Overview

URLgamingfun.me/79DZXP.krnlbeta.exe
IP 52.173.151.229 (United States)
ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 01:10:13 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (17)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
krnl.ca (1) 236925 2021-03-20 22:16:27 UTC 2022-11-08 04:16:29 UTC 188.114.96.1
cdn.discordapp.com (1) 2474 2015-08-24 13:06:21 UTC 2022-11-29 17:11:19 UTC 162.159.135.233
grabify.world (1) 0 2020-03-11 00:22:23 UTC 2022-11-29 22:25:37 UTC 188.114.96.1 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 17:14:13 UTC 34.102.187.140
cdnjs.cloudflare.com (1) 235 2015-04-17 20:46:33 UTC 2022-11-29 17:41:09 UTC 104.17.25.14
ipv4.icanhazip.com (2) 12595 2013-10-09 05:58:12 UTC 2022-11-29 18:50:47 UTC 104.18.115.97
ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
media.discordapp.net (4) 4418 2017-07-26 19:07:15 UTC 2022-11-29 17:13:09 UTC 162.159.128.232
ocsp.digicert.com (14) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
gamingfun.me (1) 0 2022-05-19 03:12:43 UTC 2022-11-29 20:43:18 UTC 52.173.151.229 Unknown ranking
krnl.place (14) 0 2022-06-23 23:07:16 UTC 2022-11-28 14:54:37 UTC 146.59.81.58 Unknown ranking
cf-ent-cache.nexuspipe.com (1) 0 2022-10-07 03:28:05 UTC 2022-11-27 15:35:20 UTC 104.18.8.6 Unknown ranking
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 17:10:57 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.37.79.227
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 gamingfun.me/79DZXP.krnlbeta.exe Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 52.173.151.229
Date UQ / IDS / BL URL IP
2023-02-08 22:45:52 +0000 0 - 5 - 1 stopify.co/profile.php?id=TFA84Z 52.173.151.229
2023-02-08 22:43:51 +0000 0 - 2 - 0 picshost.pics/94X3OY 52.173.151.229
2023-02-08 08:58:46 +0000 0 - 19 - 0 fortnitechat.site/ASKT31.exe 52.173.151.229
2023-02-08 02:51:36 +0000 0 - 7 - 0 gamingfun.me/generator.php?id=5QJ311.rar 52.173.151.229
2023-02-06 02:52:35 +0000 0 - 7 - 0 gamingfun.me/generator.php?id=5QJ311.rar 52.173.151.229


Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK
Date UQ / IDS / BL URL IP
2023-02-09 06:39:30 +0000 0 - 0 - 2 asmedigitalcollection.asme.org/biomechanical/ (...) 52.179.114.94
2023-02-09 06:38:52 +0000 0 - 3 - 3 inx.cc/ 40.88.2.250
2023-02-09 06:27:39 +0000 0 - 11 - 0 corona.go.jp/ 13.107.228.28
2023-02-09 06:13:02 +0000 0 - 3 - 0 mjz-lm.datasight.biz/ 52.172.193.196
2023-02-09 06:12:41 +0000 0 - 0 - 3 bankit.com.ng/well-known/acme-challenge/c/a/a (...) 13.69.228.3


Last 5 reports on domain: gamingfun.me
Date UQ / IDS / BL URL IP
2023-02-08 02:51:36 +0000 0 - 7 - 0 gamingfun.me/generator.php?id=5QJ311.rar 52.173.151.229
2023-02-06 02:52:35 +0000 0 - 7 - 0 gamingfun.me/generator.php?id=5QJ311.rar 52.173.151.229
2023-02-04 10:36:30 +0000 0 - 7 - 0 gamingfun.me/generator.php?id=5QJ311.rar 52.173.151.229
2023-02-02 12:30:25 +0000 0 - 3 - 1 gamingfun.me/MACLHI 52.173.151.229
2023-02-01 08:55:08 +0000 0 - 3 - 1 gamingfun.me/B2XUSJ.exe 52.173.151.229


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-01 00:29:00 +0000 0 - 0 - 1 gamingfun.me/79DZXP.krnlbeta.exe 52.173.151.229

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (60)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6596
Expires: Wed, 30 Nov 2022 02:59:57 GMT
Date: Wed, 30 Nov 2022 01:10:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 5243
Cache-Control: public, max-age=1209600
Date: Wed, 30 Nov 2022 01:10:01 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9447
Expires: Wed, 30 Nov 2022 03:47:28 GMT
Date: Wed, 30 Nov 2022 01:10:01 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 00:19:38 GMT
cache-control: public,max-age=3600
age: 3023
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: /TSnKTWcpnfPjux06MzxpXwOvSo7gaHUP2brChq0ws70MtU691hRmKg10qO08XndePQin6n51/c=
x-amz-request-id: 1SS5J1S4MVWS8XJY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 00:45:01 GMT
age: 1500
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 01:10:01 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /79DZXP.krnlbeta.exe HTTP/1.1 
Host: gamingfun.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         52.173.151.229
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Content-Length: 0
Date: Wed, 30 Nov 2022 01:10:01 GMT
Server: Apache
Location: https://grabify.world/79DZXP.krnlbeta.exe
Status: 301 Moved Permanently
cf-cache-status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 56137e603e72eeba


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 01:08:56 GMT
cache-control: public,max-age=3600
age: 66
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Date: Wed, 30 Nov 2022 01:10:02 GMT
Etag: "63866b88-37"
Last-Modified: Tue, 29 Nov 2022 20:28:56 GMT
Server: nginx
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: public, max-age=1209600
Date: Wed, 30 Nov 2022 01:10:02 GMT
Etag: "63866b88-37"
Last-Modified: Tue, 29 Nov 2022 20:28:56 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4485
Cache-Control: max-age=119491
Date: Wed, 30 Nov 2022 01:10:02 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:21:33 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 01:10:02 GMT
Etag: "63863956-116"
Server: ECS (amb/6B72)
Content-Length: 278

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TP5w1IrqbEbxugy1OAmJQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.37.79.227
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /HFgx6VqZ5zwOIlPb1jBzMMowq0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4000
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Wed, 30 Nov 2022 01:10:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4000
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Wed, 30 Nov 2022 01:10:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4000
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Wed, 30 Nov 2022 01:10:03 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 11508
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7971
Md5:    9e135c29a8769eb12ef8c26f99097400
Sha1:   87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
Sha256: ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 11832
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G2_x26WJ_ISQDsWfV3RzC_jCy5FLNLpblRk_GvuCn4i-ETBAsaKBjQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 11838
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11466
Md5:    0c14828912decf19c9d95fee93e92f00
Sha1:   49a82390cbf2139bf681d896f9467ab736e0b337
Sha256: bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11070
x-amzn-requestid: 3f342f57-8231-4ba9-9105-dd3fa43ca8d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsg9FNAoAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384279f-27e7956e0f3a694338951b8a;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:14:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhq6EXPP69HkKofiAAD5x6j9gVuLzO9qvcwBfYUMiBGR47Sdqccf_g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:52 GMT
age: 73031
etag: "9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11070
Md5:    4cc55889e6edaa76fa8c991914b5347b
Sha1:   9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a
Sha256: 3122c681063a6ee629f5516c433ea3cc65f771d3394df1d6c4b0a1cb91100831
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 11349
etag: "2f3a39a528d3b759060203931de33c12303592e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9330
Md5:    bbe350ea797a0fec5a19a450fc5de4b4
Sha1:   2f3a39a528d3b759060203931de33c12303592e1
Sha256: 4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
age: 10391
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 01:10:04 GMT
Etag: "63863956-116"
Server: ECS (amb/6B83)
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Cache-Control: public, max-age=1209600
Date: Wed, 30 Nov 2022 01:10:04 GMT
Etag: "63866b88-37"
Last-Modified: Tue, 29 Nov 2022 20:28:56 GMT
Server: nginx
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 01:10:05 GMT
Etag: "63849ea1-118"
Server: ECS (amb/6B83)
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6F700B1A84B04D32B7CE72F21615CD774AB8554357D5F2C136EC2162F66E08FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13795
Expires: Wed, 30 Nov 2022 05:00:00 GMT
Date: Wed, 30 Nov 2022 01:10:05 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: krnl.ca
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         188.114.96.1
HTTP/2 301 Moved Permanently
                                        
date: Wed, 30 Nov 2022 01:10:04 GMT
location: https://krnl.place/
cache-control: max-age=3600
expires: Wed, 30 Nov 2022 02:10:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6THdTu1zoFkGG1xizH%2BjmxzbAfJYppDvbnBwky50Opc03FlLwerOZ16ieaCN2fpk2lD9GBEw9Sc0i8ZsEEbgaeTLVMU0NWdOaTeHRQodRVTtmc%2B27SJAP1pe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb3890bd2b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   151
Md5:    c15cb23782f11cc460e23cb1935327da
Sha1:   e97431744a49c79282a30de7a17c7b537c08253e
Sha256: 0660a33678dbfee5f5e0cc1c20f8987a9174d2b076d88ba853f394ee5a105145
                                        
                                            GET /.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         146.59.81.58
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Wed, 30 Nov 2022 01:10:04 GMT
content-length: 175
location: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:04 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   175
Md5:    27d3037d4815f88b7bb724cb258524e1
Sha1:   092678ca1f61e13d97f37f7be9438e7b32b722e9
Sha256: 0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
                                        
                                            GET /.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: text/html
                                        
date: Wed, 30 Nov 2022 01:10:04 GMT
content-length: 50916
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:04 GMT
cache-control: no-store, no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (32927), with CRLF line terminators
Size:   50916
Md5:    767f18094dbc3f68d8e9c50a03ba0df7
Sha1:   eaba133ee59de79060d3e701b438bd164ea46510
Sha256: 8720e5fa9568032faa45bb0714cf460bec8521457aeaf626bb28cadf5291e9b7
                                        
                                            GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1150967
expires: Mon, 20 Nov 2023 01:10:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zdx8u0Uq%2BDfvSxeP6fCjirGD8RFWT%2FniEZOSegRnYC0sG4EToQaRn3vCkXmZw9nUdYv6%2BUaZt5jPF7mdm2IsOhPVygfj1ny0faIlFNzHF6wtO90pQ3wCSb8%2Ba42lIpOu1rpQaJ22"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771fb38b7f1eb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48316), with no line terminators
Size:   13972
Md5:    2e46e3b0807c19e0ee85603dd4ba3f72
Sha1:   cb55679976d9a5d9933f291218b8ff0f95ebdc17
Sha256: 87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 6542
Cache-Control: public, max-age=1209600
Date: Wed, 30 Nov 2022 01:10:05 GMT
Etag: "63866b87-37"
Last-Modified: Tue, 29 Nov 2022 20:28:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET / HTTP/1.1 
Host: ipv4.icanhazip.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/
Origin: https://krnl.place
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.18.115.97
HTTP/2 200 OK
content-type: text/plain
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 13
access-control-allow-origin: *
access-control-allow-methods: GET
set-cookie: __cf_bm=6TBGHvuchK9v1wfEvtYa.TqdmT_lhUNjkgq69IgpLes-1669770605-0-ARmNduDfHKeo/nqS10Wj9Fxh3uwLQZ0ARaq5KESJ0QaFHIhguI9KPe72XkiTFR5lemHPcBYiBVg0FSjnEBCYfXo=; path=/; expires=Wed, 30-Nov-22 01:40:05 GMT; domain=.icanhazip.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb38c4a170b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   13
Md5:    d0f727049a6c39e00df33badfc529120
Sha1:   bcbe610cd9d4baf88e53c32375c624b8920fb570
Sha256: 4b3f1dd9b6a31b14247dec82b502a00a71d83ebb9f007bfccf7bd490e1604821
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 6542
Cache-Control: public, max-age=1209600
Date: Wed, 30 Nov 2022 01:10:05 GMT
Etag: "63866b87-37"
Last-Modified: Tue, 29 Nov 2022 20:28:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            POST /.nexus/interact HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Content-Type: application/json
Origin: https://krnl.place
Content-Length: 74
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Wed, 30 Nov 2022 01:10:04 GMT
content-length: 540
x-powered-by: Express
etag: W/"21c-dMw8CtM5B/8qVXhfU/0pPaIEbak"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:04 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (540), with no line terminators
Size:   540
Md5:    6e0de752786784f8b0d3601c3be817e1
Sha1:   74cc3c0ad33907ff2a55785f53fd293da2046da9
Sha256: 0390e554cc44b9b5506db828cdb1ec78594e9d9fa0359682ec73f4d5daa7177f
                                        
                                            POST /s/gts1p5/R4ZfrVOegg4 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 01:10:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/nexus-captcha.webp HTTP/1.1 
Host: cf-ent-cache.nexuspipe.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.8.6
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 17032
last-modified: Thu, 06 Oct 2022 04:35:47 GMT
etag: "633e5b23-4288"
cf-cache-status: HIT
age: 4027752
expires: Wed, 30 Nov 2022 02:10:05 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=Sgp9B1SNaLB.uJ6l.OCVMa1MGVEF3rOayVhTL08dlTA-1669770605-0-AcsBotOKPcUF0lEdXMMEtRwCo5oXHFKrmvw07IekbmJjLpgTi/BwZopzB6T2cfHUp2qQSSDg16NkVqRKJVtGsNA=; path=/; expires=Wed, 30-Nov-22 01:40:05 GMT; domain=.nexuspipe.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb38ce8191c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   17032
Md5:    a399f696ad94ea08377266cfb9391387
Sha1:   1f1f2d7fa6c18b4d6e69fc0d97bfa3aa0f283378
Sha256: 63ee6a0e0f30a9a60da2258e4977db79f04a520603c5752df7ab958c8ab46e8c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 302 Found
content-type: text/html
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 151
location: /.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   151
Md5:    c15cb23782f11cc460e23cb1935327da
Sha1:   e97431744a49c79282a30de7a17c7b537c08253e
Sha256: 0660a33678dbfee5f5e0cc1c20f8987a9174d2b076d88ba853f394ee5a105145
                                        
                                            POST /s/gts1p5/R4ZfrVOegg4 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 01:10:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: ipv4.icanhazip.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/
Origin: https://krnl.place
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.18.115.97
HTTP/2 200 OK
content-type: text/plain
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 13
access-control-allow-origin: *
access-control-allow-methods: GET
set-cookie: __cf_bm=y1aV_4htvdvCX4DsyVQ0DUfvCa2245KCB1bOTHI.0nQ-1669770605-0-Af9gqIc51Vx9larBOrX5PuXVyd+ZOpcFaDzT7tb22D2wJCyK5V+kYRvSAiRwV8HUxJ/vQcA4ZwIdCzlBk/20SSY=; path=/; expires=Wed, 30-Nov-22 01:40:05 GMT; domain=.icanhazip.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb38dea9f0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   13
Md5:    d0f727049a6c39e00df33badfc529120
Sha1:   bcbe610cd9d4baf88e53c32375c624b8920fb570
Sha256: 4b3f1dd9b6a31b14247dec82b502a00a71d83ebb9f007bfccf7bd490e1604821
                                        
                                            GET /.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 175
location: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:05 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   175
Md5:    27d3037d4815f88b7bb724cb258524e1
Sha1:   092678ca1f61e13d97f37f7be9438e7b32b722e9
Sha256: 0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
                                        
                                            POST /.nexus/interact/4c22fb649553baa3edc8f470599247431532dfd160b28b28b8484f58c497f828 HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Content-Type: application/json
Origin: https://krnl.place
Content-Length: 1169
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 2
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:05 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    e0aa021e21dddbd6d8cecec71e9cf564
Sha1:   9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
Sha256: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
                                        
                                            GET /.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2Ffavicon.ico HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: text/html
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 50916
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:05 GMT
cache-control: no-store, no-cache
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (32927), with CRLF line terminators
Size:   50916
Md5:    767f18094dbc3f68d8e9c50a03ba0df7
Sha1:   eaba133ee59de79060d3e701b438bd164ea46510
Sha256: 8720e5fa9568032faa45bb0714cf460bec8521457aeaf626bb28cadf5291e9b7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 5768
Cache-Control: max-age=102061
Date: Wed, 30 Nov 2022 01:10:06 GMT
Etag: "63858293-118"
Expires: Thu, 01 Dec 2022 05:31:07 GMT
Last-Modified: Tue, 29 Nov 2022 03:54:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /attachments/756373435726168104/769299914332962886/krnlmain.png HTTP/1.1 
Host: cdn.discordapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         162.159.135.233
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 30 Nov 2022 01:10:06 GMT
content-length: 5996
cf-ray: 771fb3912a1cb527-OSL
accept-ranges: bytes
age: 661986
cache-control: public, max-age=31536000
etag: "49858dfbc04f611029c4e46711a342dc"
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Fri, 23 Oct 2020 20:43:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1603485792508476
x-goog-hash: crc32c=MjINwg==, md5=SYWN+8BPYRApxORnEaNC3A==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5996
x-guploader-uploadid: ADPycdvZKluZsYvVRpr4tSV0ZnK25KgFdjJJSAIj7CWPtgas6Dfe6KVJnHOWrhFP9DxwgsrqH7wrDv3Ls2Z4_uGHFcN9MRp6rw
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUwd78XkKcMiVvb7TtsyupAnCCEEa0%2BJzjlB9hN5Hilry0KMpXkcB7UI%2FRZUgU6xQqK0WWO%2FT99OpmObNd9U2A2XmQa7FJt5MIaWv%2FBwKIv7gW3fDZucsNMXcc2o%2Bpu7pfMiJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 209 x 197, 8-bit/color RGBA, non-interlaced\012- data
Size:   5996
Md5:    49858dfbc04f611029c4e46711a342dc
Sha1:   6c9a36992fec3d3fbfb381fee8825606aa7a2a13
Sha256: 3a49fc85ae4b4b6aa1edbe0b3cec6817fb0261a3189c38d1ca464d7b3d12d66b
                                        
                                            GET /css/krnl-components.css HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 8302
last-modified: Tue, 10 May 2022 21:57:16 GMT
vary: Accept-Encoding
etag: "627adfbc-206e"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with CRLF line terminators
Size:   8302
Md5:    85f24d668ed70a34d0e6fabc735bb341
Sha1:   dc18363e7da70b5f3521042382eb91174a56c29a
Sha256: 92968d34606f9c81228347703430a45547eaefa4e8ecbe88ee6f672201e5d927
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5188
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 01:10:06 GMT
Last-Modified: Tue, 29 Nov 2022 23:43:38 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5972
Cache-Control: max-age=96841
Date: Wed, 30 Nov 2022 01:10:06 GMT
Etag: "63856d63-117"
Expires: Thu, 01 Dec 2022 04:04:07 GMT
Last-Modified: Tue, 29 Nov 2022 02:24:35 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 5768
Cache-Control: max-age=102061
Date: Wed, 30 Nov 2022 01:10:06 GMT
Etag: "63858293-118"
Expires: Thu, 01 Dec 2022 05:31:07 GMT
Last-Modified: Tue, 29 Nov 2022 03:54:59 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET / HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: text/html
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 27361
x-mark: 1
last-modified: Thu, 04 Aug 2022 03:17:55 GMT
vary: Accept-Encoding
etag: "62eb3a63-6ae1"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2692)
Size:   27361
Md5:    7be5890ab1218759c19cb7e0cabe03dd
Sha1:   17f6f5091425ac438fe293776fb85183e27256f6
Sha256: 26114ef9d24bc7408f510164c51bee89fbae6ba089ac4e8f024f72eaf04abf99
                                        
                                            GET /attachments/857698465274134540/972652140982042715/f44bd35365535d9675b0cee147fad734.webp?width=72&height=72 HTTP/1.1 
Host: media.discordapp.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         162.159.128.232
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 30 Nov 2022 01:10:06 GMT
content-length: 952
cf-ray: 771fb39159afb4f9-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 660409
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Sun, 08 May 2022 00:12:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-envoy-upstream-service-time: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNRsDLN4SlKHhMcTylSbNmBY3FkuKQHThoT%2FlcywAUC1%2Fv%2FeVUArltVATR3TlZ3IvV3hHHn8ubDy7lacoCji3Bx94sZJCnskJqZip%2FrsJegYj8Rjd5i995fCUEYh2nm5hrKrChTP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1a0e964aae25aaa92e848cbd6d2028ed79ebc201-1669770606; path=/; domain=.discordapp.net; HttpOnly; Secure; SameSite=None
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 72x72, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   952
Md5:    c5c03571c60ee54b77c92b79dd8d80e0
Sha1:   0d3adedd0ac11cb660c658a25823d0a50183ab76
Sha256: c8b931b70be1bb29e4980cdfb2d826e9defa243b7bcda5db62f15aaf580ab2df
                                        
                                            GET /attachments/857698465274134540/972652139996393482/1d7978578f397e326b6190298cead7c0.png?width=72&height=72 HTTP/1.1 
Host: media.discordapp.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         162.159.128.232
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 30 Nov 2022 01:10:06 GMT
content-length: 9249
cf-ray: 771fb39159aeb4f9-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 668048
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Sun, 08 May 2022 00:12:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-envoy-upstream-service-time: 16
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9ttPBSxuUwwGcF%2FDtecu9g9qC%2Bw8twopJO%2ByLS6QvTVGzMLdoPz8vkw3tLhY9Q3PjVBz7c8hi24xK%2FQi%2BsbnSA9go6uywKWGtakV0bbgPi85h%2BsV0m16n7Bj7%2FjAMtA44YrzNLF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1a0e964aae25aaa92e848cbd6d2028ed79ebc201-1669770606; path=/; domain=.discordapp.net; HttpOnly; Secure; SameSite=None
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size:   9249
Md5:    7448a88858d28fc5c5440d6f8c5a7a44
Sha1:   58606bd30ecff69e1a75f2911d3da8e75221a504
Sha256: 5c7eb08207eb2693db7543c88c70098e6120780658ba02f602e49e338cd665f3
                                        
                                            GET /attachments/857698465274134540/972652140747182110/e8cc97bb353801fb433f19deb03081ef.webp?width=72&height=72 HTTP/1.1 
Host: media.discordapp.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         162.159.128.232
HTTP/2 200 OK
content-type: image/webp
                                        
date: Wed, 30 Nov 2022 01:10:06 GMT
content-length: 950
cf-ray: 771fb39179bab4f9-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 660409
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Sun, 08 May 2022 00:12:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-envoy-upstream-service-time: 50
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FBJ5TmhAouO4aLT3v7SNKHdg9PYZPehFmmmYL5XD9iphTqBMFEKOfnYqoSsiN38u1%2B%2BVYvr2D9IDDMDGyUsxfYhy5FTVLuewmuVlPX4N569R3Wf3eJXce2gbRST%2FDOYr93AtXnW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1a0e964aae25aaa92e848cbd6d2028ed79ebc201-1669770606; path=/; domain=.discordapp.net; HttpOnly; Secure; SameSite=None
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   950
Md5:    c44c6a5f974f55cf076df9cb15265ba6
Sha1:   2110c5fa95c55508af4edcfaf1a54d843a5d0cbe
Sha256: 1c22ab018c9f0d7d089acde80857c8f3be61d73489983c7c5906e56566522132
                                        
                                            GET /attachments/857698465274134540/972652423090937896/Screenshot_20220508-031321_Discord.jpg?width=72&height=72 HTTP/1.1 
Host: media.discordapp.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Cookie: __cfruid=1a0e964aae25aaa92e848cbd6d2028ed79ebc201-1669770606
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         162.159.128.232
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 30 Nov 2022 01:10:06 GMT
content-length: 1556
cf-ray: 771fb39179bfb4f9-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 668048
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 01:10:06 GMT
last-modified: Sun, 08 May 2022 00:13:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BRhveRPRJUKj9xH2orPHnbN0RWZWOfhdpICdlun%2FXMiBRTd0UnKhVh%2FOA8e1YkX4iQ%2FfGqA0L0rVCEYZuBpPDoi%2B64rCG7hgfcXT%2F02%2FQrOyGokEDtuAeKoR2W27U60XXvkpt%2B5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Size:   1556
Md5:    e4797175ffad9248515139b8380f35a7
Sha1:   9c02e85a0916f1fcd229df39ee2a4afb85510165
Sha256: 7f2bc63e8ff38ea91f28553603e19bf7a1f0b52f8ee8d084c86ce9ec8a732d6f
                                        
                                            GET /css/mainpage.css HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 6698
last-modified: Tue, 10 May 2022 21:57:17 GMT
vary: Accept-Encoding
etag: "627adfbd-1a2a"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   6698
Md5:    f47cf573ba98726d6124f09ee2815de6
Sha1:   e11bd2e7cafb57434912615b390d42549a2605c4
Sha256: 33172e842a86afa3d61a6d17cf05c664f877613f4593df221fcf3efb7e148c07
                                        
                                            GET /css/Team-Boxed.css HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://krnl.place/
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
content-length: 1266
last-modified: Tue, 10 May 2022 21:57:19 GMT
vary: Accept-Encoding
etag: "627adfbf-4f2"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1266
Md5:    82bbec4cae98efe5fc4bdd3d9d621fc2
Sha1:   914bb0b8016af36c1377411094d3aa896a5ecd60
Sha256: 327f2799b4b3e501110095f757f67c103e7e7bb0f3ec1e29a00e6ec7e97a40ca
                                        
                                            POST /.nexus/request_connector HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Token: 4c22fb649553baa3edc8f470599247431532dfd160b28b28b8484f58c497f828
Origin: https://krnl.place
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: text/plain
                                        
date: Wed, 30 Nov 2022 01:10:05 GMT
set-cookie: .pipe=connected; Domain=krnl.place; Path=/; Secure; HttpOnly; expires=Thu, 01 Jan 1970 00:00:00 GMT .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU; Path=/; Secure; HttpOnly; expires=Fri, 31 Dec 9999 23:59:59 GMT
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
last-modified: Wednesday, 30-Nov-2022 01:10:05 GMT
cache-control: no-store, no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF, LF line terminators
Size:   85703
Md5:    5dab9f658f95648e36474b06af463693
Sha1:   482907288dc1ba14fa909b885ba4a3c2929a6adf
Sha256: 1f7e1802eeee0eba20897855f6c76c125c5a39ba964b764beba73fc4a7e2208c
                                        
                                            GET /css/Metropolis-Bold.woff2 HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krnl.place/css/krnl-components.css
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Wed, 30 Nov 2022 01:10:06 GMT
content-length: 17156
x-mark: 1
last-modified: Tue, 10 May 2022 21:57:17 GMT
etag: "627adfbd-4304"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size:   17156
Md5:    b68b9ec97f8ce8856e1dd69d0cf135ad
Sha1:   824a47c356efb83705dea45651a78082cdcb4ca2
Sha256: e0f909d85ac770245fa35d88b50e4984541c293152da8c97ca6236658be8ee87
                                        
                                            GET /css/Metropolis-Medium.woff2 HTTP/1.1 
Host: krnl.place
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://krnl.place/css/krnl-components.css
Cookie: .pipe=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3N1ZWQiOjE2Njk3NzA2MDUuMzIzLCJrZXkiOiIrdW92VUhwekt6N0t2K1BiNGtlOWY1cFNYNWJNTVd3bklEdUE0eXcxc0ljPSIsImUiOjE2Njk3NzQyMDUsInNhbHQiOiJzYWx0eSIsImNvbm5lY3RvciI6LTF9.0SCkB48RwQHY8Xull59RF_d7npD_YtTi-yH7LDJzcPU
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.81.58
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Wed, 30 Nov 2022 01:10:06 GMT
content-length: 17124
x-mark: 1
last-modified: Tue, 10 May 2022 21:57:18 GMT
etag: "627adfbe-42e4"
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
nexus-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17124, version 1.0\012- data
Size:   17124
Md5:    b5b96f2fe2700d5cceb5847997c8fe9e
Sha1:   4c37d81c7bed62dbf2b1f605d98e233dd68946ca
Sha256: 9b0975217d3ed0cafc86fef1c4edef4fc3d368a7da3d4c1022f78e8c3096d12f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9812
x-amzn-requestid: 70bfeb68-0703-44bf-8550-50c759d52d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDbFolIAMFYBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-73fb65ee2b9161372819207f;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QQCoNlJBSE2V-IQlZr37dhINTABRu3ms9Y1p4FweO36HD-U6m9vvwg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 11845
etag: "ce411cc5b0a37bbd89551d06d7d0349f45734e97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9812
Md5:    5c5277610f3a542571abb53ffb3d4df1
Sha1:   ce411cc5b0a37bbd89551d06d7d0349f45734e97
Sha256: 3bf1105631ef7fda0249a46390ca90f904ea73b0a4f017c2db85326550a80a3f
                                        
                                            GET /79DZXP.krnlbeta.exe HTTP/1.1 
Host: grabify.world
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         188.114.96.1
HTTP/2 302 Found
                                        
date: Wed, 30 Nov 2022 01:10:02 GMT
location: https://grabify.link/79DZXP.krnlbeta.exe
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzst7cOcdwVR5TfGTERDLCeXqPV%2BdGLV6e39mE%2F6aeHDvvD9kGmhMVimsez4RO4C3yH3gJKLktl5ByCZttr2HUpqew%2B5Y5oVrCke%2BR4BSyJngJwC2qo%2FtxHnqx6UJdcD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771fb3786c610b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---