9UnNVITsLLAN2HAUvAwM+KScdCW4QOBd2eEIuEiUvWWQWJStZc1UqLAZ/Q208FC0YdiAFOxQmLwk0ED5uESNOJiceKx8nKUFwNX5mVGdBe2Acc0JueyZnQXskDSwGM21Wcgtzfjt0R257JmdBezoSZ0AKcVJsQ2JtVnIULi-sPLVZ5DlZyQnt4VXJCbnpUJBo5LQItC256IntFZXhCN056 HTTP/1.1
Host: d28u86vqawvw52.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 632
date: Sun, 11 Sep 2022 14:10:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Wy2M46Z0wDwg5iMfsHJI4X_thubaOBnvAUQr-wClPPNt03yCS2tu1A==
X-Firefox-Spdy: h2

oulukdliketo.shop/utx?cb=dA6fgPKLQ8Wv&top=nxbrew.com&tid=951559

143.204.55.49

204 No Content

0 B

URL HTTP/2
oulukdliketo.shop/utx?cb=dA6fgPKLQ8Wv&top=nxbrew.com&tid=951559
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=dA6fgPKLQ8Wv&top=nxbrew.com&tid=951559 HTTP/1.1
Host: oulukdliketo.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 11 Sep 2022 14:10:32 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://nxbrew.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 11 Sep 2022 14:11:32 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yAckq9G1uR2X4s4uytVcP4VsoBf7s-cFZAOcxfOyvCh8hCYUxs4gtw==
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5519d9b94876284556136b01d3dcb35c
bce65aca1b9c5663b816af17c5fab2b10e42ef1e
b3a83fb0b49eae3710990cd4461e216dea2aca5ba1d6dfbdb4a89dc328fc95ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6567
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 14:10:33 GMT
Last-Modified: Sun, 11 Sep 2022 12:21:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

accounts.google.com/v3/signin/identifier?dsh=S-1894831008%3A1662905432933561&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrZIjb4C-chjV_wgx04zaxAkTCX5coJapD2l9J08-a6T9RPMMLmwDd9vc7EY4v-hEqLORTEQw

216.58.207.237

403 Forbidden

1.2 kB

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S-1894831008%3A1662905432933561&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrZIjb4C-chjV_wgx04zaxAkTCX5coJapD2l9J08-a6T9RPMMLmwDd9vc7EY4v-hEqLORTEQw
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1152 bytes)
Hash
16f5a6394f148301d396cee242e8d13b
ce68dc64b32f2a14571860bf0f52f7ffccc0e261
e042b86d50e627f8c9c87b3b1a7d637cdb3b36be7f5281441350afe05b1cfa16

HTTP Headers

GET /v3/signin/identifier?dsh=S-1894831008%3A1662905432933561&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWrZIjb4C-chjV_wgx04zaxAkTCX5coJapD2l9J08-a6T9RPMMLmwDd9vc7EY4v-hEqLORTEQw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nxbrew.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 14:10:32 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-lqpGQqAdLskxfZrse1fyqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=nwCdc-peNwp7Z18zwiEzHtFHuZWb_AVppMgVjyLZMx0W2GzCjIcwSl1gHr6X8tvkgDsLP74UawSc7qbJlAvY28ojgja7y3_oR4j-JLR5OLfYGA2YcqE7VviyHwZD8BQ32TTdX6iu44ifSgW998b9J-Y_JuIF120lwV6B2KrSUvY; expires=Mon, 13-Mar-2023 14:10:32 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js

192.243.59.20

200 OK

29 kB

URL HTTP/1.1
www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28731 bytes)
Hash
1086aad9cbe6eb08a835691725990114
e7b9e63a675b455fd6cbdc33b8a037a2013e6221
0443bb76d684242cc113b5126f97a6f6602f3386c9162cef0f79cf88a243d2cc

HTTP Headers

GET /d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 14:10:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2810b68e6a548daae9a5e1118b2684c8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

simplewebanalysis.com/stats

52.28.172.243

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.172.243:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
41498cd140d19d2d344936450a4a4807
1f8b42a5528fe6a85fd2e99cdb3f7e8c183f84a3
32fff5d94387a67bf5b89a4aac8921da25e444ec374ad420ad63c66d3b28232e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Cookie: uid_id2=10028db7-6ddb-40b1-824f-329f1a433579:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
b32a5e9b733c4d6d00fa0ae101956367
a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997
6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9819
Expires: Sun, 11 Sep 2022 16:54:12 GMT
Date: Sun, 11 Sep 2022 14:10:33 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35447e91db1a2ed242507a08c643784f
0a892b1cc681fc71816bc7d9faf117aff61f3ce2
8ea6f18b7edf14d2df9483db9daf05e05d6c28d4ba2726e89370a3a7864fcdb0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EA6F18B7EDF14D2DF9483DB9DAF05E05D6C28D4BA2726E89370A3A7864FCDB0"
Last-Modified: Sat, 10 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14771
Expires: Sun, 11 Sep 2022 18:16:44 GMT
Date: Sun, 11 Sep 2022 14:10:33 GMT
Connection: keep-alive

s4.histats.com/stats/4258988.php?4258988&@f16&@g1&@h1&@i1&@j1662905422093&@k0&@l1&@mNXBrew.com%20%7C%20Free%20Nintendo%20Switch%20Gaming%20XCI%2C%20NSP%20Downloads&@n0&@ohttps%3A%2F%2Fnxbrew.com%2F%3F__cf_chl_tk%3DhZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU&@q0&@r0&@s1033&@ten-US&@u1280&@b1:44727524&@b3:1662905422&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnxbrew.com%2F&@w

192.99.8.27

200 OK

46 B

URL HTTP/1.1
s4.histats.com/stats/4258988.php?4258988&@f16&@g1&@h1&@i1&@j1662905422093&@k0&@l1&@mNXBrew.com%20%7C%20Free%20Nintendo%20Switch%20Gaming%20XCI%2C%20NSP%20Downloads&@n0&@ohttps%3A%2F%2Fnxbrew.com%2F%3F__cf_chl_tk%3DhZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU&@q0&@r0&@s1033&@ten-US&@u1280&@b1:44727524&@b3:1662905422&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnxbrew.com%2F&@w
IP
192.99.8.27:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
369d74e837308f698426cf95f3fd66de
ca175662464691e05c3648f0ec6f815e136ef3be
de9b0208a8feca31e200d6fa8c3356c0c6ee8c41d8430a64cd4dc6e2e7e5d134

HTTP Headers

GET /stats/4258988.php?4258988&@f16&@g1&@h1&@i1&@j1662905422093&@k0&@l1&@mNXBrew.com%20%7C%20Free%20Nintendo%20Switch%20Gaming%20XCI%2C%20NSP%20Downloads&@n0&@ohttps%3A%2F%2Fnxbrew.com%2F%3F__cf_chl_tk%3DhZaK5L39fZktyeahPZqYmObyX7NaRiVOa8.VZb9pV2o-1662905429-0-gaNycGzNCCU&@q0&@r0&@s1033&@ten-US&@u1280&@b1:44727524&@b3:1662905422&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnxbrew.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 14:10:33 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 46
Connection: close

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
b32a5e9b733c4d6d00fa0ae101956367
a584d7ac68cf4e1e8d897ef1b0ba8d4d3037e997
6d41a9ea960766d6c7a93e01b3da41b93b651a3e38b00ec9873794c4bbdbee5b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6D41A9EA960766D6C7A93E01B3DA41B93B651A3E38B00EC9873794C4BBDBEE5B"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9819
Expires: Sun, 11 Sep 2022 16:54:12 GMT
Date: Sun, 11 Sep 2022 14:10:33 GMT
Connection: keep-alive

192.243.59.20

307 Temporary Redirect

0 B

URL HTTP/1.1
www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid= HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 14:10:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nxbrew.com
Access-Control-Allow-Origin: https://nxbrew.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=&shu=ed68c44f757c093d90b648705e7a8f48df215601b524cdb83c50cf3302d58328845c53e465148c09c7b18f7179f81d95f952a0465159a96de013724b8729c748fe0e18485b8d2ddc02fc03005258ea9cfdfa16&pst=1662905493&rmtc=t
Set-Cookie: u_pl=15120059; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMDA1OSwiayI6IjA2MGQ4Zjc0M2U5MDlkYThjMjhhNjUzNWM0ZWVjODExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDQ3MDUsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJza2N0ZTRibiIsImNwa3MiOnsgIjI4IjoiZDc0YzQ3MWRmOThmMjRkNmQyYjM2NzI2Y2I4OGFkMGYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL254YnJldy5jb20vIn19.Bi20eqn_zVAt2QIH2TU4qYNalvOQGb5qAXS8uTBq1g0; expires=Sun, 11 Sep 2022 14:11:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9d52cfac8bbcff09333c7de01e7b68a
Strict-Transport-Security: max-age=0; includeSubdomains

pogothere.xyz/

104.21.86.231

200 OK

28 B

URL HTTP/2
pogothere.xyz/
IP
104.21.86.231:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
4221c68aa5b0efa6cf22e3a795ea1c52
da3892691c1beae5cfab01e395cacb3465c2a54a
bd9cb5d64c9aa014414f888f2454a5ce453cff5bf3ae00f3b213d967e09f783f

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: text/plain
set-cookie: csu=2110500594233376@1@1662905433; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08vGeKhxlyw6kT0DsAD3eQZGJXQbaiJvKZHa3H1X6NSCxx3fN0A8o%2FSedB4uDTr8arRpTC1LwRc%2FVnwVUc1VSwwL5zoHIrfOe7wyv8kXMiKNjj%2B9V4Kbsmav%2ByM4%2BbGs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fccc89160b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=&shu=ed68c44f757c093d90b648705e7a8f48df215601b524cdb83c50cf3302d58328845c53e465148c09c7b18f7179f81d95f952a0465159a96de013724b8729c748fe0e18485b8d2ddc02fc03005258ea9cfdfa16&pst=1662905493&rmtc=t

192.243.59.20

200 OK

2.1 kB

URL HTTP/1.1
www.profitabledisplaycontent.com/watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=&shu=ed68c44f757c093d90b648705e7a8f48df215601b524cdb83c50cf3302d58328845c53e465148c09c7b18f7179f81d95f952a0465159a96de013724b8729c748fe0e18485b8d2ddc02fc03005258ea9cfdfa16&pst=1662905493&rmtc=t
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2581)
Size
2.1 kB (2055 bytes)
Hash
3cbb1cde6b81df2f1a000b95e63fb383
42086edfd2f8e2277003526342dcf09592f1ef0a
c17a247c4e31e77543a408f040c96ba6ac308bd462d9d8682f0e33770acf62cb

HTTP Headers

GET /watch.245299572589.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22nxbrew%22%2C%22com%22%2C%22free%22%2C%22nintendo%22%2C%22switch%22%2C%22gaming%22%2C%22xci%22%2C%22nsp%22%2C%22downloads%22%5D&refer=https%3A%2F%2Fnxbrew.com%2F&tz=0&dev=r&res=12.31&uuid=&shu=ed68c44f757c093d90b648705e7a8f48df215601b524cdb83c50cf3302d58328845c53e465148c09c7b18f7179f81d95f952a0465159a96de013724b8729c748fe0e18485b8d2ddc02fc03005258ea9cfdfa16&pst=1662905493&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Referer: https://nxbrew.com/
Connection: keep-alive
Cookie: u_pl=15120059; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMDA1OSwiayI6IjA2MGQ4Zjc0M2U5MDlkYThjMjhhNjUzNWM0ZWVjODExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDQ3MDUsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJza2N0ZTRibiIsImNwa3MiOnsgIjI4IjoiZDc0YzQ3MWRmOThmMjRkNmQyYjM2NzI2Y2I4OGFkMGYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL254YnJldy5jb20vIn19.Bi20eqn_zVAt2QIH2TU4qYNalvOQGb5qAXS8uTBq1g0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 11 Sep 2022 14:10:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nxbrew.com
Access-Control-Allow-Origin: https://nxbrew.com
Access-Control-Allow-Credentials: true
Set-Cookie: iprc3c08781e23d2d6a37ff5aadac0d24582=3569805; expires=Sun, 11 Sep 2022 18:10:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
uncs=1; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
pdhtkv25=true; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
uncs25=1; expires=Mon, 12 Sep 2022 14:10:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c05c47c0d344ca0639f9d3c9d30d1527
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

s10.histats.com/counters/cc_1033.js

46.105.201.240

200 OK

5.6 kB

URL HTTP/2
s10.histats.com/counters/cc_1033.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (15425), with no line terminators
Size
5.6 kB (5570 bytes)
Hash
39bd345b9bdae7b62238cc91633d4224
12fd38b309bb412f0f5c8ce680d90424b638c1e8
a8eb8ad364cdc23599d9bf5ee34657e847646e54077d85cd60552b22efc3a9ea

HTTP Headers

GET /counters/cc_1033.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:05:43 GMT
etag: "77917907"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 918193189
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5570
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.172.243

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.172.243:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
41498cd140d19d2d344936450a4a4807
1f8b42a5528fe6a85fd2e99cdb3f7e8c183f84a3
32fff5d94387a67bf5b89a4aac8921da25e444ec374ad420ad63c66d3b28232e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Cookie: uid_id2=10028db7-6ddb-40b1-824f-329f1a433579:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a1543fa75949583b4223a1d3f0f8b937
fe06a05582a0cdc1cde39f17fac440a1d43495ab
46fa93a75d4bb081e5f0e3c098d97e5b9364364d29f6b1c814ae582dc675c110

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FA93A75D4BB081E5F0E3C098D97E5B9364364D29F6B1C814AE582DC675C110"
Last-Modified: Fri, 09 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8701
Expires: Sun, 11 Sep 2022 16:35:34 GMT
Date: Sun, 11 Sep 2022 14:10:33 GMT
Connection: keep-alive

cdn.cloudimagesb.com/cti/de/3f/62/de3f624c0734dbfc05348cda21b5c98d/1658920011.png

45.133.44.9

200 OK

214 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/de/3f/62/de3f624c0734dbfc05348cda21b5c98d/1658920011.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size
214 kB (213839 bytes)
Hash
1d5c0c87729ad8b2ac5175c523b4968f
a56f93542e7ee8728fc8334d7cc5f4b53c080278
01c52194020d1ab2c4ada1c8fde8fe082ea4d3e80e03b3562e0d4a21c0616ab5

HTTP Headers

GET /cti/de/3f/62/de3f624c0734dbfc05348cda21b5c98d/1658920011.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: image/png
content-length: 213839
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:06:58 GMT
etag: "62e11c52-3434f"
expires: Tue, 13 Sep 2022 14:10:33 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
090a097732f15b625208ab10faeea110
33b4fbb528d5b24e6edeebec3887e9b92bed4272
dd912cb8f4b18a02f086446af981c96af8de389bb8872f8bb6dd76cb5b018194

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD912CB8F4B18A02F086446AF981C96AF8DE389BB8872F8BB6DD76CB5B018194"
Last-Modified: Sat, 10 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9734
Expires: Sun, 11 Sep 2022 16:52:48 GMT
Date: Sun, 11 Sep 2022 14:10:34 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=10028db7-6ddb-40b1-824f-329f1a433579&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14

192.243.61.227

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=10028db7-6ddb-40b1-824f-329f1a433579&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=10028db7-6ddb-40b1-824f-329f1a433579&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 11 Sep 2022 14:10:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c7efc81c218d9a7e416851ef00c5970
Strict-Transport-Security: max-age=0; includeSubdomains

accounts.google.com/v3/signin/identifier?dsh=S487419882%3A1662905432947113&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSnWi2yM3D6i3g1PhuZFZ9coIxyMVOZ4UDTa3vBG-Pxm_q_DlxQIlv_HMVQg9-75OfVLMvIQ

216.58.207.237

403 Forbidden

0 B

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S487419882%3A1662905432947113&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSnWi2yM3D6i3g1PhuZFZ9coIxyMVOZ4UDTa3vBG-Pxm_q_DlxQIlv_HMVQg9-75OfVLMvIQ
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/signin/identifier?dsh=S487419882%3A1662905432947113&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpSnWi2yM3D6i3g1PhuZFZ9coIxyMVOZ4UDTa3vBG-Pxm_q_DlxQIlv_HMVQg9-75OfVLMvIQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nxbrew.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 11 Sep 2022 14:10:33 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-ALV7WDNinWsAEhm6o3bJ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=MbRcuqe0AzY7-s8wp-_Y-n4J7Wm1zZ6Lm30qbENzeKGCA4WTxuGB76ERCpLX3tpbC8p9s0aGw2_RdlFF_iynCIur8-1wf2qm0QJa45-M9vimY3fOKdhgeV6QgdMIIvBTovtCRjGAOsrfQmZnHjfywZ6HrmkaLimEEVd1HM4Ucrk; expires=Mon, 13-Mar-2023 14:10:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

104.21.86.231

200 OK

0 B

URL HTTP/2
pogothere.xyz/asd100.bin
IP
104.21.86.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 11:52:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGLObobaHsBZVCFU5zds8bD5r6KYgR0ULLUt4vwarhLLaEXZwu5vdrF2UOzMmz7jJUXqZkMj%2B6N36gw4Hr0oLFRzV7nUHJy%2FgUAAlVBVANO05b8cZkKSm2pev9L79CBI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fccbc80d0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

nxbrew.com/cdn-cgi/styles/challenges.css

104.21.54.76

200 OK

0 B

URL HTTP/2
nxbrew.com/cdn-cgi/styles/challenges.css
IP
104.21.54.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: text/css
last-modified: Tue, 06 Sep 2022 17:30:38 GMT
etag: W/"631783be-1896"
server: cloudflare
cf-ray: 7490fcb8bd0a1bfe-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 11 Sep 2022 16:10:29 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2

www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5xEkqkfHjk13URKQvXVEpZUibSrbmzWz8zgUJbJZ8UkgaJScjM2KVE2c5lGjsoSJbjZaalnvPQC1OOAbV/wLKw==
date: Sun, 11 Sep 2022 14:10:32 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/

104.21.86.231

200 OK

0 B

URL HTTP/2
pogothere.xyz/
IP
104.21.86.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: text/plain
set-cookie: csu=1735513755628117@1@1662905432; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkyWY4YIdXxDZGZOLPpzf2VD4udncKVkP%2BmT6JzeNI2liFoIAYc6H4rc0DUx5ElmEUmMvQqrsp8TfFFHaEQin3MdUQ57iJKTEdXUzb%2FZoT77sqHoICXg%2BBxuH6UH8uFe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7490fccbb8080b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

104.21.86.231

200 OK

0 B

URL HTTP/2
pogothere.xyz/asd100.bin
IP
104.21.86.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.com
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://nxbrew.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 11:52:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qtObmUeysoB%2Fgm3f8vtZd16vlCsLdbzgBVA1NRYIb8OafNI7gpcXGaRB%2BYENSywcvmpA77yaOa2zWllhVjEQHSm3we2LRqZsn82MqUi2LMKGBgbRwWaLRSn51vUjw7e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fccbb80a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

nxbrew.com/

104.21.54.76

503 Service Unavailable

0 B

URL HTTP/2
nxbrew.com/
IP
104.21.54.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: nxbrew.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 503 Service Unavailable
date: Sun, 11 Sep 2022 14:10:29 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gs%2FpJmLX0C6VvBa0IA%2F%2Fd6M8pElMIGTdXmus33yviky1pEyLpx1TC%2F7eX9TAYfLxgcSW3Br9kGsZdcZNg7JkTyCBZz6bP2fHYcQX527L6tvfXjeRvp0hhm%2Fi3rxc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fcb679c91bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

104.21.234.254

200 OK

0 B

URL HTTP/2
addresseepaper.com/sfp.js
IP
104.21.234.254:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nxbrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 11 Sep 2022 14:10:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 862b5915bb82bfc4dd54b5f87bba306e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 11 Sep 2022 14:10:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ADiyJsGis%2B2gqLp2sUmNS%2BF8SwvsNn6%2FFLDNhhR8zXrg5hTZGSgIM%2BQSyvERZj9K16o24S57TAjlBPXel%2BaDMs0%2Ft9kvvQgBPQLq7yARpF6QgcM3zZlRCVrZjY4NQVMPezlKIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7490fcce0dda71c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (45)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations