r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6596
Expires: Wed, 30 Nov 2022 02:59:57 GMT
Date: Wed, 30 Nov 2022 01:10:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5243
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:10:01 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 55
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9447
Expires: Wed, 30 Nov 2022 03:47:28 GMT
Date: Wed, 30 Nov 2022 01:10:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 00:19:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3023
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /TSnKTWcpnfPjux06MzxpXwOvSo7gaHUP2brChq0ws70MtU691hRmKg10qO08XndePQin6n51/c=
x-amz-request-id: 1SS5J1S4MVWS8XJY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 00:45:01 GMT
age: 1500
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 01:10:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gamingfun.me/79DZXP.krnlbeta.exe
52.173.151.229302 Found 0 B URL HTTP/1.1 gamingfun.me/79DZXP.krnlbeta.exe
IP 52.173.151.229:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /79DZXP.krnlbeta.exe HTTP/1.1
Host: gamingfun.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Nov 2022 01:10:01 GMT
Server: Apache
Location: https://grabify.world/79DZXP.krnlbeta.exe
Status: 301 Moved Permanently
cf-cache-status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 56137e603e72eeba
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 01:08:56 GMT
cache-control: public,max-age=3600
age: 66
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:10:02 GMT
Etag: "63866b88-37"
Last-Modified: Tue, 29 Nov 2022 20:28:56 GMT
Server: nginx
Content-Length: 55
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:10:02 GMT
Etag: "63866b88-37"
Last-Modified: Tue, 29 Nov 2022 20:28:56 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 55
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4485
Cache-Control: max-age=119491
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:10:02 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:21:33 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2f3417ff48f93a635703dbeb298efdae
ab30acde204eadf79066c18d8dd3970e65ef2778
b7857a672879d59e4499ced2e0be32dd658dbaca135c5e2701b63ab0f2622140
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:10:02 GMT
Etag: "63863956-116"
Server: ECS (amb/6B72)
Content-Length: 278
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TP5w1IrqbEbxugy1OAmJQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /HFgx6VqZ5zwOIlPb1jBzMMowq0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4000
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Wed, 30 Nov 2022 01:10:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4000
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Wed, 30 Nov 2022 01:10:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4000
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Wed, 30 Nov 2022 01:10:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 11508
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 11832
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c14828912decf19c9d95fee93e92f00
49a82390cbf2139bf681d896f9467ab736e0b337
bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G2_x26WJ_ISQDsWfV3RzC_jCy5FLNLpblRk_GvuCn4i-ETBAsaKBjQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 11838
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cc55889e6edaa76fa8c991914b5347b
9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a
3122c681063a6ee629f5516c433ea3cc65f771d3394df1d6c4b0a1cb91100831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11070
x-amzn-requestid: 3f342f57-8231-4ba9-9105-dd3fa43ca8d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsg9FNAoAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384279f-27e7956e0f3a694338951b8a;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:14:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhq6EXPP69HkKofiAAD5x6j9gVuLzO9qvcwBfYUMiBGR47Sdqccf_g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:52 GMT
age: 73031
etag: "9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 11349
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
age: 10391
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2f3417ff48f93a635703dbeb298efdae
ab30acde204eadf79066c18d8dd3970e65ef2778
b7857a672879d59e4499ced2e0be32dd658dbaca135c5e2701b63ab0f2622140
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:10:04 GMT
Etag: "63863956-116"
Server: ECS (amb/6B83)
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:10:04 GMT
Etag: "63866b88-37"
Last-Modified: Tue, 29 Nov 2022 20:28:56 GMT
Server: nginx
Content-Length: 55
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d63f5c0a91c99d827d1bf663efc3a91
c2c19a61d361652013be84ccdfdb426edfe8825a
5159f3c7e5223b2d4d4f5e0723ad4f86a2cd6745c6b6a3bde3485099071887a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:10:05 GMT
Etag: "63849ea1-118"
Server: ECS (amb/6B83)
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5df294fe1852df14617fae25a8a28839
b04d702ae1ba44f64bd63ef2a614a7e4ea92b218
6f700b1a84b04d32b7ce72f21615cd774ab8554357d5f2c136ec2162f66e08ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F700B1A84B04D32B7CE72F21615CD774AB8554357D5F2C136EC2162F66E08FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13795
Expires: Wed, 30 Nov 2022 05:00:00 GMT
Date: Wed, 30 Nov 2022 01:10:05 GMT
Connection: keep-alive
krnl.ca/
188.114.96.1301 Moved Permanently 151 B IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c15cb23782f11cc460e23cb1935327da
e97431744a49c79282a30de7a17c7b537c08253e
0660a33678dbfee5f5e0cc1c20f8987a9174d2b076d88ba853f394ee5a105145
GET / HTTP/1.1
Host: krnl.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Wed, 30 Nov 2022 01:10:04 GMT
location: https://krnl.place/
cache-control: max-age=3600
expires: Wed, 30 Nov 2022 02:10:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6THdTu1zoFkGG1xizH%2BjmxzbAfJYppDvbnBwky50Opc03FlLwerOZ16ieaCN2fpk2lD9GBEw9Sc0i8ZsEEbgaeTLVMU0NWdOaTeHRQodRVTtmc%2B27SJAP1pe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb3890bd2b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
krnl.place/.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
146.59.81.58301 Moved Permanently 175 B URL HTTP/2 krnl.place/.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
IP 146.59.81.58:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
GET /.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 30 Nov 2022 01:10:04 GMT
content-type: text/html
content-length: 175
location: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:04 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2
krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
146.59.81.58200 OK 51 kB URL HTTP/2 krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
IP 146.59.81.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (32927), with CRLF line terminators
Hash 767f18094dbc3f68d8e9c50a03ba0df7
eaba133ee59de79060d3e701b438bd164ea46510
8720e5fa9568032faa45bb0714cf460bec8521457aeaf626bb28cadf5291e9b7
GET /.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:04 GMT
content-type: text/html
content-length: 50916
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:04 GMT
cache-control: no-store, no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (48316), with no line terminators
Hash 2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1150967
expires: Mon, 20 Nov 2023 01:10:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zdx8u0Uq%2BDfvSxeP6fCjirGD8RFWT%2FniEZOSegRnYC0sG4EToQaRn3vCkXmZw9nUdYv6%2BUaZt5jPF7mdm2IsOhPVygfj1ny0faIlFNzHF6wtO90pQ3wCSb8%2Ba42lIpOu1rpQaJ22"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771fb38b7f1eb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6542
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:10:05 GMT
Etag: "63866b87-37"
Last-Modified: Tue, 29 Nov 2022 20:28:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55
ipv4.icanhazip.com/
104.18.115.97200 OK 13 B IP 104.18.115.97:0
Hash d0f727049a6c39e00df33badfc529120
bcbe610cd9d4baf88e53c32375c624b8920fb570
4b3f1dd9b6a31b14247dec82b502a00a71d83ebb9f007bfccf7bd490e1604821
GET / HTTP/1.1
Host: ipv4.icanhazip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/
Origin: https://krnl.place
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-methods: GET
set-cookie: __cf_bm=6TBGHvuchK9v1wfEvtYa.TqdmT_lhUNjkgq69IgpLes-1669770605-0-ARmNduDfHKeo/nqS10Wj9Fxh3uwLQZ0ARaq5KESJ0QaFHIhguI9KPe72XkiTFR5lemHPcBYiBVg0FSjnEBCYfXo=; path=/; expires=Wed, 30-Nov-22 01:40:05 GMT; domain=.icanhazip.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb38c4a170b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6542
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:10:05 GMT
Etag: "63866b87-37"
Last-Modified: Tue, 29 Nov 2022 20:28:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55
krnl.place/.nexus/interact
146.59.81.58200 OK 540 B URL HTTP/2 krnl.place/.nexus/interact
IP 146.59.81.58:0
File type JSON data\012- , ASCII text, with very long lines (540), with no line terminators
Hash 6e0de752786784f8b0d3601c3be817e1
74cc3c0ad33907ff2a55785f53fd293da2046da9
0390e554cc44b9b5506db828cdb1ec78594e9d9fa0359682ec73f4d5daa7177f
POST /.nexus/interact HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Content-Type: application/json
Origin: https://krnl.place
Content-Length: 74
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:04 GMT
content-type: application/json; charset=utf-8
content-length: 540
x-powered-by: Express
etag: W/"21c-dMw8CtM5B/8qVXhfU/0pPaIEbak"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:04 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/R4ZfrVOegg4
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/R4ZfrVOegg4
IP 142.250.74.131:0
Hash b17b4e7b5506355418979cee8423264c
5117870d6c4f13b070874c552c1b33622fdaf38b
ab1846e8062fedd93f3ee8f0eb4bb57816e66f859e89fda1e39fe5ba0d4c8ca4
POST /s/gts1p5/R4ZfrVOegg4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:10:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cf-ent-cache.nexuspipe.com/static/nexus-captcha.webp
104.18.8.6200 OK 17 kB URL HTTP/2 cf-ent-cache.nexuspipe.com/static/nexus-captcha.webp
IP 104.18.8.6:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a399f696ad94ea08377266cfb9391387
1f1f2d7fa6c18b4d6e69fc0d97bfa3aa0f283378
63ee6a0e0f30a9a60da2258e4977db79f04a520603c5752df7ab958c8ab46e8c
GET /static/nexus-captcha.webp HTTP/1.1
Host: cf-ent-cache.nexuspipe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: image/webp
content-length: 17032
last-modified: Thu, 06 Oct 2022 04:35:47 GMT
etag: "633e5b23-4288"
cf-cache-status: HIT
age: 4027752
expires: Wed, 30 Nov 2022 02:10:05 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=Sgp9B1SNaLB.uJ6l.OCVMa1MGVEF3rOayVhTL08dlTA-1669770605-0-AcsBotOKPcUF0lEdXMMEtRwCo5oXHFKrmvw07IekbmJjLpgTi/BwZopzB6T2cfHUp2qQSSDg16NkVqRKJVtGsNA=; path=/; expires=Wed, 30-Nov-22 01:40:05 GMT; domain=.nexuspipe.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb38ce8191c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
krnl.place/favicon.ico
146.59.81.58302 Found 151 B IP 146.59.81.58:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c15cb23782f11cc460e23cb1935327da
e97431744a49c79282a30de7a17c7b537c08253e
0660a33678dbfee5f5e0cc1c20f8987a9174d2b076d88ba853f394ee5a105145
GET /favicon.ico HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/html
content-length: 151
location: /.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/R4ZfrVOegg4
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/R4ZfrVOegg4
IP 142.250.74.131:0
Hash b17b4e7b5506355418979cee8423264c
5117870d6c4f13b070874c552c1b33622fdaf38b
ab1846e8062fedd93f3ee8f0eb4bb57816e66f859e89fda1e39fe5ba0d4c8ca4
POST /s/gts1p5/R4ZfrVOegg4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:10:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ipv4.icanhazip.com/
104.18.115.97200 OK 13 B IP 104.18.115.97:0
Hash d0f727049a6c39e00df33badfc529120
bcbe610cd9d4baf88e53c32375c624b8920fb570
4b3f1dd9b6a31b14247dec82b502a00a71d83ebb9f007bfccf7bd490e1604821
GET / HTTP/1.1
Host: ipv4.icanhazip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/
Origin: https://krnl.place
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-methods: GET
set-cookie: __cf_bm=y1aV_4htvdvCX4DsyVQ0DUfvCa2245KCB1bOTHI.0nQ-1669770605-0-Af9gqIc51Vx9larBOrX5PuXVyd+ZOpcFaDzT7tb22D2wJCyK5V+kYRvSAiRwV8HUxJ/vQcA4ZwIdCzlBk/20SSY=; path=/; expires=Wed, 30-Nov-22 01:40:05 GMT; domain=.icanhazip.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb38dea9f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
krnl.place/.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico
146.59.81.58301 Moved Permanently 175 B URL HTTP/2 krnl.place/.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico
IP 146.59.81.58:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
GET /.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/html
content-length: 175
location: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:05 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2
krnl.place/.nexus/interact/4c22fb649553baa3edc8f470599247431532dfd160b28b28b8484f58c497f828
146.59.81.58200 OK 2 B URL HTTP/2 krnl.place/.nexus/interact/4c22fb649553baa3edc8f470599247431532dfd160b28b28b8484f58c497f828
IP 146.59.81.58:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /.nexus/interact/4c22fb649553baa3edc8f470599247431532dfd160b28b28b8484f58c497f828 HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Content-Type: application/json
Origin: https://krnl.place
Content-Length: 1169
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/plain; charset=utf-8
content-length: 2
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:05 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2
krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico
146.59.81.58200 OK 51 kB URL HTTP/2 krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico
IP 146.59.81.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (32927), with CRLF line terminators
Hash 767f18094dbc3f68d8e9c50a03ba0df7
eaba133ee59de79060d3e701b438bd164ea46510
8720e5fa9568032faa45bb0714cf460bec8521457aeaf626bb28cadf5291e9b7
GET /.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/html
content-length: 50916
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:05 GMT
cache-control: no-store, no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5768
Cache-Control: max-age=102061
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:10:06 GMT
Etag: "63858293-118"
Expires: Thu, 01 Dec 2022 05:31:07 GMT
Last-Modified: Tue, 29 Nov 2022 03:54:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55
cdn.discordapp.com/attachments/756373435726168104/769299914332962886/krnlmain.png
162.159.135.233200 OK 6.0 kB URL HTTP/2 cdn.discordapp.com/attachments/756373435726168104/769299914332962886/krnlmain.png
IP 162.159.135.233:0
File type PNG image data, 209 x 197, 8-bit/color RGBA, non-interlaced\012- data
Hash 49858dfbc04f611029c4e46711a342dc
6c9a36992fec3d3fbfb381fee8825606aa7a2a13
3a49fc85ae4b4b6aa1edbe0b3cec6817fb0261a3189c38d1ca464d7b3d12d66b
GET /attachments/756373435726168104/769299914332962886/krnlmain.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:06 GMT
content-type: image/png
content-length: 5996
cf-ray: 771fb3912a1cb527-OSL
accept-ranges: bytes
age: 661986
cache-control: public, max-age=31536000
etag: "49858dfbc04f611029c4e46711a342dc"
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Fri, 23 Oct 2020 20:43:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1603485792508476
x-goog-hash: crc32c=MjINwg==, md5=SYWN+8BPYRApxORnEaNC3A==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5996
x-guploader-uploadid: ADPycdvZKluZsYvVRpr4tSV0ZnK25KgFdjJJSAIj7CWPtgas6Dfe6KVJnHOWrhFP9DxwgsrqH7wrDv3Ls2Z4_uGHFcN9MRp6rw
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUwd78XkKcMiVvb7TtsyupAnCCEEa0%2BJzjlB9hN5Hilry0KMpXkcB7UI%2FRZUgU6xQqK0WWO%2FT99OpmObNd9U2A2XmQa7FJt5MIaWv%2FBwKIv7gW3fDZucsNMXcc2o%2Bpu7pfMiJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
krnl.place/css/krnl-components.css
146.59.81.58200 OK 8.3 kB URL HTTP/2 krnl.place/css/krnl-components.css
IP 146.59.81.58:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 85f24d668ed70a34d0e6fabc735bb341
dc18363e7da70b5f3521042382eb91174a56c29a
92968d34606f9c81228347703430a45547eaefa4e8ecbe88ee6f672201e5d927
GET /css/krnl-components.css HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/css
content-length: 8302
last-modified: Tue, 10 May 2022 21:57:16 GMT
vary: Accept-Encoding
etag: "627adfbc-206e"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8d89529b69aa9f8917e5c4f9eba410cf
ad735a258100062f46e809152ba7834fbd017444
a1d895aad6251959cf3cd200c9497233cca3cc8436c06e3cd233de31e51a7eca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5188
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:10:06 GMT
Last-Modified: Tue, 29 Nov 2022 23:43:38 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8d89529b69aa9f8917e5c4f9eba410cf
ad735a258100062f46e809152ba7834fbd017444
a1d895aad6251959cf3cd200c9497233cca3cc8436c06e3cd233de31e51a7eca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5972
Cache-Control: max-age=96841
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:10:06 GMT
Etag: "63856d63-117"
Expires: Thu, 01 Dec 2022 04:04:07 GMT
Last-Modified: Tue, 29 Nov 2022 02:24:35 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5768
Cache-Control: max-age=102061
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:10:06 GMT
Etag: "63858293-118"
Expires: Thu, 01 Dec 2022 05:31:07 GMT
Last-Modified: Tue, 29 Nov 2022 03:54:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55
krnl.place/
146.59.81.58200 OK 27 kB IP 146.59.81.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2692)
Hash 7be5890ab1218759c19cb7e0cabe03dd
17f6f5091425ac438fe293776fb85183e27256f6
26114ef9d24bc7408f510164c51bee89fbae6ba089ac4e8f024f72eaf04abf99
GET / HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/html
content-length: 27361
x-mark: 1
last-modified: Thu, 04 Aug 2022 03:17:55 GMT
vary: Accept-Encoding
etag: "62eb3a63-6ae1"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
media.discordapp.net/attachments/857698465274134540/972652140982042715/f44bd35365535d9675b0cee147fad734.webp?width=72&height=72
162.159.128.232200 OK 952 B URL HTTP/2 media.discordapp.net/attachments/857698465274134540/972652140982042715/f44bd35365535d9675b0cee147fad734.webp?width=72&height=72
IP 162.159.128.232:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 72x72, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5c03571c60ee54b77c92b79dd8d80e0
0d3adedd0ac11cb660c658a25823d0a50183ab76
c8b931b70be1bb29e4980cdfb2d826e9defa243b7bcda5db62f15aaf580ab2df
GET /attachments/857698465274134540/972652140982042715/f44bd35365535d9675b0cee147fad734.webp?width=72&height=72 HTTP/1.1
Host: media.discordapp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:06 GMT
content-type: image/webp
content-length: 952
cf-ray: 771fb39159afb4f9-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 660409
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Sun, 08 May 2022 00:12:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-envoy-upstream-service-time: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNRsDLN4SlKHhMcTylSbNmBY3FkuKQHThoT%2FlcywAUC1%2Fv%2FeVUArltVATR3TlZ3IvV3hHHn8ubDy7lacoCji3Bx94sZJCnskJqZip%2FrsJegYj8Rjd5i995fCUEYh2nm5hrKrChTP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1a0e964aae25aaa92e848cbd6d2028ed79ebc201-1669770606; path=/; domain=.discordapp.net; HttpOnly; Secure; SameSite=None
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
server: cloudflare
X-Firefox-Spdy: h2
media.discordapp.net/attachments/857698465274134540/972652139996393482/1d7978578f397e326b6190298cead7c0.png?width=72&height=72
162.159.128.232200 OK 9.2 kB URL HTTP/2 media.discordapp.net/attachments/857698465274134540/972652139996393482/1d7978578f397e326b6190298cead7c0.png?width=72&height=72
IP 162.159.128.232:0
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 7448a88858d28fc5c5440d6f8c5a7a44
58606bd30ecff69e1a75f2911d3da8e75221a504
5c7eb08207eb2693db7543c88c70098e6120780658ba02f602e49e338cd665f3
GET /attachments/857698465274134540/972652139996393482/1d7978578f397e326b6190298cead7c0.png?width=72&height=72 HTTP/1.1
Host: media.discordapp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:06 GMT
content-type: image/png
content-length: 9249
cf-ray: 771fb39159aeb4f9-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 668048
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Sun, 08 May 2022 00:12:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-envoy-upstream-service-time: 16
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9ttPBSxuUwwGcF%2FDtecu9g9qC%2Bw8twopJO%2ByLS6QvTVGzMLdoPz8vkw3tLhY9Q3PjVBz7c8hi24xK%2FQi%2BsbnSA9go6uywKWGtakV0bbgPi85h%2BsV0m16n7Bj7%2FjAMtA44YrzNLF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1a0e964aae25aaa92e848cbd6d2028ed79ebc201-1669770606; path=/; domain=.discordapp.net; HttpOnly; Secure; SameSite=None
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
server: cloudflare
X-Firefox-Spdy: h2
media.discordapp.net/attachments/857698465274134540/972652140747182110/e8cc97bb353801fb433f19deb03081ef.webp?width=72&height=72
162.159.128.232200 OK 950 B URL HTTP/2 media.discordapp.net/attachments/857698465274134540/972652140747182110/e8cc97bb353801fb433f19deb03081ef.webp?width=72&height=72
IP 162.159.128.232:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c44c6a5f974f55cf076df9cb15265ba6
2110c5fa95c55508af4edcfaf1a54d843a5d0cbe
1c22ab018c9f0d7d089acde80857c8f3be61d73489983c7c5906e56566522132
GET /attachments/857698465274134540/972652140747182110/e8cc97bb353801fb433f19deb03081ef.webp?width=72&height=72 HTTP/1.1
Host: media.discordapp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:06 GMT
content-type: image/webp
content-length: 950
cf-ray: 771fb39179bab4f9-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 660409
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Sun, 08 May 2022 00:12:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-envoy-upstream-service-time: 50
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FBJ5TmhAouO4aLT3v7SNKHdg9PYZPehFmmmYL5XD9iphTqBMFEKOfnYqoSsiN38u1%2B%2BVYvr2D9IDDMDGyUsxfYhy5FTVLuewmuVlPX4N569R3Wf3eJXce2gbRST%2FDOYr93AtXnW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1a0e964aae25aaa92e848cbd6d2028ed79ebc201-1669770606; path=/; domain=.discordapp.net; HttpOnly; Secure; SameSite=None
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
server: cloudflare
X-Firefox-Spdy: h2
media.discordapp.net/attachments/857698465274134540/972652423090937896/Screenshot_20220508-031321_Discord.jpg?width=72&height=72
162.159.128.232200 OK 1.6 kB URL HTTP/2 media.discordapp.net/attachments/857698465274134540/972652423090937896/Screenshot_20220508-031321_Discord.jpg?width=72&height=72
IP 162.159.128.232:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash e4797175ffad9248515139b8380f35a7
9c02e85a0916f1fcd229df39ee2a4afb85510165
7f2bc63e8ff38ea91f28553603e19bf7a1f0b52f8ee8d084c86ce9ec8a732d6f
GET /attachments/857698465274134540/972652423090937896/Screenshot_20220508-031321_Discord.jpg?width=72&height=72 HTTP/1.1
Host: media.discordapp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Cookie: __cfruid=1a0e964aae25aaa92e848cbd6d2028ed79ebc201-1669770606
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:06 GMT
content-type: image/jpeg
content-length: 1556
cf-ray: 771fb39179bfb4f9-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 668048
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Sun, 08 May 2022 00:13:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BRhveRPRJUKj9xH2orPHnbN0RWZWOfhdpICdlun%2FXMiBRTd0UnKhVh%2FOA8e1YkX4iQ%2FfGqA0L0rVCEYZuBpPDoi%2B64rCG7hgfcXT%2F02%2FQrOyGokEDtuAeKoR2W27U60XXvkpt%2B5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
server: cloudflare
X-Firefox-Spdy: h2
krnl.place/css/mainpage.css
146.59.81.58200 OK 6.7 kB URL HTTP/2 krnl.place/css/mainpage.css
IP 146.59.81.58:0
File type ASCII text, with CRLF line terminators
Hash f47cf573ba98726d6124f09ee2815de6
e11bd2e7cafb57434912615b390d42549a2605c4
33172e842a86afa3d61a6d17cf05c664f877613f4593df221fcf3efb7e148c07
GET /css/mainpage.css HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/css
content-length: 6698
last-modified: Tue, 10 May 2022 21:57:17 GMT
vary: Accept-Encoding
etag: "627adfbd-1a2a"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
krnl.place/css/Team-Boxed.css
146.59.81.58200 OK 1.3 kB URL HTTP/2 krnl.place/css/Team-Boxed.css
IP 146.59.81.58:0
Hash 82bbec4cae98efe5fc4bdd3d9d621fc2
914bb0b8016af36c1377411094d3aa896a5ecd60
327f2799b4b3e501110095f757f67c103e7e7bb0f3ec1e29a00e6ec7e97a40ca
GET /css/Team-Boxed.css HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/css
content-length: 1266
last-modified: Tue, 10 May 2022 21:57:19 GMT
vary: Accept-Encoding
etag: "627adfbf-4f2"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
krnl.place/.nexus/request_connector
146.59.81.58200 OK 86 kB URL HTTP/2 krnl.place/.nexus/request_connector
IP 146.59.81.58:0
File type ASCII text, with CRLF, LF line terminators
Hash 5dab9f658f95648e36474b06af463693
482907288dc1ba14fa909b885ba4a3c2929a6adf
1f7e1802eeee0eba20897855f6c76c125c5a39ba964b764beba73fc4a7e2208c
POST /.nexus/request_connector HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Token: 4c22fb649553baa3edc8f470599247431532dfd160b28b28b8484f58c497f828
Origin: https://krnl.place
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:05 GMT
content-type: text/plain
set-cookie: .pipe=connected; Domain=krnl.place; Path=/; Secure; HttpOnly; expires=Thu, 01 Jan 1970 00:00:00 GMT
.pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU; Path=/; Secure; HttpOnly; expires=Fri, 31 Dec 9999 23:59:59 GMT
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:05 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2
krnl.place/css/Metropolis-Bold.woff2
146.59.81.58200 OK 17 kB URL HTTP/2 krnl.place/css/Metropolis-Bold.woff2
IP 146.59.81.58:0
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash b68b9ec97f8ce8856e1dd69d0cf135ad
824a47c356efb83705dea45651a78082cdcb4ca2
e0f909d85ac770245fa35d88b50e4984541c293152da8c97ca6236658be8ee87
GET /css/Metropolis-Bold.woff2 HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krnl.place/css/krnl-components.css
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:06 GMT
content-type: application/octet-stream
content-length: 17156
x-mark: 1
last-modified: Tue, 10 May 2022 21:57:17 GMT
etag: "627adfbd-4304"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
krnl.place/css/Metropolis-Medium.woff2
146.59.81.58200 OK 17 kB URL HTTP/2 krnl.place/css/Metropolis-Medium.woff2
IP 146.59.81.58:0
File type Web Open Font Format (Version 2), TrueType, length 17124, version 1.0\012- data
Hash b5b96f2fe2700d5cceb5847997c8fe9e
4c37d81c7bed62dbf2b1f605d98e233dd68946ca
9b0975217d3ed0cafc86fef1c4edef4fc3d368a7da3d4c1022f78e8c3096d12f
GET /css/Metropolis-Medium.woff2 HTTP/1.1
Host: krnl.place
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krnl.place/css/krnl-components.css
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 01:10:06 GMT
content-type: application/octet-stream
content-length: 17124
x-mark: 1
last-modified: Tue, 10 May 2022 21:57:18 GMT
etag: "627adfbe-42e4"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c5277610f3a542571abb53ffb3d4df1
ce411cc5b0a37bbd89551d06d7d0349f45734e97
3bf1105631ef7fda0249a46390ca90f904ea73b0a4f017c2db85326550a80a3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9812
x-amzn-requestid: 70bfeb68-0703-44bf-8550-50c759d52d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDbFolIAMFYBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-73fb65ee2b9161372819207f;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QQCoNlJBSE2V-IQlZr37dhINTABRu3ms9Y1p4FweO36HD-U6m9vvwg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 11845
etag: "ce411cc5b0a37bbd89551d06d7d0349f45734e97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
grabify.world/79DZXP.krnlbeta.exe
188.114.96.1302 Found 0 B URL HTTP/2 grabify.world/79DZXP.krnlbeta.exe
IP 188.114.96.1:0
GET /79DZXP.krnlbeta.exe HTTP/1.1
Host: grabify.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 30 Nov 2022 01:10:02 GMT
location: https://grabify.link/79DZXP.krnlbeta.exe
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzst7cOcdwVR5TfGTERDLCeXqPV%2BdGLV6e39mE%2F6aeHDvvD9kGmhMVimsez4RO4C3yH3gJKLktl5ByCZttr2HUpqew%2B5Y5oVrCke%2BR4BSyJngJwC2qo%2FtxHnqx6UJdcD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb3786c610b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2