nexus-gw.xyz Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nexus-gw.xyz/
Effective URL:
https://nexus-gw.xyz/
Submission: On May 21 via api (May 21st 2024, 5:36:01 pm UTC) from US — Scanned from NL

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 50 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is nexus-gw.xyz.
TLS certificate: Issued by GTS CA 1P5 on April 29th 2024. Valid for: 3 months.

This is the only time nexus-gw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::272	54113 (FASTLY) (FASTLY)
1	169.150.247.36 169.150.247.36	60068 (CDN77 _) (CDN77 _)
1	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.21.233.197 104.21.233.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.128.233 162.159.128.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
2	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
1	172.67.75.106 172.67.75.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.66.46.224 172.66.46.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
5	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	104.18.29.104 104.18.29.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
50	22

14 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

nexus-gw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.36 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-36.bunnyinfra.net

cdn.vpninfo.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

share.creavite.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.233.197 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

zupimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zupimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.233 (None, )

ASN13335 (CLOUDFLARENET, US)

discord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.106 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.sellpass.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.46.224 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.sell.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.29.104 (None, )

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nexus-gw.xyz nexus-gw.xyz	1 MB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	210 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 18903	159 KB
4	zupimages.net 2 redirects zupimages.net — Cisco Umbrella Rank: 84726 www.zupimages.net — Cisco Umbrella Rank: 97099	284 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	252 KB
2	sell.app cdn.sell.app	122 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1230	90 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380	32 KB
1	t.me t.me — Cisco Umbrella Rank: 19478
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	63 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	4 KB
1	sellpass.io embed.sellpass.io	1 KB
1	telegram.org telegram.org — Cisco Umbrella Rank: 11351	6 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	947 B
1	discord.com discord.com — Cisco Umbrella Rank: 2274
1	creavite.co share.creavite.co	3 MB
1	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 544	40 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3017	1012 KB
1	vpninfo.dk cdn.vpninfo.dk	5 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 518	245 KB
50	20

	Domain	Requested by
14	nexus-gw.xyz	nexus-gw.xyz
6	client.crisp.chat	nexus-gw.xyz client.crisp.chat
5	pagead2.googlesyndication.com	nexus-gw.xyz pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cdn.sell.app	nexus-gw.xyz
2	www.zupimages.net	nexus-gw.xyz
2	zupimages.net	2 redirects
2	use.fontawesome.com	nexus-gw.xyz use.fontawesome.com
1	www.gstatic.com	www.google.com
1	t.me	telegram.org
1	www.googletagmanager.com	nexus-gw.xyz
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	nexus-gw.xyz
1	ajax.googleapis.com	nexus-gw.xyz
1	embed.sellpass.io	nexus-gw.xyz
1	telegram.org	nexus-gw.xyz
1	www.google.com	nexus-gw.xyz
1	discord.com	nexus-gw.xyz
1	share.creavite.co	nexus-gw.xyz
1	play-lh.googleusercontent.com	nexus-gw.xyz
1	upload.wikimedia.org	nexus-gw.xyz
1	cdn.vpninfo.dk	nexus-gw.xyz
1	m.media-amazon.com	nexus-gw.xyz
1	fonts.googleapis.com	nexus-gw.xyz
50	24

This site contains no links.

Subject Issuer	Validity	Valid
nexus-gw.xyz GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-03-18` - `2025-03-09`	a year	crt.sh
cdn.vpninfo.dk R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
edgestatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
creavite.co E1	`2024-04-30` - `2024-07-29`	3 months	crt.sh
discord.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-08-11` - `2024-09-11`	a year	crt.sh
embed.sellpass.io GTS CA 1P5	`2024-04-25` - `2024-07-24`	3 months	crt.sh
cdn.sell.app E1	`2024-03-23` - `2024-06-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
crisp.chat E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.t.me Go Daddy Secure Certificate Authority - G2	`2023-10-06` - `2024-11-06`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://nexus-gw.xyz/
Frame ID: 2842BCC8AF09CEF804BDB909A8CF3B11
Requests: 46 HTTP requests in this frame

Frame: https://discord.com/widget?id=1132640245821755527&theme=dark
Frame ID: D5CC8BAEBF4E5A66C1F4F5AC38B10A16
Requests: 1 HTTP requests in this frame

Frame: https://t.me/CrackingNXS/236?embed=1&dark=1
Frame ID: DC8C806F7157B68EA6F43D7F07E2F3F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240520/r20110914/zrt_lookup_fy2021.html
Frame ID: 35739F77D1F4F3D6FF07BE204071E434
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3834652927134732&output=html&adk=336004586&adf=1440177680&abgtt=6&lmt=1716312958&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnexus-gw.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716312957839&bpp=2&bdt=2347&idt=488&shv=r20240520&mjsv=m202405150101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1700512274821&frm=20&pv=2&ga_vid=698624511.1716312958&ga_sid=1716312958&ga_hid=1440214236&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081563%2C42532524%2C95331832%2C95331983%2C95333411%2C95331712&oid=2&pvsid=1735856680059995&tmod=1255067995&uas=0&nvt=1&fsapi=1&fc=1920&brdim=430%2C430%2C430%2C430%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=526
Frame ID: A6958A44E99EB1CEC238FB76422850E7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B092AD06D87639BCF6E9730BF45F3BFC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nexus-Gen

Page URL History Show full URLs

http://nexus-gw.xyz/ HTTP 307
https://nexus-gw.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

50
Requests

94 %
HTTPS

57 %
IPv6

20
Domains

24
Subdomains

22
IPs

4
Countries

7441 kB
Transfer

14353 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nexus-gw.xyz/ HTTP 307
https://nexus-gw.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://zupimages.net/up/24/01/hspw.png HTTP 301
https://www.zupimages.net/up/24/01/hspw.png

Request Chain 27

https://zupimages.net/up/23/47/xsca.png HTTP 301
https://www.zupimages.net/up/23/47/xsca.png

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
nexus-gw.xyz/
Redirect Chain

http://nexus-gw.xyz/
https://nexus-gw.xyz/

40 KB
8 KB

2297ms
2224ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33 PleskLin
Resource Hash: b2e2ba365ab29a78ca6d87112c37028ae99dfa54fae48c0e6f38cd8f5683ae2a

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88765355fc312bd6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 21 May 2024 17:35:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpshyWBWqnMJGOCi%2Fz1xczkD7jcVwYBS0dEEhcG%2F3oayDJ6tA4N3TRx8qfq1d4TYegRkZmvO%2BI0hitojyJjrGCDltDkrAXAdVrste4jkG%2FgkQGzybOztJELVUcXfUu4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33 PleskLin

Redirect headers

Location: https://nexus-gw.xyz/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.css
nexus-gw.xyz/assets/css/ 2 KB
1 KB 85ms
85ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/css/style.css
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bc2e60a80c715763b016c9d5e918a13cac4db5bbb509c18a120766914c81d988

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 27 Mar 2024 16:18:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"660446c8-6fb"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofNuHeSN0PyTdDXCbis4F3WBQ4F%2BqclXHgtTujZxI9sYksA%2F%2FNIAdzPlOcXaDT%2BfiW2izP6DNuALjnWC8yLCkG%2Bobq5hL2kgem%2B8YhKeEn7ru7TjJ1P1ipXdtCdlX24%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 88765363e8512bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.bundle.min.css
nexus-gw.xyz/assets/css/ 1 MB
110 KB 189ms
187ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/css/style.bundle.min.css
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4c8cf71d0bfe7f14d2b10a921fd60e23e5887114801a9c66738713b744d4b12e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 18:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d792b1-12996c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FPNycePzR73m6V3QOh3Jkd6QMNj49crwxv6iHL3s5qBp4eD0Hp2pUBxzk%2FdnD2GE6xxrmRdRjDIMN%2FELTRkIaFB0s2bkMp5yuOmQDNTpbUHfLjuqnbLNqLyqGCnHbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 88765363e8582bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 plugins.bundle.css
nexus-gw.xyz/assets/plugins/global/ 691 KB
104 KB 230ms
228ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/plugins/global/plugins.bundle.css
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a3c917a1e13ef9c1321b91f37f8bd8238a4b7e8c0434330bcc0cb4669e3d19d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 09 Jun 2023 09:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6482f662-acae9"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slpWVdYNohrXSjLwCDECfd9jrx2iSsL3E1oO5qeqwsOC7gJjWQ9qL74QSeg9E3xfM%2BulSXK%2BDrWNzbieDUfoVki5GzlgacqjUH4ntRz7654pktQIIpeSy4b0DKBrsU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 88765363e85a2bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 79ms
31ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:300,400,500,600,700

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6090c70d9b6502fa2a70394e8bfaa18ceb768ff688718562d3ad4adf75bb068e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 May 2024 15:39:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 May 2024 17:35:55 GMT

GET
H3 200 icons.min.css
nexus-gw.xyz/assets/css/ 270 KB
46 KB 120ms
118ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/css/icons.min.css
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: cb4e2dd2f4f488b3f9b85fd9f3593c58579ff5bd21a4b278d807e3a65da56ccf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 23 Apr 2023 00:29:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64447c02-436f5"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeTZMB5rBB7WDgrgoO8Rqyde1iL9NLglShMAW4cHUJn8ryE0eGtL5Fra3SXYYfaq4BJBjpOLAkIdlkINLtbrW1OsweOZL2yXGhtRPkCvzJik16nZyDBL2GBTGPlqTd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=432000
cf-ray: 88765363e85f2bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.3/css/ 58 KB
13 KB 317ms
251ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.3/css/all.css
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Origin: https://nexus-gw.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"74bab4578692993514e7f882cc15c218"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AzTuhO3PeptAhuT6stg%2F1Zg7OR9pgaldtcPd2bx0CdjFKKkP68SGtYgokOlgz%2BTo6I7c00x7NQYPJgad9V3h7FLR0U92wqaXyhe5DBxP6LzTwQiLrpenHSIXxq3iE4jbIolifKBD6OGu86yqPo6AfFmY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 887653645e1c5b9e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 712ui3rj1RL.png
m.media-amazon.com/images/I/ 244 KB
245 KB 178ms
52ms Image
image/png 2a04:4e42:200::272
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/712ui3rj1RL.png
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c04e22669347406eb4a90794a52157e557a78ff5068eb542370d7500a2003f98

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
age: 1901537
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: MISS
server-timing: provider;desc="fy"
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 250357
x-served-by: cache-iad-kcgs7200096-IAD, cache-mad2200107-MAD
last-modified: Fri, 08 Nov 2019 05:34:44 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: c0e6e928-8e34-44c1-b077-77f942c138ff
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Tue, 22 Sep 2043 07:11:24 GMT

GET
H2 200 tunnelbear-vpn-logo.png
cdn.vpninfo.dk/wp-content/uploads/2017/03/ 4 KB
5 KB 147ms
23ms Image
image/png 169.150.247.36
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.vpninfo.dk/wp-content/uploads/2017/03/tunnelbear-vpn-logo.png

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.36 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),

Reverse DNS

169-150-247-36.bunnyinfra.net

Software

BunnyCDN-DE1-1079 /

Resource Hash

dfc8ae7e7dac8433d39fffd47524d935a3f1d7658ff2c8a9ed75dbe5b5c84203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 23 Apr 2025 20:20:55 GMT
date: Tue, 21 May 2024 17:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-edgestorageid: 1079
x-remote-ip: 45.132.244.92
x-forwarded-for: 151.63.195.6,169.150.247.36, 45.132.244.92
cdn-cachedat: 04/23/2024 14:20:55
cdn-pullzone: 938538
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000
content-length: 4271
x-qc-cache: miss
last-modified: Thu, 18 May 2017 14:43:31 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "266496203-1713882055;;;"
content-type: image/png
cdn-cache: HIT
cdn-uid: 4e1380f4-d381-4818-a808-9f54c7b50fbf
cache-control: public, max-age=31557600
cdn-requestid: f0fe914d30dc84af710f2d7a4bfbc71b
accept-ranges: bytes
x-qc-pop: EU-DE-FKB-67
cdn-requestcountrycode: DE
link: <https://vpninfo.dk/wp-content/uploads/2017/03/tunnelbear-vpn-logo.png>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Logo_Picard_surgel%C3%A9s.png
upload.wikimedia.org/wikipedia/fr/e/e1/ 1010 KB
1012 KB 80ms
29ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/fr/e/e1/Logo_Picard_surgel%C3%A9s.png

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

ec69f36f3fbb9c4fdd1f4979183418db99308bb88d9d2a59fb227772d35c95a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 04:29:41 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
x-content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 47174
x-cache-status: hit-local
content-security-policy-report-only: default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
x-cache: cp3074 hit, cp3074 miss
server-timing: cache;desc="hit-local", host;desc="cp3074"
content-length: 1034724
x-client-ip: 2001:1af8:4020:a034:1000::11
x-object-meta-sha1base36: ac7lruc9rpl80eku9qxaebekx7hhjmr
last-modified: Mon, 17 Jul 2017 14:33:42 GMT
server: envoy
etag: 693fc963d336f882d4e57560c9c85656
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 BX6inlkBdOv2Knrs0Q1QiyYvvCnumnT4GrPBygf4neJXFAtMQ9fVMkmBkQruy-4ng68
play-lh.googleusercontent.com/ 40 KB
40 KB 83ms
20ms Image
image/png 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/BX6inlkBdOv2Knrs0Q1QiyYvvCnumnT4GrPBygf4neJXFAtMQ9fVMkmBkQruy-4ng68

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

22e2cb9f2159ee173918b58de1fa3d11a05d6db01ef6bda6400aa3d553b2fbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:45:40 GMT
x-content-type-options: nosniff
age: 10215
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40581
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 22 May 2024 14:45:40 GMT

GET
H2 200 DyiuD1zzKcKm8vvP.gif
share.creavite.co/ 3 MB
3 MB 2032ms
1663ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://share.creavite.co/DyiuD1zzKcKm8vvP.gif
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f7825a56071b3d6c35978f78a783056c2fcafb1e3bd977519c2dfe188f61656f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"369315-ERWPEgJCKeKkJVUnG1+ZUIlKOXw"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4mIe1eccNhVmIlVYRFWOicfcwdnFzy03NMZ0UISk4kruxOAwe1WMzUC35ICb91Q3p5ykUPqiFYx4QWtCX2nOItHu%2BKlACS5wZAW4iIND4fbjSuzlcF3rAx8pYVvV2j9fl1P98f6yoLfPPpkuQVu1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 887653664fe04d58-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3576597

GET
H3

200

hspw.png
www.zupimages.net/up/24/01/
Redirect Chain

https://zupimages.net/up/24/01/hspw.png
https://www.zupimages.net/up/24/01/hspw.png

53 KB
54 KB

51ms
41ms

Image
image/png

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/24/01/hspw.png

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcb6ad7d109aecae51b40c3fcc3dfdfc3f7ab7c493f8c4b19ce9ea13b612e788

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://nexus-gw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
last-modified: Tue, 21 May 2024 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3852
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tcBdQ3zinl9OLqJDokQyIGGz4IF8Tja0D8nwLa370t9s93x82keumkKovYTRQJayoC2KfjeYFUrdeodEC8kN0avlIYczvbEZwL9bSdg10BT5YIzjEkpK%2BM1HE5wyMU8I6qAPPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
content-disposition: filename="hspw.png"
cf-ray: 887653649a4b9e91-CDG
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 21 May 2024 17:35:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BP%2B%2Bgo%2FiVNXkpWiG%2BJUEuq45hdvBEfbHVftjCP%2FuNdZmbf%2FacFJ0sHCkIIPeNIyaGZjNXq9rh0cddHKS9Y%2BYA3uz5ixk%2FiCSHrWgEdnjX6ARs734hdk7bcMmu0OUiGUg"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/24/01/hspw.png
cache-control: max-age=3600
cf-ray: 887653644a009e91-CDG
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Tue, 21 May 2024 18:35:55 GMT

GET
H3 200 nexshop.png
nexus-gw.xyz/assets/media/logos/ 61 KB
62 KB 234ms
234ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus-gw.xyz/assets/media/logos/nexshop.png
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 784719f0bd7a5d046f72eba6d0c40df643e31f49fe56fd1edbd16a6818db0183

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Jun 2023 10:15:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6492cda5-f4ae"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Raf%2FjzxyCn%2FVfHuNn4HximgKpVyr4LtaG0Gyq8%2FrQ%2BJhI1kq94wPLge4wvWTRX3a%2F5oH%2BCfWWo01JRd%2BarxfA%2BQxxfFZzOY9p1OWVe7zqleWvFeKmGdk8rm4WouTr8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 88765363f8832bd6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62638

GET
H3 200 rocket-loader.min.js Show response
nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 26ms
25ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 May 2024 13:45:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66436af9-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9kd4RL1K9zIyph7gvZ%2FZIYSO4%2B0egY8LLLVXlafeWlS3i4FLJlq7%2BXs3GuoN6IMWMrfARioSuHvE%2BZQ5eGxjASH6I%2Fw2zaTaEc6UCxEypCJuDK7902kuuz8yuHPNiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 88765363f8852bd6-FRA
expires: Thu, 23 May 2024 17:35:55 GMT

GET
H3 200 widget
discord.com/ Frame D5CC 0
0 93ms
66ms Document
text/html 162.159.128.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discord.com/widget?id=1132640245821755527&theme=dark

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.128.233 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://nexus-gw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 887653642cbb3672-FRA
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 17:35:55 GMT
last-modified: Thu, 05 Oct 2023 23:01:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGakJ%2FsNjZjBUyxrm4oaOVBbEkfwvk6VWeFMa8W0t0PQxFqujkpWiUoUVxBD7z%2FNUyo0mBpMmTPUHDIHNgoB3OdK6s7XllzT%2BbZ%2BfuaoBOVZNY8Yw576FfSGiskc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-build-id: 8688a61c63e65df22fb849a73b303b75a3bca43d
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 plugins.bundle.js Show response
nexus-gw.xyz/assets/plugins/global/ 2 MB
611 KB 509ms
508ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/plugins/global/plugins.bundle.js
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 964d7efcb24830feb942c28e2e39bc8df6ad5ecdeb95beb65fd7949a179a6108

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 08 Jun 2023 09:23:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64819e0f-229461"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxByk7DD%2B8TJlMwTf34aMcKnhNpgyvilZ7QcidQPmTW606MbmgYNsSoeDPMLLJ8ewkMrhCsKrZDNen2Hzk0cZWovgu%2FGMPQJJHXSPAjJhADT%2BDEvuBvD39%2BnwVw7klY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 88765365fb252bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 vendor.min.js Show response
nexus-gw.xyz/assets/js/ 974 KB
319 KB 476ms
475ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/js/vendor.min.js
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e8265ab5a7c4be97b975eb11995c59d302074f8ada970dfcadcad293c74bbbd6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 08 Jun 2023 09:49:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6481a41c-f3973"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tEmBxk32KK78egWXO6PeCHMbM2pLY7UxpEfAmec3V2yU1GVAZwmbpwlSzotm1xsBcyOB5Roxgzr6PGrsO5ZZrEvFtfsrqe5qFd40rdqVq1BTaYjAMiCDFrnulORZWgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 88765365fb2b2bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 widgets.bundle.js Show response
nexus-gw.xyz/assets/js/ 220 KB
29 KB 474ms
471ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/js/widgets.bundle.js
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: afb6fe647b46443458fc257494d6ca4bce8f175b585702e92bac2c8bbb7f05d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2023 11:42:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f4712b-370fc"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2GvRjz2uj77YgBBzp%2BAWQQ3l36VoxBXDrDawG0CghviuszQe9Ze1fV3O%2FIOW7vSupZjjZP2AtjXSVgeabxp1PhX9QpakXCCac3u3SXf9y2y1FNyqW9vtgMbmiRI3xo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 88765365fb2c2bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 scripts.bundle.js Show response
nexus-gw.xyz/assets/js/ 95 KB
22 KB 503ms
500ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/js/scripts.bundle.js
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2f4cd9aabd0a061ccac8c50d8ddf8a07180b514eefb93c752b99d20cbb09c5c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 07 Jun 2023 09:43:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6480514b-17b1f"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HKrWZ%2FIe8tRD%2Ba%2B1aNyhsl4FYsu4zqRdsauQ%2FPUd8T64gf9sqT3n%2Fxr4lSDlGLkvSp1%2B06XnT5L8V%2FlGY%2FdKZZZdzrEyswEPG2%2BDYRCvJb5I4opYuMtuQ4nb7ti52I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 88765365fb2e2bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 script.js Show response
nexus-gw.xyz/assets/js/ 6 KB
2 KB 467ms
464ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/js/script.js
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 15c0abf6c423f09ea5c82a616e3cfc7395ade2634ce935ab57f2533bcd9776fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 23:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6531bf6c-1796"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IE%2BwQuG1aVo4ZfGsRKGuW0xAd6qowk7A9PxFnwvf7lFJ8ZnJH8LU25o%2Bdlf8YGJPo8d2RP5EYrosvchTMsK8%2F8nJoCvSC%2BXlUF6DMrZwotUXy2V93j5Y8SAHg6i13TY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 88765365fb2f2bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
947 B 79ms
31ms Script
text/javascript 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f4.1e100.net

Software

GSE /

Resource Hash

2b369aebfa1e300f272c78651c99fe6c24fbb332a107b0586b8b0709499e8402

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 21 May 2024 17:35:55 GMT

GET
H2 200 telegram-widget.js Show response
telegram.org/js/ 20 KB
6 KB 75ms
23ms Script
application/javascript 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/js/telegram-widget.js?22

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Mon, 03 Apr 2023 11:46:12 GMT
server: nginx/1.18.0
etag: W/"642abc84-4ff5"
content-type: application/javascript
cache-control: max-age=345600
expires: Sat, 25 May 2024 17:35:55 GMT

GET
H3 200 embed.js Show response
embed.sellpass.io/ 3 KB
1 KB 104ms
53ms Script
application/javascript 172.67.75.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.sellpass.io/embed.js

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.75.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

716b07833eadf4d3aa61bb360a4c201a4172d762d32076451cf1497aa6b85970

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60173
cf-polished: origSize=3756
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"2562024a59be94933ecc61fd3fea1d76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCubVEbWCVC0mRhZCi896p3cMcQ5XQQzXgK2w%2BwXD5zQSejvGtlqGiX2R974yuxM7ZKZKWhvjZuWnvTVNK8vq1HK%2Fp6LUp6PzXp8ghDvYkJJq7looN1SiAgnvcBp%2B3vo4ws8bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8876536649a49763-FRA

GET
H3 200 script.js Show response
cdn.sell.app/embed/ 457 KB
121 KB 186ms
121ms Script
application/javascript 172.66.46.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sell.app/embed/script.js

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.46.224 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6063151a1fede0dea53be0a8de2fc42f6eff10f2156a1e1dd62c3e471f516481

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d1d96a3cc1634da657071182c0b5d483"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZmEyp%2BL7kzI5KGtT%2FpP4DKQs5zCI5DVVD50gH%2B98%2FJSS6lvCqGHotBrY61SE4ykRBV17KNmzqk43TO6%2FtKnKaP5HQHAKeu5PxdHuGHHISwkUojcA80CpOijxtEm79yY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8876536659129250-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 11:56:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 11:56:00 GMT

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/npm/clipboard@2.0.11/dist/ 9 KB
4 KB 170ms
57ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clipboard@2.0.11/dist/clipboard.min.js

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 21 May 2024 17:35:55 GMT
x-content-type-options: nosniff
content-encoding: br
age: 667570
x-jsd-version: 2.0.11
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3356
x-served-by: cache-fra-etou8220158-FRA, cache-mad2200139-MAD
x-jsd-version-type: version
etag: W/"23c8-mny0Bfm+7QBYkVh9QfdqByCJP/w"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 108ms
67ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3834652927134732

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8f867f0244532dce267924204250200dd4224d47e0687607032321c4b04ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Origin: https://nexus-gw.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51922
x-xss-protection: 0
server: cafe
etag: 8133558904694756740
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 21 May 2024 17:35:55 GMT

GET
H3

200

xsca.png
www.zupimages.net/up/23/47/
Redirect Chain

https://zupimages.net/up/23/47/xsca.png
https://www.zupimages.net/up/23/47/xsca.png

229 KB
229 KB

41ms
41ms

Image
image/png

104.21.233.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zupimages.net/up/23/47/xsca.png

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/assets/css/style.bundle.min.css

Protocol

Server

104.21.233.197 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c7c692ec072bc683239b3f6bba00130ac9b204fbedbda9b1c43f21cc89c944

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://nexus-gw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 21 May 2024 17:35:55 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
last-modified: Tue, 21 May 2024 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3851
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHubYMOYm0CIF7KBUrua0NI%2BTrm6AGBUjE47DBfyvzuLYWB3LC8zpnUhpJiZeK5U1X5rCBKa8OqpheQ2QR%2Fyqi0GBXaWtOPUMgGgyoIkIZ9hG7hD0WGVwB0Y0b42VHNWbARljA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
content-disposition: filename="xsca.png"
cf-ray: 887653665c709e91-CDG
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 21 May 2024 17:35:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tyDnZ3crA82mX7M1l7gGCN45o4BRQXsqOmyWKoNDutHLAhGGMwSzd3c3aoNSaVygj%2FYJZ2i3NFFOKDlLi%2F35y%2Bh%2FMVSyCCGZgRa78%2F8D0AUKPfAHlsV7tGhK7XifzWBF"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.zupimages.net/up/23/47/xsca.png
cache-control: max-age=3600
cf-ray: 887653660c029e91-CDG
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Tue, 21 May 2024 18:35:55 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 113ms
36ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://nexus-gw.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:18:16 GMT
x-content-type-options: nosniff
age: 11859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 14:18:16 GMT

GET
H3 200 keenicons-duotone.ttf
nexus-gw.xyz/assets/plugins/global/fonts/keenicons/ 183 KB
92 KB 644ms
644ms Font
font/ttf 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/plugins/global/fonts/keenicons/keenicons-duotone.ttf?eut7fk
Requested by: Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/assets/plugins/global/plugins.bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 740f05532f3550f25132771b30fb156ca51986dfb32d7a9a24465deba322632a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/assets/plugins/global/plugins.bundle.css
Origin: https://nexus-gw.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 May 2023 16:27:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64528b80-2dc6c"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXUVDc8umTOyoswVf2Hqoz2c7U%2BpXhU%2B%2FCa73loPHg4tCX09HBaINwNRByq6A58yGjCZtIWDDlCu%2Fx1JjhBh0pk%2Ft8d12OxuEBqu%2FoKkG8wTURKLrsYIU2bQEFQl7hE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=432000
cf-ray: 887653662b702bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.3/webfonts/ 76 KB
77 KB 282ms
280ms Font
font/woff2 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://use.fontawesome.com/releases/v5.15.3/css/all.css
Origin: https://nexus-gw.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:56 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e8a427e15cc502bef99cfd722b37ea98"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=21QDUCNfZdOowVRhNVuNFJ4co4td7KlPGopmfXRoLnwv1eSD6Wlqv4LnHMKdHJKH6fU2Q1B4sROnoEfLHpAdYCVqFNIkB9fn92fV%2FTulVJehgVW2gRVEX3LI7ESK4FjkvJEZ5dY8i2ABagRIloUimH4f"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 887653663fcb5b9e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 78196

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
63 KB 107ms
55ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M2B35SFL

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0358a1716db2863410457627c8c94d2ddfcd1ae393048f8c66a306d684c5dda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64547
x-xss-protection: 0
last-modified: Tue, 21 May 2024 16:30:34 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 May 2024 17:35:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405150101/ 415 KB
140 KB 119ms
72ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3834652927134732&plah=nexus-gw.xyz&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3834652927134732

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f05ad055f8b0fc962d25295c81c49a474c898e60aceff022359b778dd1d46cd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143645
x-xss-protection: 0
server: cafe
etag: 6409766482398617248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 21 May 2024 17:35:57 GMT

GET
H3 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 116ms
63ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbcf1788b72ba5a100c4899d5a7c92735474dde494f17da40530ce8d102f63e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-205d"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 887653735e632c02-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 22 May 2024 17:35:57 GMT

GET
H3 200 favicon.ico
nexus-gw.xyz/assets/media/logos/ 15 KB
8 KB 93ms
93ms Other
image/vnd.microsoft.icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus-gw.xyz/assets/media/logos/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a895092f3d1428b0ca6941717525404837c84cc90f9815da89de1eea6a2deab6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 09:13:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"657ebbb5-3aee"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3rxuB0%2FUeVvaqZuDjvsDVSgQiINavWKMUEG3iEWHjrduC%2F9uwTli9BBRwiZGaSMuT3wTexAqAgelmLRMd1cb2ER%2F%2FoILWd%2F4O%2BH84Tp56kOj4tzdyze6q5lx61tndO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=432000
cf-ray: 88765372ff242bd6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 236
t.me/CrackingNXS/ Frame DC8C 0
0 147ms
47ms Document
text/html 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.me/CrackingNXS/236?embed=1&dark=1

Requested by

Host: telegram.org
URL: https://telegram.org/js/telegram-widget.js?22

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://nexus-gw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store
content-encoding: gzip
content-length: 3552
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 17:35:58 GMT
pragma: no-cache
server: nginx/1.18.0
strict-transport-security: max-age=35768000

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/ 518 KB
206 KB 99ms
37ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b81a631ac148240582b0aab584a6ee84a8063787e9ad00703bbfdd1a55caf09f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Origin: https://nexus-gw.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 14:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210203
x-xss-protection: 0
last-modified: Mon, 13 May 2024 17:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 May 2025 14:37:42 GMT

GET
H3 200 script.js Show response
cdn.sell.app/embed/ 457 KB
440 B 102ms
64ms Script
application/javascript 172.66.46.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sell.app/embed/script.js

Requested by

Host: nexus-gw.xyz
URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.46.224 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6063151a1fede0dea53be0a8de2fc42f6eff10f2156a1e1dd62c3e471f516481

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Origin: https://nexus-gw.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:58 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d1d96a3cc1634da657071182c0b5d483"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2BXQFrgJIsskFIXykwHr%2F13ZvfjBhUwrUIZkLamatoQ%2FiXHEcTyjYOEh1bV0d2B7DNo2dxlwT5p7g3cvzlYvSLjOZF5rmgXzIB9rZSVD%2FfFWqePHUMSbM8nFCAfEj1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 887653756dbe71e2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240520/r20110914/ Frame 3573 0
0 51ms
21ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240520/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3834652927134732&plah=nexus-gw.xyz&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://nexus-gw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 4800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 16:15:58 GMT
etag: 11731753506229902092
expires: Tue, 04 Jun 2024 16:15:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame A695 0
0 83ms
70ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3834652927134732&output=html&adk=336004586&adf=1440177680&abgtt=6&lmt=1716312958&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnexus-gw.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1716312957839&bpp=2&bdt=2347&idt=488&shv=r20240520&mjsv=m202405150101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1700512274821&frm=20&pv=2&ga_vid=698624511.1716312958&ga_sid=1716312958&ga_hid=1440214236&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081563%2C42532524%2C95331832%2C95331983%2C95333411%2C95331712&oid=2&pvsid=1735856680059995&tmod=1255067995&uas=0&nvt=1&fsapi=1&fc=1920&brdim=430%2C430%2C430%2C430%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=526

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://nexus-gw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 17:35:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 413 KB
103 KB 69ms
69ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?9e7cb0c

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655253c4f1aa7cde5800020ba66c0612c3fba93fb5882775c0ce60a5c7955a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-6736b"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 887653760ab52c02-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 19 May 2034 17:35:58 GMT

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 362 KB
49 KB 50ms
50ms Stylesheet
text/css 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?9e7cb0c

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac8602f2b9f65d01baa3a71c2b69bb8561582353c0c77d9117ac629720d40833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 May 2024 12:26:32 GMT
server: cloudflare
etag: W/"663cc0f8-5a9cb"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 887653760ab82c02-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 19 May 2034 17:35:58 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
74ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240520&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b623e4251dfa173028d57774bfd657718c5c55b0f7df1afcad18c2f2cdcd1f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12728
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 173ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 May 2024 17:35:58 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/2e823a24-67a1-41ca-9f26-f4932011fa0b/prelude/ 214 B
505 B 96ms
96ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/2e823a24-67a1-41ca-9f26-f4932011fa0b/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-4-21-19-35

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?9e7cb0c

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf44ed9e65d58e13276251aca05b447cab0534867869a04d9b148460f9370fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 May 2024 17:35:58 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 887653785e3c2c02-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 21 May 2024 21:35:58 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B092 0
0 120ms
28ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://nexus-gw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 1964
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 17:03:15 GMT
expires: Wed, 21 May 2025 17:03:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
client.crisp.chat/settings/website/2e823a24-67a1-41ca-9f26-f4932011fa0b/ 1 KB
977 B 142ms
141ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/2e823a24-67a1-41ca-9f26-f4932011fa0b/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1715510969146

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?9e7cb0c

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d85f30ca045e356c6f4d62071ac54f076bb735b36af82c671c89cb1f9238cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 May 2024 17:35:59 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8876537bcbda2c02-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 21 May 2024 21:35:59 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 7 KB
3 KB 41ms
40ms Script
application/javascript 104.18.29.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?9e7cb0c

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?9e7cb0c

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5623cc23fb5f25c6472ca24b4472e7ce8d0c9ee6c832e0e34d0d2f1df6b01284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://nexus-gw.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 17:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 18499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: W/"64d22e8c-1ce8"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 8876537cbd7a2c02-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 19 May 2034 17:35:59 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240520&jk=1735856680059995&bg=!qqmlqebNAAaTdHvKs3Q7ADQBe5WfOJG8JnbaVOjW05yhZXYpIPOSIvJMB2JN9AQcK40uHfKu4yzSdTU8tzEmgkqtuJcaAgAAAQ1SAAAAAmgBB34ANdjKz52vRf2jU8YnnaDyi2RHhyLHMOBRnxpbhxqKf7_KdUF54PSk9ZUrB1waNdOb_iWNCmGsmQKlVnot8zTm6NrS_8e7Bu9Qtmzln1tVnuWvFPOnDKS_RO9Tn8iSqmDx4c_apY1mw9qfLnIIC1r6rzTNDBbhcjerO584VacAEh3_RjiM3NXfEyFKgcEow0_5RtQasjfsVGP3JoY3xMw_XBkUUUrayxQ2XK8jfH1WEv9lQlCB_TIAGn1L08U7QLWAUR8gjRoQ8Y6P690ytr0aHlX6ktSKX4R1RPeGNtuf7jLeqpPVxGNOjBppFIHklZu_jzThRdc8QusJ_JR-HRt8r6EuLrkIwbc_FD1a-Lid6usebGMfpjj9v4VgHDL_9LZyM43zZ5ckn4AWhBd6XoTS7ebR4LNrTlCtxSRPZe7sn2xZsl-Tna8lvcrtu9RCZrgFg2sgYgTKD6j2Yne09mTIGnYOoHPPc0tC1l0TsTTPCqbMUcpHOck-c8UJ8WRbYa_ZqGjn2V0jCpPf9-nm0t9z3dfE1vYx1jj-7Hv9O58L1lZ8rL96xQjdBofMiajR5lSWBDmI07EvOoawZc4jEIudNJ_GgGPTKNaeU4pSQHLHLdSDudz7iLpfYJXXwpwjR07hoVFT3yyESirtNrKdP_bbV4kLdLiQBRSFXaGudDVUfgbymkopSJqnL2SXSvloxqsEbu_DOnCPtpkNtHnorgTgb-mltpUfDngzHxCEqFQu28KscsHORm6NMpOeaE8nOK8cMJ2DwR1ubLY-lx6_x2RdnsboeZsDn6cVCK9xdBnO07dPpk9pdFER3zoAK2qIpvoJuFDDmWm9ZU92qimo_5zZnVBHeCdA8TcoOvvAJSvZOCRtnoF_h_EFkI6AY7F7ZkLlrqoM5RsrTl3KydskrwupBwLJqXRDtxCeoUXP5K19YjY-QNwsZks3Tba03hFbvLEHhd-vaBvSvokqm5YKSCM

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nexus-gw.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: n0ruiflnneef84brquro982oe6
.discord.com/	1969-12-31 23:59:59	Name: __cfruid Value: 78036dd62d8d371b44074b1f1595a71163394811-1716312955
.discord.com/	1969-12-31 23:59:59	Name: _cfuvid Value: _bSXUtdzeMynvbe9JzTQr6cSaaiEShXuYRI_fnNyh6o-1716312955659-0.0.1.1-604800000
.discord.com/	1970-01-21 05:30:48	Name: cf_clearance Value: 2p71NfeeZiXvR1jK3kamC8hIt0TM35KScx7S5o7g8m8-1716312956-1.0.1.1-Cb11pngI6V6EWbqy_ABtLjgKeHPri5TYIIa8OOWD1PaFEqAQEFwxYaC5M0B1eHnmF2Gkn726GQJQE325E7f6lg
t.me/	1970-01-20 20:46:39	Name: stel_ssid Value: 5301cc936a133ecaca_15444209531604799236
t.me/	1970-01-21 05:21:20	Name: stel_on Value: 1
t.me/	1970-01-21 05:30:48	Name: stel_dt Value: 0
.nexus-gw.xyz/	1970-01-21 01:08:00	Name: crisp-client%2Fsession%2F2e823a24-67a1-41ca-9f26-f4932011fa0b Value: session_05227213-5602-4915-b968-0a06c9e9c16f

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A preload for 'https://cdn.sell.app/embed/script.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nexus-gw.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdn.sell.app
cdn.vpninfo.dk
client.crisp.chat
discord.com
embed.sellpass.io
fonts.googleapis.com
fonts.gstatic.com
m.media-amazon.com
nexus-gw.xyz
pagead2.googlesyndication.com
play-lh.googleusercontent.com
share.creavite.co
t.me
telegram.org
tpc.googlesyndication.com
upload.wikimedia.org
use.fontawesome.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.zupimages.net
zupimages.net
pagead2.googlesyndication.com
104.18.29.104
104.21.233.197
142.250.186.34
162.159.128.233
169.150.247.36
172.66.46.224
172.67.75.106
188.114.97.3
2001:67c:4e8:f004::9
216.58.212.132
2606:4700:3037::ac43:8ef5
2a00:1450:4001:80b::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2016
2a00:1450:4001:812::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
2a02:ec80:300:ed1a::2:b
2a04:4e42:200::272
2a04:4e42::485
2a06:98c1:3121::3
0358a1716db2863410457627c8c94d2ddfcd1ae393048f8c66a306d684c5dda5
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
15c0abf6c423f09ea5c82a616e3cfc7395ade2634ce935ab57f2533bcd9776fa
22e2cb9f2159ee173918b58de1fa3d11a05d6db01ef6bda6400aa3d553b2fbec
2b369aebfa1e300f272c78651c99fe6c24fbb332a107b0586b8b0709499e8402
2e8f867f0244532dce267924204250200dd4224d47e0687607032321c4b04ed1
2f4cd9aabd0a061ccac8c50d8ddf8a07180b514eefb93c752b99d20cbb09c5c9
48c7c692ec072bc683239b3f6bba00130ac9b204fbedbda9b1c43f21cc89c944
4c8cf71d0bfe7f14d2b10a921fd60e23e5887114801a9c66738713b744d4b12e
4d85f30ca045e356c6f4d62071ac54f076bb735b36af82c671c89cb1f9238cce
5623cc23fb5f25c6472ca24b4472e7ce8d0c9ee6c832e0e34d0d2f1df6b01284
6063151a1fede0dea53be0a8de2fc42f6eff10f2156a1e1dd62c3e471f516481
6090c70d9b6502fa2a70394e8bfaa18ceb768ff688718562d3ad4adf75bb068e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
655253c4f1aa7cde5800020ba66c0612c3fba93fb5882775c0ce60a5c7955a68
716b07833eadf4d3aa61bb360a4c201a4172d762d32076451cf1497aa6b85970
740f05532f3550f25132771b30fb156ca51986dfb32d7a9a24465deba322632a
784719f0bd7a5d046f72eba6d0c40df643e31f49fe56fd1edbd16a6818db0183
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
964d7efcb24830feb942c28e2e39bc8df6ad5ecdeb95beb65fd7949a179a6108
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a3c917a1e13ef9c1321b91f37f8bd8238a4b7e8c0434330bcc0cb4669e3d19d2
a895092f3d1428b0ca6941717525404837c84cc90f9815da89de1eea6a2deab6
ac8602f2b9f65d01baa3a71c2b69bb8561582353c0c77d9117ac629720d40833
afb6fe647b46443458fc257494d6ca4bce8f175b585702e92bac2c8bbb7f05d2
b2e2ba365ab29a78ca6d87112c37028ae99dfa54fae48c0e6f38cd8f5683ae2a
b623e4251dfa173028d57774bfd657718c5c55b0f7df1afcad18c2f2cdcd1f60
b81a631ac148240582b0aab584a6ee84a8063787e9ad00703bbfdd1a55caf09f
bc2e60a80c715763b016c9d5e918a13cac4db5bbb509c18a120766914c81d988
bcb6ad7d109aecae51b40c3fcc3dfdfc3f7ab7c493f8c4b19ce9ea13b612e788
c04e22669347406eb4a90794a52157e557a78ff5068eb542370d7500a2003f98
cb4e2dd2f4f488b3f9b85fd9f3593c58579ff5bd21a4b278d807e3a65da56ccf
cbcf1788b72ba5a100c4899d5a7c92735474dde494f17da40530ce8d102f63e4
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dfc8ae7e7dac8433d39fffd47524d935a3f1d7658ff2c8a9ed75dbe5b5c84203
e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9
e8265ab5a7c4be97b975eb11995c59d302074f8ada970dfcadcad293c74bbbd6
ec69f36f3fbb9c4fdd1f4979183418db99308bb88d9d2a59fb227772d35c95a3
f05ad055f8b0fc962d25295c81c49a474c898e60aceff022359b778dd1d46cd7
f7825a56071b3d6c35978f78a783056c2fcafb1e3bd977519c2dfe188f61656f
faf44ed9e65d58e13276251aca05b447cab0534867869a04d9b148460f9370fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

nexus-gw.xyz Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

94 %HTTPS

57 %IPv6

20 Domains

24 Subdomains

22 IPs

4 Countries

7441 kBTransfer

14353 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nexus-gw.xyz Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

94 %
HTTPS

57 %
IPv6

20
Domains

24
Subdomains

22
IPs

4
Countries

7441 kB
Transfer

14353 kB
Size

8
Cookies

50 HTTP transactions
1 data transactions