Report - d.nymexwq.top/

Report Overview

Submitted URL
d.nymexwq.top/
IP
20.24.96.224
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-03-29 18:44:30
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-29T18:27:19Z	696 B	2.4 kB	172.64.155.188
www.nymexext.com	unknown	2023-03-29T05:46:43Z	2023-03-29T11:02:28Z	388 B	27 kB	20.24.96.224
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T18:24:36Z	413 B	5.9 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T18:14:38Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T18:13:46Z	333 B	391 B	34.117.237.239
d.nymexwq.top	unknown	2022-11-10T08:21:05Z	2023-01-27T22:44:08Z	7.0 kB	430 kB	20.24.96.224
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T18:37:20Z	606 B	238 B	34.117.65.55
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T22:30:19Z	3.2 kB	48 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T18:12:03Z	2.0 kB	5.3 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-29 18:44:43	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-03-29 18:44:44	medium	Client IP	20.24.96.224	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	d.nymexwq.top/js/index.js	1.5 kB	2023-03-12	2023-07-01
Pretty URL d.nymexwq.top/js/index.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:23:12 Last Seen2023-07-01 06:26:20 Times Seen8 Hash 9f43c1c84db79924c8235f3f5ddaa89b 3dd7844381ac07eebd945245ae83f39082cccf84 102213e44410a7f68a5257681dafb4897cf68ffe5404bec152a69ef90c1e1376 Loading...

	d.nymexwq.top/?jp=1	211 B	2023-03-30	2023-03-30
Pretty URL d.nymexwq.top/?jp=1 IP 20.24.96.224 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-30 00:02:14 Last Seen2023-03-30 00:02:14 Times Seen1 Hash f965de99f4c3dc06cfe027def185273a 8a1f0223533ae97c50af1b5ba1cb3113fe5c5e6b 9c50ef51ac67ce7eba80a599516fa489db9f35fb9a57cd2af16ba298497a37b1 Loading...

HTTP Transactions (37)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6773
Expires: Wed, 29 Mar 2023 20:37:13 GMT
Date: Wed, 29 Mar 2023 18:44:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8483
Expires: Wed, 29 Mar 2023 21:05:43 GMT
Date: Wed, 29 Mar 2023 18:44:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 18:15:58 GMT
content-type: application/json
age: 1702
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Wed, 29 Mar 2023 19:32:16 GMT
Date: Wed, 29 Mar 2023 18:44:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Ej3QFebCM3clnwhLz7SOOQKpN/36qhBnoHQams8CMcSGgWYQjGZ/JQqSYt4y97SKwGSGRWBhn+o=
x-amz-request-id: 50ZESARJMCMQ0TK1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 18:02:36 GMT
age: 2504
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 18:44:20 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

d.nymexwq.top/

20.24.96.224

308 Permanent Redirect

171 B

URL HTTP/1.1
d.nymexwq.top/
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
171 B (171 bytes)
Hash
58b1cb2bcf7f49e468fc5d095763cab5
881843a937d623096b9b8ba5b95fa54de0b59117
39acdbec7e4d6acf046c2e35987b38e085b19f74c0dcf055686751ec7cb736f2

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 308 Permanent Redirect
Server: FS/372.22.10
Date: Wed, 29 Mar 2023 18:44:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://d.nymexwq.top/
Cache-Control: public

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a740252e7b24892a3e34f6dfed6e3bde
d44d21abb95edd1ccc775632254f11ee94fb585e
e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94"
Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9661
Expires: Wed, 29 Mar 2023 21:25:21 GMT
Date: Wed, 29 Mar 2023 18:44:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 18:14:36 GMT
age: 1784
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: usbdGrLVYUO4owbI3F7F3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fj7TBxlRlxClh4H86TIYXt0v/0U=
Date: Wed, 29 Mar 2023 18:44:20 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
28affebfd296f025492f5647f42be83b
b345093e61542f181c85c38681c3697d6db481aa
828ac477342676dce417bd678ed0129e85b6b976b640e4925a23f58656385741

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 18:44:21 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 14:37:42 GMT
Expires: Sun, 02 Apr 2023 14:37:41 GMT
Etag: "b345093e61542f181c85c38681c3697d6db481aa"
Cache-Control: max-age=330199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7afa437f9fe11bfa-OSL

d.nymexwq.top/stylesheets/style.css

20.24.96.224

200 OK

9.2 kB

URL HTTP/2
d.nymexwq.top/stylesheets/style.css
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
9.2 kB (9189 bytes)
Hash
9d033d22208bc2012cce6da0b3c64bdf
e7130ddc5f71ad92f9a8dbfda12717620a11fb20
db4ae40bfaa3cc9d1d150ca44b69d9822cd469c1934fd4b27297085006bde26a

HTTP Headers

GET /stylesheets/style.css HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/?jp=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:21 GMT
content-type: text/css; charset=UTF-8
content-length: 9189
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"23e5-1850a6b382a"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/

20.24.96.224

302 Found

1.6 kB

URL HTTP/2
d.nymexwq.top/
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, Unicode text, UTF-8 text
Size
1.6 kB (1553 bytes)
Hash
2d1e456c05d1fe4935d84533b6a53302
350931a91b7f3b4958b4eb9f3095d7cd8c698a95
b227daacbd3e0f0e7182c6c73031d18bd0976f1c2206d9888203da73c78a2044

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:21 GMT
content-type: text/html; charset=utf-8
location: https://d.nymexwq.top?jp=1
vary: Accept
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: BYPASS@walruzm3g00007f
X-Firefox-Spdy: h2

d.nymexwq.top/images/safe.png

20.24.96.224

200 OK

4.6 kB

URL HTTP/2
d.nymexwq.top/images/safe.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4590 bytes)
Hash
685dd878d114a9ab9da7f1ad680c0538
ad3a9766848a20e8533678ee6661f288d79065f4
3a223cb725e482103e04f6912d882955a8216a470dcb47f3cc1ed066b22ec2f3

HTTP Headers

GET /images/safe.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/?jp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:21 GMT
content-type: image/png
content-length: 4590
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"11ee-1850a6b3827"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/flex.png

20.24.96.224

200 OK

7.4 kB

URL HTTP/2
d.nymexwq.top/images/flex.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
7.4 kB (7391 bytes)
Hash
680f705e4d6b75db98906a7295100b73
df11c6dcbcccfeb645ebf5c4369612586b2d7923
1592997618dbe4278daf21d3bbee3acb1e4f5e1c6c236809f036c2d1ef2a5732

HTTP Headers

GET /images/flex.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/?jp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:21 GMT
content-type: image/png
content-length: 7391
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"1cdf-1850a6b3826"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/user.png

20.24.96.224

200 OK

7.9 kB

URL HTTP/2
d.nymexwq.top/images/user.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 104 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7919 bytes)
Hash
bbc2dde1790bd73123c76bc66dcc0422
d7d6ad98a360c93b6f02d40e599d852f96786245
97ffd8d903b8ab8ac0263afd30fe8f85544230fa39532721f7211eaad9749f50

HTTP Headers

GET /images/user.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/?jp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:21 GMT
content-type: image/png
content-length: 7919
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"1eef-1850a6b3828"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/mainbg.png

20.24.96.224

200 OK

9.0 kB

URL HTTP/2
d.nymexwq.top/images/mainbg.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 750 x 1040, 8-bit colormap, non-interlaced\012- data
Size
9.0 kB (8954 bytes)
Hash
c98effea0c34e7e20bf40a6526d39f18
515374f3d40aa95deac9dec698dd17eb6c49c37f
6a182384be9beb4010cb4febf63437072b1abf70a67eae1e671a0cafea76808b

HTTP Headers

GET /images/mainbg.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 8954
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"22fa-1850a6b3826"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
ea5574cc7e8a63a2e69a39e2f7dc3375
6217223f51f67eabc043b803a888fc65f44be4a6
a62a89efe7fece30f19f6141f27fb074deadb405ba94c5f0be12f2524a949122

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 18:44:22 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Wed, 29 Mar 2023 08:05:33 GMT
Expires: Wed, 05 Apr 2023 08:05:32 GMT
Etag: "6217223f51f67eabc043b803a888fc65f44be4a6"
Cache-Control: max-age=565869,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7afa4386dee91bfa-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14729
Expires: Wed, 29 Mar 2023 22:49:51 GMT
Date: Wed, 29 Mar 2023 18:44:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14729
Expires: Wed, 29 Mar 2023 22:49:51 GMT
Date: Wed, 29 Mar 2023 18:44:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6049 bytes)
Hash
253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:50:28 GMT
age: 75234
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7605 bytes)
Hash
fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 2LLHDcPZsSP1XPxH7agC7FhVwQQXfrWq3CEOSz0mBTjGykXxNQIq9Q==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:56:00 GMT
age: 74902
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7630 bytes)
Hash
096bf7a8a2bfe48c19e6bf6887145e64
6193039864cae4ab0163f3a7d45613fb86e6be14
51625131b04aa5294e90062807ca728b7a41db79ea069cd238711f8ead5ecd8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fede24709-db3b-4687-8715-b976f42d5650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7630
x-amzn-requestid: 5f162d03-0d82-4cd6-8812-4dac159bc2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY9HwhIAMFeOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-670279397929c69c0ee58b35;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LBOtzCZ-Ef7MsXDj9uh8QSi4jdLTSR3lEtZqRrU6ldmCZVqvpoAQmw==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 75625
etag: "6193039864cae4ab0163f3a7d45613fb86e6be14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5414 bytes)
Hash
8afbc872d18847aaed67054dbfc2d31b
6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b
65c2b5fe2a3df654cfed7e7721b2d8f08665a72bb358b4d6e30e7cba853336e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb4ab271-45be-41d0-93c0-528d0d9367e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5414
x-amzn-requestid: b6795b2f-1460-4516-bac0-9148e9868fa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaYF5jIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ddb-42762e4f0aa5e6050f82d138;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:27 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: m58cZVJmakcZ1uuctpXkKhsB7_LGUZrxkCV5G8B17CYVYOl5QpjR1w==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 75165
etag: "6eb894c4aa4fa53d9a3d4b948b5e65b7e9a76d5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8745 bytes)
Hash
ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: FHONNj6M7I5oVTKAKYspq0ZAJMYohURXs5ufSL-r--zCSdjuSvrpSA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 75165
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6722 bytes)
Hash
d0a85ec27ed4f7910e26b4ff023ab1fb
f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0
fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GG2IAMFuzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: y5vKgCZTlgD6ji-loyjRA9cPpJWpdR7yDH60LL0bRa1b8DtG4WsX9g==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 75165
etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

d.nymexwq.top/images/ll.png

20.24.96.224

200 OK

21 kB

URL HTTP/2
d.nymexwq.top/images/ll.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 750 x 1234, 8-bit colormap, non-interlaced\012- data
Size
21 kB (20886 bytes)
Hash
24325a2e6162953eed5bb3094c9959d3
662db85f3c6ecbfe64ad8d3257a734ba0485ae0b
49af45ca76e524601e630f3a3da5ac0438b0797e2b2568bcc3cf0922fad695b2

HTTP Headers

GET /images/ll.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 20886
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"5196-1850a6b3826"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/bg-s3.png

20.24.96.224

200 OK

5.9 kB

URL HTTP/2
d.nymexwq.top/images/bg-s3.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 750 x 638, 8-bit colormap, non-interlaced\012- data
Size
5.9 kB (5945 bytes)
Hash
05a9ebf2130c10702ba156dbf58c3493
f220eb05ec865198e900d1ea4e17a659af89036e
499601081787e60dd240a1b49a1d2631be2a94843da7dcec62edb48a2086eedf

HTTP Headers

GET /images/bg-s3.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 5945
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"1739-1850a6b3825"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

www.nymexext.com/files/rl4e8d3.png

20.24.96.224

200 OK

26 kB

URL HTTP/2
www.nymexext.com/files/rl4e8d3.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25816 bytes)
Hash
0d38b0e2e0f6ace55f137663fbdec399
dab3e9525636d9116207dc8dba05580674b18a35
0e25697667df58e9ddfcd58b8542b3f2a26d95f5937971c5690952e1c6c3fc71

HTTP Headers

GET /files/rl4e8d3.png HTTP/1.1
Host: www.nymexext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 25816
x-amz-id-2: JM2dpJ4Q+eyUZwoHHOBvkcGpNEJBPPh/KmnEvVf7u0J4EeuIez1lu3q8UgNS2W0ZSns7A3TMS0U=
x-amz-request-id: N5SYEYQZ8BFBBYMA
last-modified: Thu, 10 Nov 2022 07:54:19 GMT
etag: "0d38b0e2e0f6ace55f137663fbdec399"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
content-disposition: attachment
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/phone3.png

20.24.96.224

200 OK

50 kB

URL HTTP/2
d.nymexwq.top/images/phone3.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 734 x 988, 8-bit colormap, non-interlaced\012- data
Size
50 kB (50066 bytes)
Hash
749be35d666742c551d2b532abfbb4a0
bfae35b2fd5ae407835b2a3009e5770a8e0d0c00
24d01cb5ea7397267e1c9343cc29cf6122ca47a98ee30a972b2dab28ddaef522

HTTP Headers

GET /images/phone3.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 50066
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"c392-1850a6b3827"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/bg-s4.png

20.24.96.224

200 OK

6.0 kB

URL HTTP/2
d.nymexwq.top/images/bg-s4.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 404 x 642, 8-bit colormap, non-interlaced\012- data
Size
6.0 kB (6040 bytes)
Hash
0c88c08d395c42626a487d041d3db6aa
73fab84d506f0b383fa5505106c7974d2427e5ae
b1212739a98bdb3fb71101660735f38f9b83cb120379a434f1ce338d95c9187c

HTTP Headers

GET /images/bg-s4.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 6040
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"1798-1850a6b3825"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/phone4.png

20.24.96.224

200 OK

44 kB

URL HTTP/2
d.nymexwq.top/images/phone4.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 696 x 1068, 8-bit colormap, non-interlaced\012- data
Size
44 kB (43739 bytes)
Hash
96a4137be62d3b895807bf2fb9e2b8e6
b9696cefb89fdf2f91a3d6ed74c3857189a6fd2e
802d13bb6aff27ac2b2dd3499e177262b10be4af34b806a1fca92bc4306cdd2b

HTTP Headers

GET /images/phone4.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 43739
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"aadb-1850a6b3827"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/bg-s5.png

20.24.96.224

200 OK

8.2 kB

URL HTTP/2
d.nymexwq.top/images/bg-s5.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 400 x 700, 8-bit colormap, non-interlaced\012- data
Size
8.2 kB (8210 bytes)
Hash
ae00ea125ef6a986b5d2daaddb30ed43
83333eeb68acc42df0d1e5995d50d6c9e668ec17
a23db6e8933bda42088d3ab4bd1e923435d40469737172974617fe6b652a32a5

HTTP Headers

GET /images/bg-s5.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 8210
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"2012-1850a6b3825"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/phone5.png

20.24.96.224

200 OK

45 kB

URL HTTP/2
d.nymexwq.top/images/phone5.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 988, 8-bit colormap, non-interlaced\012- data
Size
45 kB (44620 bytes)
Hash
8311019088d72ec0bbaa1857f633a044
d52d26e7ec25f1847445f805434ed760422c0c0a
bb63319d1dddd0b1cae6c81f3994ace3fa814c54a00738e7dce7b3410b49d6d2

HTTP Headers

GET /images/phone5.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 44620
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"ae4c-1850a6b3827"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/images/phone1.png

20.24.96.224

200 OK

201 kB

URL HTTP/2
d.nymexwq.top/images/phone1.png
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 830, 8-bit/color RGBA, non-interlaced\012- data
Size
201 kB (200717 bytes)
Hash
8e0e53c5bce43ad715d9b6cdcd31aae8
d58805a798c87f650bf53008d5245510bea60a21
65e68da2c3ec12a09624dcc033c560b2602846a3ec79ec946df6f37f85940fb2

HTTP Headers

GET /images/phone1.png HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/stylesheets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:22 GMT
content-type: image/png
content-length: 200717
cache-control: public, max-age=0
last-modified: Tue, 13 Dec 2022 07:37:57 GMT
etag: W/"3100d-1850a6b3827"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: HIT@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2

d.nymexwq.top/?jp=1

20.24.96.224

200 OK

0 B

URL HTTP/2
d.nymexwq.top/?jp=1
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?jp=1 HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:21 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
content-encoding: gzip
x-country: NO
x-cache: BYPASS@walruzm3g00007f
X-Firefox-Spdy: h2

d.nymexwq.top/favicon.ico

20.24.96.224

403 Forbidden

0 B

URL HTTP/2
d.nymexwq.top/favicon.ico
IP
20.24.96.224:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: d.nymexwq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d.nymexwq.top/?jp=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 403 Forbidden
server: nginx/1.22.1
date: Wed, 29 Mar 2023 18:44:23 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (37)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type