oaxyteek.net/-12KJUZ/GnIF
172.64.197.21200 OK 5.7 kB URL HTTP/1.1 oaxyteek.net/-12KJUZ/GnIF
IP 172.64.197.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (552), with CRLF, LF line terminators
Hash a2ba0f4d8877ef3f426df3ecbc256068
34fbf29b74f5a129e325be18ef6c174b5fdf15eb
d3fb9efff614252078b7c014a8bac149e62ecc164ebc4cf00d9425c420cf1184
GET /-12KJUZ/GnIF HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=93rdgiur88jafk96hgcjklpgd6; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Fri, 27-Jan-2023 22:09:35 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Fri, 27-Jan-2023 22:09:35 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp3=1532635802; expires=Fri, 27-Jan-2023 22:09:35 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 26 Jan 2023 22:09:35 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FP%2BRkRRUM79ON2cKWbeeh7w8a3PxJuFQOLf53LwVQMKA1SAIRBPAqEw9VcsLQ0EWkMOSwAacjg7HwZFRinUSjSboYbOa2yNH%2FytIKezjeqqfnUUDgigWMUVKTPszhg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fc92e6394a385a-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5882
Expires: Thu, 26 Jan 2023 23:47:37 GMT
Date: Thu, 26 Jan 2023 22:09:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5501
Expires: Thu, 26 Jan 2023 23:41:16 GMT
Date: Thu, 26 Jan 2023 22:09:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 21:42:56 GMT
content-type: application/json
age: 1600
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12423
Expires: Fri, 27 Jan 2023 01:36:39 GMT
Date: Thu, 26 Jan 2023 22:09:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9xs+YKKoJZMkKCYMpt6ij0/OPhDnk3L0k66FsqHOIrkcsQbLWUoMFmQG1e2Cn+OTly3OqQquYMN9pQ2QeG9ykw==
x-amz-request-id: J55KXMXMZSCT29BP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 21:20:16 GMT
age: 2960
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:09:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 26 Jan 2023 08:57:11 GMT
Expires: Fri, 26 Jan 2024 08:57:11 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 47545
cdn.oaxyteek.net/static/js/view118_bidshow.js
172.64.196.21200 OK 4.0 kB URL HTTP/1.1 cdn.oaxyteek.net/static/js/view118_bidshow.js
IP 172.64.196.21:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:27 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-5c74f9ea89cd6c48;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 429
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JMYmTdwUpOK4zdA%2FmZNO9QgzVMNeaaWoC8Bgms10td3TGwp9m41gXXBmFG4MrUI5BL%2FqAe%2BnE%2FDxZz%2B%2Fybw0EBKIl1D2KRsJyJGp%2BfuCq7s6iTOIY8IvyolagcV%2FB7M%2FxWc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fc92e9c9cf886b-LHR
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/css/adfly_7.css
172.64.196.21200 OK 875 B URL HTTP/1.1 cdn.oaxyteek.net/static/css/adfly_7.css
IP 172.64.196.21:0
File type ASCII text, with very long lines (2735), with no line terminators
Hash f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a
GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-a94c583d5cffa0cf;gz"
expires: Thu, 02 Feb 2023 22:02:36 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 420
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG7%2Bbe0UzpOlENVEWSLHGq%2BkUABIwOJFj0aV02NivGKC29%2FOPyMs8C3eNwAc29DuxAjDrpOslM25UTM3W4424D5hi0dLmNLHvl%2BJBdbc9E%2BzU%2BVye69OIEKOhZA1gvac%2Bt3j"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fc92e9ceca06ed-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/js/amvn.js
172.64.196.21200 OK 84 kB URL HTTP/1.1 cdn.oaxyteek.net/static/js/amvn.js
IP 172.64.196.21:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash eaa0d63fc43e2bb85d953efcceca9f9f
48d83d494fcc4d6b94fdfd32e624d0205abf5414
788c24d0135720ec041829650e0af2b21978be1a77f3fd3a81ceb7b6a856ae7f
GET /static/js/amvn.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: application/x-javascript
Content-Length: 84304
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:03:52 GMT
last-modified: Thu, 26 Jan 2023 12:20:02 GMT
etag: "3f2b3-63d26ff2-7f3dbfff7fea7a09;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 343
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHuTOYNmeIL3elABfbsr9XhU5uGhRrR7ZEYnFQzuCYDogyWdlRiilGZp92gigMGUnEEsXkbko1M8BMxM5J6owRzaJU0V%2B4fQkjX18fJORlRVghTv1FCo1UFKadIQmdLbvePp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fc92e9cc277576-LHR
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/js/main.js?v=2022052901
172.64.196.21200 OK 705 B URL HTTP/1.1 cdn.oaxyteek.net/static/js/main.js?v=2022052901
IP 172.64.196.21:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:09:36 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-5a0b6a8c1f70ff01;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZ%2BMa%2FPr1ZIzndAmbqpMPhhwpHnwKHrX9oQpAJ9U2VdxHlL2rZEfQhwoGWfAdICHajkluN1u2NqoImzGfn96mFQlvwTXDF4vPLqeAqVDGqqBbYYy9eL%2BM09IkFFGPbgPYr77"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fc92e9dcbc7791-LHR
alt-svc: h2=":443"; ma=60
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
54.230.245.112200 OK 36 kB URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP 54.230.245.112:0
File type Unicode text, UTF-8 text, with very long lines (15481)
Hash 095ec6de818e659d2239f6ecac25104e
0531785d52f3ebcd45933b51ae57d6aee12e9774
7e742b6369021e2e3ec3198feb5f9ad707182e0f128e6203a1a9a5a4afdd27ee
GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Content-Length: 36021
Connection: keep-alive
Date: Thu, 26 Jan 2023 22:09:36 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oGZUI83zuYK7R9U1HGXcOkhkDimF_TXVNMoa4FYOVcQbSgYqwcV1cA==
cdn.oaxyteek.net/static/image/logo_fb2.png
172.64.196.21200 OK 6.3 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/logo_fb2.png
IP 172.64.196.21:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:27 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-50f7a0a7015a0140;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 429
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mh5lI5ek%2BKl0uvtjYsfdFXXtiamuL3A0Sqaxw7jtxvNBT3qVYr%2BeJOMDKvMU79Fh9MdFtV04GFMYtvdmUruRm1vYyS6jWUCC78uPXuc6hhLg90cVgUeWGiP5ZfJlBjmH4udk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92eb1c38886b-LHR
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/skip_ad/en_tran.png
172.64.196.21200 OK 5.1 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/skip_ad/en_tran.png
IP 172.64.196.21:0
File type PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29
GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:53 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-eb24f435e560d3dd;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 403
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNsGbjknD8cH2Vb2WIMuH2HUUo%2ByMHG5bn44iLkF1P%2BbGYY9%2Fo3Wvsn2fqKNwps%2FIrKtitLNlA1qZYcsL%2Fg3hn2a547gHQxvLmUHBnLL4G6JbRCqvhzsVCfu%2FGnVJuAY%2FIp2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92eb1dc37576-LHR
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/spinner.gif
172.64.196.21200 OK 36 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/spinner.gif
IP 172.64.196.21:0
File type GIF image data, version 89a, 39 x 39\012- data
Hash 2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
GET /static/image/spinner.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:24 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-3361a662be6e6961;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 419
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2g3Hzfxs2WMqZt8p%2Bk864b9qKAzirkyQYWBbHFJBO8EoSEonupI55bo2z8yMyu8IahCkjCZ3WUhXOTWyFPEvfgo1PJ7wwh3jCbzt1Edj%2FDr24fUoVV5nBSoGK%2FXWakIG6cx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92eb181506ed-LHR
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/delete2.png
172.64.196.21200 OK 577 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/delete2.png
IP 172.64.196.21:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:37 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 419
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYPlINorHheahYFlx7W4KCA9Mj%2Bysg00qcwS1BQbNPMnWSDXRnWbUkOTxRkCa3xuMm8j0HjuXCtYGYoaNOFa3yMPYf8vYWD8bH%2BndLt84mM%2FOAXVX6SPVtkdlxjR7F2jgdJR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92eb1ec7f3fb-LHR
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/ahl6532.gif
172.64.196.21200 OK 3.2 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/ahl6532.gif
IP 172.64.196.21:0
File type GIF image data, version 89a, 166 x 58\012- data
Hash 48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:25 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-b4353aef5660bc5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 430
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUuQxnsdy50eUu7O9WlsfkJisLC420Nn9SNC8H4CCTzVY4YqPMjCZsgcc7omxAZpSKlSXHuoXtq1fuTmAdtdHknb84GaeJtwGC0gIv8tPrZW%2BZrCD6oNCplDxVh4U6PhbUpa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92eb38f4776b-LHR
alt-svc: h2=":443"; ma=60
reoreexpresi.xyz/popunder.gif
172.67.203.148301 Moved Permanently 0 B URL HTTP/1.1 reoreexpresi.xyz/popunder.gif
IP 172.67.203.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: reoreexpresi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 22:09:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 26 Jan 2023 23:09:36 GMT
Location: https://reoreexpresi.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqGcmDr1XbqaRewF7IM232f9BmgRleDDvUE9XmmCxW0BxQ%2F5hwPuHoHvyagVDQ5orMulCkNmg8YOIjjLV4G51y%2FIOk%2BMReTFVxEkw4RCPBMOOXpVQGd4vd7evqkHIsVB8keU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92eb9fc3b506-OSL
alt-svc: h2=":443"; ma=60
oaxyteek.net/js/display.js
172.64.197.21200 OK 5.8 kB URL HTTP/1.1 oaxyteek.net/js/display.js
IP 172.64.197.21:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: FLYSESSID=93rdgiur88jafk96hgcjklpgd6; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:43 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-1a029ed62bba2563;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 413
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BSTNTxzXKMZCfLqqEMw72YCVdWJE9CswgdpgIy83u4gMI3JnuR7ev3yFPYWKosj62Im1iOUvOjRQAD1kNzvR4pSOfr%2FHgTz%2FK2Zg33XEWXeXPi0jpW1xwirKj9bBEk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fc92eb8ae0385a-LHR
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1
172.64.196.21200 OK 156 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1
IP 172.64.196.21:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:09:36 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-95f251b8bd8ef212;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pm3xKIcf%2FEkHVqfQePNbgaRXxjuebzuulGaQ9IYK0lqa%2FyOfNkgkXnOEjwCTdzxPkbOtvHtu2rHrh%2BCCDXyzubHJHKNy%2FK9aVJGkTM0W%2FzFfV8dfHQRGLZmfzKNLulmIlTzA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92eb1edb7791-LHR
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/skLwC7qegUg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP 142.250.74.131:0
Hash e776359c30d3b2493537158bc983c8ff
033d1edb4043b9249bafb4011745fdb9902573c6
4ded863df60ddd84571c5e0554e133c4d551a73ad468547d3bd5ef4c3d5106b7
POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/skLwC7qegUg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP 142.250.74.131:0
Hash e776359c30d3b2493537158bc983c8ff
033d1edb4043b9249bafb4011745fdb9902573c6
4ded863df60ddd84571c5e0554e133c4d551a73ad468547d3bd5ef4c3d5106b7
POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.oaxyteek.net/static/image/d_top_bg.png
172.64.196.21200 OK 156 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/d_top_bg.png
IP 172.64.196.21:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:21 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-6bfb178d8ae4aca5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 431
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjxLxFxyHZHqZv0YKDfgflXQ6GrRDFI7nbBLv1B5k4KBShbKZSTn%2FNYtqW01DPOvtmNmNV7zMbk2nn%2B48GOFQO9vFXRluhJZWlb3LgBnGC%2BMeIV9hNHE9trgkr7KbPJGPERF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92ec780d7576-LHR
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/d_bottom_bg2.png
172.64.196.21200 OK 2.8 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/d_bottom_bg2.png
IP 172.64.196.21:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:37 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-e40381177193f2ef;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 419
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JN4Eoe4dQI%2FCnkGEremwPG4ker4uW3Pi8AP90gO%2F6y5niIZ7HaqYEpgRespOkgA4UY8IxUmMAIJi1U3m4%2F2zWO3HB4swbzqyh4tQdmHnNKjfNbA3WaihJLypXNMZINSAchHb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92ec795806ed-LHR
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP 142.250.74.131:0
Hash 7e1dfa587adabf5bc8c779e4cbe5deee
7ab65d461acaea6d35e653ad57c383a9de0b09f6
8678262f02c986f42a38a388c41338113b9d81491093735b25d0c91eac2423d0
POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oaxyteek.net/2market_bidshow.php?user_id=25832099&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww49.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D25832099%26pci%3D7177860181%26t%3D1674770975%26dest%3Dhttps%253A%252F%252Fexe.io%252F18Kf&url_id=7177860181&t=2e5bcad967baae4fbeaa1f5f96001219&w=31a4c3915683e5e0d691e211dadb480b
172.64.197.21200 OK 82 B URL HTTP/1.1 oaxyteek.net/2market_bidshow.php?user_id=25832099&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww49.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D25832099%26pci%3D7177860181%26t%3D1674770975%26dest%3Dhttps%253A%252F%252Fexe.io%252F18Kf&url_id=7177860181&t=2e5bcad967baae4fbeaa1f5f96001219&w=31a4c3915683e5e0d691e211dadb480b
IP 172.64.197.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c
GET /2market_bidshow.php?user_id=25832099&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww49.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D25832099%26pci%3D7177860181%26t%3D1674770975%26dest%3Dhttps%253A%252F%252Fexe.io%252F18Kf&url_id=7177860181&t=2e5bcad967baae4fbeaa1f5f96001219&w=31a4c3915683e5e0d691e211dadb480b HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: FLYSESSID=93rdgiur88jafk96hgcjklpgd6; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:36 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ed582dvhpjCF70fBNRuVg1i6%2FrUsaiXX895ehekaOHTaWkXc2P%2BIkQRJiMZ84c14%2Ffe%2FE2vO8P1oaQ7joMk2S9DmfHmoNR58TDucwl67F7mkENgBuNOMO8qJFY6v3gM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fc92ec7c6a385a-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
reoreexpresi.xyz/NUFiNlQafgFFaVE7JH0CbTEmdAxFLzZdFXcnUHAbZxAGATZgDERCPVF8VQZtBXRUECRcJV8EbRMyFlcgQDJfB3JcLwRZaRM3Xwd6BW9UBnoEZxcLZRM1ElczCHBERiBBLV8HYgJ1VQFkDHZUAmcD
172.67.203.148204 No Content 0 B URL HTTP/2 reoreexpresi.xyz/NUFiNlQafgFFaVE7JH0CbTEmdAxFLzZdFXcnUHAbZxAGATZgDERCPVF8VQZtBXRUECRcJV8EbRMyFlcgQDJfB3JcLwRZaRM3Xwd6BW9UBnoEZxcLZRM1ElczCHBERiBBLV8HYgJ1VQFkDHZUAmcD
IP 172.67.203.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NUFiNlQafgFFaVE7JH0CbTEmdAxFLzZdFXcnUHAbZxAGATZgDERCPVF8VQZtBXRUECRcJV8EbRMyFlcgQDJfB3JcLwRZaRM3Xwd6BW9UBnoEZxcLZRM1ElczCHBERiBBLV8HYgJ1VQFkDHZUAmcD HTTP/1.1
Host: reoreexpresi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 22:09:36 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsp8wpySYgsBxpeuWDRInL5ir16HdpymGfxRACE7snPmx8sCUcZypXWxS4Ng1x0HN3uqi8tGGv6Aj68iRemYSg27em4KiF99kUkVQoWYdAkagK%2FPBAyRtOBMMLBDMhLHkJjP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fc92ec2f14b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
142.250.74.168200 OK 41 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 4a027049fc1943f0a1b7f1c4ca7a8280
3f3821f2a607b634fdb48fe842ceb0742321c499
6d28a65cba41cc6b8faedcd45e6cb644fa3d1f323416a7efadc3289e0f348bb4
GET /gtm.js?id=GTM-5NL9VFJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 22:09:36 GMT
expires: Thu, 26 Jan 2023 22:09:36 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/skLwC7qegUg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP 142.250.74.131:0
Hash e776359c30d3b2493537158bc983c8ff
033d1edb4043b9249bafb4011745fdb9902573c6
4ded863df60ddd84571c5e0554e133c4d551a73ad468547d3bd5ef4c3d5106b7
POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
shipsmotorw.xyz/SDFJMjMpUypfDCkMKxRGOl10FwEOFHt0V3lbe1hFf1M/UUAwQC4cUCRePFZVOl4nRh0mVD0XAQ5HHXZfHX4Nd0UeWzlXdyJZGH9yHXkvcwImdS5kQh1ILWprMkYMcF84ay1lQA5UHGgGGQIDf2AxVgxocX1VBWRQMnMbUUMeSyp0cg9BEH91J3wscAsvYg8GXQp1fFRiG3MvfFg4ZQd3WzFlH3BLHnU9cWQLcx98YXh1ClVLfnILYBZ6cwpqSxhmCnhXBwFwcVIZRSJkWB5BCgBiAnAee3krYD1IUhlFImYCL1gNAHIscC4GUBJWIXhWLwAxcQAGQQoAHhp6GwBYA3cYWXEtYy1ZdhpjbABxC2UHVmYhVR5RYjgCL1VfJHIIdAoLZhxWcntJL2JmOGQCXmo7eRh/eAt2GHx7e0Yve2IdcG9YQCdfOQ9hKllwYGIJRnxI
65.9.44.12200 OK 1.2 kB URL HTTP/1.1 shipsmotorw.xyz/SDFJMjMpUypfDCkMKxRGOl10FwEOFHt0V3lbe1hFf1M/UUAwQC4cUCRePFZVOl4nRh0mVD0XAQ5HHXZfHX4Nd0UeWzlXdyJZGH9yHXkvcwImdS5kQh1ILWprMkYMcF84ay1lQA5UHGgGGQIDf2AxVgxocX1VBWRQMnMbUUMeSyp0cg9BEH91J3wscAsvYg8GXQp1fFRiG3MvfFg4ZQd3WzFlH3BLHnU9cWQLcx98YXh1ClVLfnILYBZ6cwpqSxhmCnhXBwFwcVIZRSJkWB5BCgBiAnAee3krYD1IUhlFImYCL1gNAHIscC4GUBJWIXhWLwAxcQAGQQoAHhp6GwBYA3cYWXEtYy1ZdhpjbABxC2UHVmYhVR5RYjgCL1VfJHIIdAoLZhxWcntJL2JmOGQCXmo7eRh/eAt2GHx7e0Yve2IdcG9YQCdfOQ9hKllwYGIJRnxI
IP 65.9.44.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3037), with no line terminators
Hash 9af4a5b3d2950c4404835567d92dafb3
0eb2315159feac9a4d16072314234a06809e32eb
5ef78a1c1cb95d6159d1a8749fabcfb8aaa6bea625d17f0d791b47814529ee92
Analyzer Verdict Alert quad9 Sinkholed
GET /SDFJMjMpUypfDCkMKxRGOl10FwEOFHt0V3lbe1hFf1M/UUAwQC4cUCRePFZVOl4nRh0mVD0XAQ5HHXZfHX4Nd0UeWzlXdyJZGH9yHXkvcwImdS5kQh1ILWprMkYMcF84ay1lQA5UHGgGGQIDf2AxVgxocX1VBWRQMnMbUUMeSyp0cg9BEH91J3wscAsvYg8GXQp1fFRiG3MvfFg4ZQd3WzFlH3BLHnU9cWQLcx98YXh1ClVLfnILYBZ6cwpqSxhmCnhXBwFwcVIZRSJkWB5BCgBiAnAee3krYD1IUhlFImYCL1gNAHIscC4GUBJWIXhWLwAxcQAGQQoAHhp6GwBYA3cYWXEtYy1ZdhpjbABxC2UHVmYhVR5RYjgCL1VfJHIIdAoLZhxWcntJL2JmOGQCXmo7eRh/eAt2GHx7e0Yve2IdcG9YQCdfOQ9hKllwYGIJRnxI HTTP/1.1
Host: shipsmotorw.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1189
Connection: keep-alive
Date: Thu, 26 Jan 2023 22:09:36 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 d30a7800f939c215cded21c657c43fc8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: n1Mwqtkg36MX-FdETuwWdw8DY-R9OkHwbIxSw-sDyHLXfD_GXvqLjw==
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4adeea2262378239736beff115f7a5a4
3f5dec01a072e26e8f9f436a7d28860fab4e0feb
52959cfee451c390f39e92b6fd2cb07ae7550e5d1ed880ff4f131c2837c377bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52959CFEE451C390F39E92B6FD2CB07AE7550E5D1ED880FF4F131C2837C377BD"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Fri, 27 Jan 2023 00:57:05 GMT
Date: Thu, 26 Jan 2023 22:09:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4adeea2262378239736beff115f7a5a4
3f5dec01a072e26e8f9f436a7d28860fab4e0feb
52959cfee451c390f39e92b6fd2cb07ae7550e5d1ed880ff4f131c2837c377bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52959CFEE451C390F39E92B6FD2CB07AE7550E5D1ED880FF4F131C2837C377BD"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Fri, 27 Jan 2023 00:57:05 GMT
Date: Thu, 26 Jan 2023 22:09:36 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4adeea2262378239736beff115f7a5a4
3f5dec01a072e26e8f9f436a7d28860fab4e0feb
52959cfee451c390f39e92b6fd2cb07ae7550e5d1ed880ff4f131c2837c377bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52959CFEE451C390F39E92B6FD2CB07AE7550E5D1ED880FF4F131C2837C377BD"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Fri, 27 Jan 2023 00:57:05 GMT
Date: Thu, 26 Jan 2023 22:09:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 21:49:01 GMT
age: 1235
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
shipsmotorw.xyz/utx?cb=mr453iAdmwvK&top=oaxyteek.net&tid=604364
65.9.44.12204 No Content 0 B URL HTTP/2 shipsmotorw.xyz/utx?cb=mr453iAdmwvK&top=oaxyteek.net&tid=604364
IP 65.9.44.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?cb=mr453iAdmwvK&top=oaxyteek.net&tid=604364 HTTP/1.1
Host: shipsmotorw.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 22:09:36 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 26 Jan 2023 22:10:36 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bdc4e02725e6de1af31e5bb25800f68.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: pjWgVXblxzCjK6bY6kkzop80dIwyfjyqf-vp9UJCAS9V7RyFl1KeJw==
X-Firefox-Spdy: h2
reoreexpresi.xyz/bE9LVUZDcCgmez4iciUiBzd7AioUCS47EDYXex9/D356DBICGm0hLwhyfWVyX3l/czYFK3ZkYB87KiEzH3J6cy8CKSRoYBpyent1WGF4ZGheaT5od0o7OzQhUX5tJTIYI3ZkcFt7fGJ2VXh9YHRa
172.67.203.148204 No Content 0 B URL HTTP/2 reoreexpresi.xyz/bE9LVUZDcCgmez4iciUiBzd7AioUCS47EDYXex9/D356DBICGm0hLwhyfWVyX3l/czYFK3ZkYB87KiEzH3J6cy8CKSRoYBpyent1WGF4ZGheaT5od0o7OzQhUX5tJTIYI3ZkcFt7fGJ2VXh9YHRa
IP 172.67.203.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bE9LVUZDcCgmez4iciUiBzd7AioUCS47EDYXex9/D356DBICGm0hLwhyfWVyX3l/czYFK3ZkYB87KiEzH3J6cy8CKSRoYBpyent1WGF4ZGheaT5od0o7OzQhUX5tJTIYI3ZkcFt7fGJ2VXh9YHRa HTTP/1.1
Host: reoreexpresi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 22:09:37 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhn6QAyINCGmaPB9x%2FeMRROERskvpAqvONdT4guMrcv3qEopBrLrCF1rWNCrJblx1CnUbI5RJiPwAiqUmZ50ElA8aNPgk74PTuRgo2YO263cvP5DtksUaaxzr9mtUtATgN5Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fc92edb90db50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shipsmotorw.xyz/utx?cb=fLF7ibE3XRay&top=oaxyteek.net&tid=709056
65.9.44.12204 No Content 0 B URL HTTP/2 shipsmotorw.xyz/utx?cb=fLF7ibE3XRay&top=oaxyteek.net&tid=709056
IP 65.9.44.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?cb=fLF7ibE3XRay&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: shipsmotorw.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 22:09:36 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 26 Jan 2023 22:10:36 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 4bdc4e02725e6de1af31e5bb25800f68.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: eZkzGzb_Rop82IEONlF3lQEdDcAjnein1oAC2LA_C1l9SQ6BEuvCRg==
X-Firefox-Spdy: h2
foortowatch.xyz/ODJkbGdZUAcBWFkPBkoSSl5ZSVV+F1YqAwlTVwYFDVoOAh4NQVBCBFRdEQgBSl0KGElWVxBJVX5kNigPS2BVCwluRS0EPUJwNi8vSEQALSFbUQlZDm1aXAMpUmMiJC8MUCFcFAh3Mxs2XFkLFi5RcyI0IH0CLjo+dFcKWA9uVV1aBm94Pi8kbl4HLlNhfB4PEXpjXAEue3gqLzQMAS8HUnN/DgBSbmMpVSprWjEoMHJDJQtWe1ZXXVV7dzUbKmtCBy0deUA9PRdbeTcUD3teHF4Gf10tPz9pUz09F1t/ICkWfF4MBQZPawA0CVtVBwsfclYmHA97XkkbVnRfISArYGgLDzViUQYCVgpxJR8Od0tdNDRgZwEIAFBWAF4PCXEiXQ5ZXDYJJWxnXSULW2c9AQh7cTIUHlxcNQkgYEIUSg1LXQocWkgLJzsUYGRQOCk
108.157.214.18200 OK 1.2 kB URL HTTP/1.1 foortowatch.xyz/ODJkbGdZUAcBWFkPBkoSSl5ZSVV+F1YqAwlTVwYFDVoOAh4NQVBCBFRdEQgBSl0KGElWVxBJVX5kNigPS2BVCwluRS0EPUJwNi8vSEQALSFbUQlZDm1aXAMpUmMiJC8MUCFcFAh3Mxs2XFkLFi5RcyI0IH0CLjo+dFcKWA9uVV1aBm94Pi8kbl4HLlNhfB4PEXpjXAEue3gqLzQMAS8HUnN/DgBSbmMpVSprWjEoMHJDJQtWe1ZXXVV7dzUbKmtCBy0deUA9PRdbeTcUD3teHF4Gf10tPz9pUz09F1t/ICkWfF4MBQZPawA0CVtVBwsfclYmHA97XkkbVnRfISArYGgLDzViUQYCVgpxJR8Od0tdNDRgZwEIAFBWAF4PCXEiXQ5ZXDYJJWxnXSULW2c9AQh7cTIUHlxcNQkgYEIUSg1LXQocWkgLJzsUYGRQOCk
IP 108.157.214.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3037), with no line terminators
Hash 123278870c408b0f1008618c5d8905ba
230d138d598e66d8e1a9a69b4d4059e315402b18
16dfd5ea792dc33b0bb53d1dead48c444d770e21453f668070d0ada57213d031
GET /ODJkbGdZUAcBWFkPBkoSSl5ZSVV+F1YqAwlTVwYFDVoOAh4NQVBCBFRdEQgBSl0KGElWVxBJVX5kNigPS2BVCwluRS0EPUJwNi8vSEQALSFbUQlZDm1aXAMpUmMiJC8MUCFcFAh3Mxs2XFkLFi5RcyI0IH0CLjo+dFcKWA9uVV1aBm94Pi8kbl4HLlNhfB4PEXpjXAEue3gqLzQMAS8HUnN/DgBSbmMpVSprWjEoMHJDJQtWe1ZXXVV7dzUbKmtCBy0deUA9PRdbeTcUD3teHF4Gf10tPz9pUz09F1t/ICkWfF4MBQZPawA0CVtVBwsfclYmHA97XkkbVnRfISArYGgLDzViUQYCVgpxJR8Od0tdNDRgZwEIAFBWAF4PCXEiXQ5ZXDYJJWxnXSULW2c9AQh7cTIUHlxcNQkgYEIUSg1LXQocWkgLJzsUYGRQOCk HTTP/1.1
Host: foortowatch.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1188
Connection: keep-alive
Date: Thu, 26 Jan 2023 22:09:36 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 3f25be8570bf62f8d4607f79984fccec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: JhqwLbjl7uhZEAv2N9CM2ov992dOfpYYqfYNMlHW1z61ew8x6rKbtw==
ocsp.pki.goog/s/gts1p5/skLwC7qegUg
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/skLwC7qegUg
IP 142.250.74.131:0
Hash e776359c30d3b2493537158bc983c8ff
033d1edb4043b9249bafb4011745fdb9902573c6
4ded863df60ddd84571c5e0554e133c4d551a73ad468547d3bd5ef4c3d5106b7
POST /s/gts1p5/skLwC7qegUg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4adeea2262378239736beff115f7a5a4
3f5dec01a072e26e8f9f436a7d28860fab4e0feb
52959cfee451c390f39e92b6fd2cb07ae7550e5d1ed880ff4f131c2837c377bd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "52959CFEE451C390F39E92B6FD2CB07AE7550E5D1ED880FF4F131C2837C377BD"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10048
Expires: Fri, 27 Jan 2023 00:57:05 GMT
Date: Thu, 26 Jan 2023 22:09:37 GMT
Connection: keep-alive
adf.ly/static/other/main.html
104.20.66.244200 OK 2.4 kB URL HTTP/1.1 adf.ly/static/other/main.html
IP 104.20.66.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Hash b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e
GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-8936a98b6e2a0431;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fc92ee1da1b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14036
Expires: Fri, 27 Jan 2023 02:03:33 GMT
Date: Thu, 26 Jan 2023 22:09:37 GMT
Connection: keep-alive
d1j2jv7bvcsxqg.cloudfront.net/vTDlUODEvVjpeDjhQMAUHfA1nDgVqUydXXzwEBlpZdWsFeUZ5Q3JMSygEZB5dLVczBRcpVzcFAGpYMFoMeB8gSF4nBD5fQSBfNkpTNEhyTVBxVDtCWCBVNR0DCgx6CBR+CXxPWCJdO09CaQtkVkVpC2QJAWIJcQtzaQtkT1giD2AdAg4cZghJeg1xC3NpC2-RKR2kKFQkBeRdkERR+CTNdUidWcQp3fgllCAF9CWUdA3xfPUpUKlYsHQMKCGQNH3wfIQUA
54.230.245.175200 OK 511 B URL HTTP/1.1 d1j2jv7bvcsxqg.cloudfront.net/vTDlUODEvVjpeDjhQMAUHfA1nDgVqUydXXzwEBlpZdWsFeUZ5Q3JMSygEZB5dLVczBRcpVzcFAGpYMFoMeB8gSF4nBD5fQSBfNkpTNEhyTVBxVDtCWCBVNR0DCgx6CBR+CXxPWCJdO09CaQtkVkVpC2QJAWIJcQtzaQtkT1giD2AdAg4cZghJeg1xC3NpC2-RKR2kKFQkBeRdkERR+CTNdUidWcQp3fgllCAF9CWUdA3xfPUpUKlYsHQMKCGQNH3wfIQUA
IP 54.230.245.175:0
File type ASCII text, with very long lines (710), with no line terminators
Hash 3dd9323bee73e19bc843f2ec73e8d5fb
fec96af913fcbffc4106c2e50c1a4bcf0784d65d
ab39142372d499dd598352eb295579ac90660901d0748cb27cf2a4f337c1839e
GET /vTDlUODEvVjpeDjhQMAUHfA1nDgVqUydXXzwEBlpZdWsFeUZ5Q3JMSygEZB5dLVczBRcpVzcFAGpYMFoMeB8gSF4nBD5fQSBfNkpTNEhyTVBxVDtCWCBVNR0DCgx6CBR+CXxPWCJdO09CaQtkVkVpC2QJAWIJcQtzaQtkT1giD2AdAg4cZghJeg1xC3NpC2-RKR2kKFQkBeRdkERR+CTNdUidWcQp3fgllCAF9CWUdA3xfPUpUKlYsHQMKCGQNH3wfIQUA HTTP/1.1
Host: d1j2jv7bvcsxqg.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://shipsmotorw.xyz/
HTTP/1.1 200 OK
Content-Length: 511
Connection: keep-alive
Date: Thu, 26 Jan 2023 22:09:37 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f5vzG1k_b3CkzdvJQL0LnONIRhrPZluxkcBJ16gH9PqkDb3GVYEnaw==
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4b54ff199762c7ea9d8b8789a267ae3
56f0ddaf01403b7680480951a44851b78bed4508
0dd9ae2483b84e7f40f01fe8855864e3399da420c142d58b32b610661e9ce87d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4032
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Last-Modified: Thu, 26 Jan 2023 21:02:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4b54ff199762c7ea9d8b8789a267ae3
56f0ddaf01403b7680480951a44851b78bed4508
0dd9ae2483b84e7f40f01fe8855864e3399da420c142d58b32b610661e9ce87d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3924
Cache-Control: max-age=156060
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Etag: "63d2a969-117"
Expires: Sat, 28 Jan 2023 17:30:37 GMT
Last-Modified: Thu, 26 Jan 2023 16:25:13 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4b54ff199762c7ea9d8b8789a267ae3
56f0ddaf01403b7680480951a44851b78bed4508
0dd9ae2483b84e7f40f01fe8855864e3399da420c142d58b32b610661e9ce87d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6313
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Last-Modified: Thu, 26 Jan 2023 20:24:24 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
www.google-analytics.com/ga.js
142.250.74.46200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 26 Jan 2023 21:34:47 GMT
Expires: Thu, 26 Jan 2023 23:34:47 GMT
Cache-Control: public, max-age=7200
Age: 2090
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
cdn.oaxyteek.net/static/image/favicon.ico
172.64.196.21200 OK 766 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/favicon.ico
IP 172.64.196.21:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a
GET /static/image/favicon.ico HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1674770977.1.0.1674770977.0.0.0; _ga=GA1.1.588936703.1674770977
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:09:37 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:02:25 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-15b72dd35dac079e;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 432
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4c9GdFVDWX%2FjfLyGoEiuniIbCbuLeRMNxB31MB7F88tMLGIVaxaNAQtVYZ%2Bua%2BvIjzBWLIgxiK8XhHlJxC0NeP1WtDCP62bXFffqTj0ZSxyDKLLLviHKANVHxGxb9Gv%2Fw1B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92ef8c8606ed-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP 142.250.74.131:0
Hash 7e1dfa587adabf5bc8c779e4cbe5deee
7ab65d461acaea6d35e653ad57c383a9de0b09f6
8678262f02c986f42a38a388c41338113b9d81491093735b25d0c91eac2423d0
POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 58bee798660dae739b64c6c857490fff
bcfe56f00b749385ca3d2ffb7a68c4a13c186317
800396e3a57e9ebd98a56f8ebab32c3bc576310632d9ece8b282e88c6d20d8f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6135
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Last-Modified: Thu, 26 Jan 2023 20:27:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
d1a3jb5hjny5s4.cloudfront.net/VRDhsR1gnVwIhZzBRCHpvdAFccm5iUh8oNjQFHH4bE0s0EWwQdkozIiAFXGE0JVYLen4hVg96aWJZCCVlcB4YNzcvBQ8mICJNCS43Kk5KMjl5VQM9MShUDWJqAg1Cd312CEQwMSpcAzArYQpcKSxhClx2aGoISXQaYQpcMDEqDlhiawYdXncgcgxJdBphCl-w1LmELLXZocRZcbn12CAsiOy9XSXUedghdd2h1CF1ianReBTU9IlcUYmoCCVxydnQeGXpp
54.230.245.112200 OK 444 B URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/VRDhsR1gnVwIhZzBRCHpvdAFccm5iUh8oNjQFHH4bE0s0EWwQdkozIiAFXGE0JVYLen4hVg96aWJZCCVlcB4YNzcvBQ8mICJNCS43Kk5KMjl5VQM9MShUDWJqAg1Cd312CEQwMSpcAzArYQpcKSxhClx2aGoISXQaYQpcMDEqDlhiawYdXncgcgxJdBphCl-w1LmELLXZocRZcbn12CAsiOy9XSXUedghdd2h1CF1ianReBTU9IlcUYmoCCVxydnQeGXpp
IP 54.230.245.112:0
File type ASCII text, with very long lines (590), with no line terminators
Hash b48027f77c6fb25a2d64521990990aa2
6e33c6e7fc1d387bcb70c11be4074bcab95b7abc
f3e8aeb527f4a9cad152be916ee2c4e3f7888801c41a60b0fe43d121af097aa8
GET /VRDhsR1gnVwIhZzBRCHpvdAFccm5iUh8oNjQFHH4bE0s0EWwQdkozIiAFXGE0JVYLen4hVg96aWJZCCVlcB4YNzcvBQ8mICJNCS43Kk5KMjl5VQM9MShUDWJqAg1Cd312CEQwMSpcAzArYQpcKSxhClx2aGoISXQaYQpcMDEqDlhiawYdXncgcgxJdBphCl-w1LmELLXZocRZcbn12CAsiOy9XSXUedghdd2h1CF1ianReBTU9IlcUYmoCCVxydnQeGXpp HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://foortowatch.xyz/
HTTP/1.1 200 OK
Content-Length: 444
Connection: keep-alive
Date: Thu, 26 Jan 2023 22:09:37 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: O_n7Fctsnr23flts_vnEcAme2rH7WDbW18NhQIyUT-zOuQmTNQBqfQ==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f9e92d8863b76845831b7b68514bcb42
b45e10117293e9b22389e1ddae773cac31883e2c
8b2bde7176878f3aa056c124c031a2aceb18473ecc53c06a73191dbda9ff9ab9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f9e92d8863b76845831b7b68514bcb42
b45e10117293e9b22389e1ddae773cac31883e2c
8b2bde7176878f3aa056c124c031a2aceb18473ecc53c06a73191dbda9ff9ab9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1825101126&utmhn=oaxyteek.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770977172&utmac=UA-69586425-5&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2024550343&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAABAAAE~
142.250.74.46200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1825101126&utmhn=oaxyteek.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770977172&utmac=UA-69586425-5&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2024550343&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAABAAAE~
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1825101126&utmhn=oaxyteek.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770977172&utmac=UA-69586425-5&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2024550343&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 26 Jan 2023 22:09:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=954215531&utmhn=oaxyteek.net&utme=8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770977166&utmac=UA-6469700-9&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=881640955&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
142.250.74.46302 Found 367 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=954215531&utmhn=oaxyteek.net&utme=8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770977166&utmac=UA-6469700-9&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=881640955&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 22af9d2443b36b7a6433f65165a04f93
6e7ca73571b6469109f9251ee0a5ab580678781f
774af3fc1d4531af3115d62c933221f3646d980724da387ce6e6bebd558cd0dd
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=954215531&utmhn=oaxyteek.net&utme=8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770977166&utmac=UA-6469700-9&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=881640955&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=588936703.1674770977&jid=881640955&_v=5.7.2&z=954215531
Access-Control-Allow-Origin: *
Date: Thu, 26 Jan 2023 22:09:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 367
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
54.230.245.39200 OK 52 kB URL HTTP/1.1 dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP 54.230.245.39:0
File type Unicode text, UTF-8 text, with very long lines (15955)
Hash 7d2702de8ee1ab4f1279da50fad1ed2b
2c34518dbd66c96389a79b2a541bb0d1ce9f20e3
e0d443a8ab547c13d0046a852b50f1c5de3e4e23bbba0453fed47836a191c3bb
GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
HTTP/1.1 200 OK
Content-Length: 51504
Connection: keep-alive
Date: Thu, 26 Jan 2023 22:09:37 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MROTQrUSHyp0ZvEBEg8kjfthVyGpVijUsGg8Cda7RrUvqP_pt7-edw==
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash bcb9255807a081579f99f25e039aa3d2
078bd58e0e2ec9406632e5713021f07f3c3e8b5b
76928822036d081e09ff6d3c990d20ed33c40b02e9ca7c00fd51278f88c199a6
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 22:09:37 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-636490983%3A1674770977331281&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHe35OswuRVuf4wh60-vw-zQ9zkLdvQCe1DQSEu5WklzbYpfl13CR6GBQb_-RlEebJReSr2zaQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-jIFJXaZyQ1pXVMo84BC4AA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:xVEPrJAreshF-ss8_S-J_YkEBQylEw:GQkMcWkkoI871Poh;Path=/;Expires=Sat, 25-Jan-2025 22:09:37 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
104.20.67.244200 OK 4.8 kB URL HTTP/2 cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP 104.20.67.244:0
File type ASCII text, with very long lines (1472)
Hash 71532b3ccd0f541fa2b33a046808a2d0
467ae61f53c971449e4fe9a3e941f15a6e323fcc
c7c866fd695e6f215fe8d1d7bb2e2882fedf8b98620a9e7cd54fede855770bba
GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:09:37 GMT
content-type: text/css
content-length: 4771
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:09:37 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "6384-5faa60e6-2ce8da3c9d76af49;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 78fc92efba18b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
foortowatch.xyz/utx?cb=Gat8wzZZTvLu&top=oaxyteek.net&tid=709056
108.157.214.18204 No Content 0 B URL HTTP/2 foortowatch.xyz/utx?cb=Gat8wzZZTvLu&top=oaxyteek.net&tid=709056
IP 108.157.214.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=Gat8wzZZTvLu&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: foortowatch.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 26 Jan 2023 22:09:37 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 26 Jan 2023 22:10:37 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 ae2eaf89e0d81cd8867df60807612b22.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: HsDlKh_WjmpDAS_wnasCoPn2sHxM1wGukmmORuPKGXCgYg75VJUC_g==
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.107.19200 OK 104 kB IP 172.64.107.19:0
Size 104 kB (103906 bytes)
Hash 35ec1bf885ad01351d37e372dd676f83
a1867ac1297bc8e20c5628ff2263afb0a10daea0
a74e59c47d8910b51dbe72ce771a7dde44ab16d565fd3f6b15e9da706cda3d45
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:09:36 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1793
last-modified: Thu, 26 Jan 2023 21:39:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xgRJtYWbKXp%2F0uD1W1nysJb%2BnMQcplQ%2BHVEbgaw7BqvFwaSY4juyry%2FwC7%2FoB7RWH0yWmMGpKyZi5GOG%2FwJnm5aS9%2FmHG5qLKZCTG2zaUdZUsRVKN%2BWpaXoNHziN1Jx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc92ee187f24e0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.oaxyteek.net/static/image/apple-touch-icon.png
172.64.196.21403 Forbidden 436 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/apple-touch-icon.png
IP 172.64.196.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a
GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1674770977.1.0.1674770977.0.0.0; _ga=GA1.1.588936703.1674770977
HTTP/1.1 403 Forbidden
Date: Thu, 26 Jan 2023 22:09:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRKU%2BwaMsZu12rUNMW%2FbBgvJyw%2FAfOgTwJtsNnvGjEdU%2FuMi%2FMduiB9I84ZSxZYnzCuYFidvT1y9E8k%2F1cBrZNh571XgtBOfUWpSuskyDra8SrfmFgV%2Fvf1QEByqmLXuEnUZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fc92ef8bc97576-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash d6469ed783e2651bca1c56b7c4a1d965
e4f1e51128cdf10521ba5f9cdd2fe9b6e8b2bcd3
6fb805bb27e25fc9f044a95a3805727b11858807e45102c1c1906aaf5df85ad4
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 22:09:37 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1292531395%3A1674770977382048&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd5eV4gfU1Pbg5zOQWYLSMSTK9Evy29-8b8Qexb2cMzcmo1xRBdzU7j0afXYS0N9bmVZAASxg
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-3i4KgY1-3jRMx89WIDcRHw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:4XUSdHZqbBYXPeazYcDIBn81KmG3dQ:c5is_kWHYSqrgXPF;Path=/;Expires=Sat, 25-Jan-2025 22:09:37 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4b54ff199762c7ea9d8b8789a267ae3
56f0ddaf01403b7680480951a44851b78bed4508
0dd9ae2483b84e7f40f01fe8855864e3399da420c142d58b32b610661e9ce87d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4032
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Last-Modified: Thu, 26 Jan 2023 21:02:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
34.212.129.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.129.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6PFVeDSPZYrmAuyXLLsGNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: luf/p2kvWHj9Vw59ab4CnIk/1zE=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=588936703.1674770977&jid=881640955&_v=5.7.2&z=954215531
173.194.221.155200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=588936703.1674770977&jid=881640955&_v=5.7.2&z=954215531
IP 173.194.221.155:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=588936703.1674770977&jid=881640955&_v=5.7.2&z=954215531 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 22:09:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 58bee798660dae739b64c6c857490fff
bcfe56f00b749385ca3d2ffb7a68c4a13c186317
800396e3a57e9ebd98a56f8ebab32c3bc576310632d9ece8b282e88c6d20d8f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6135
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Last-Modified: Thu, 26 Jan 2023 20:27:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
cdn.adf.ly/static/css/jquery.loadmask.css
104.20.67.244200 OK 410 B URL HTTP/2 cdn.adf.ly/static/css/jquery.loadmask.css
IP 104.20.67.244:0
File type ASCII text, with CRLF line terminators
Hash 5de4d6c8bf720758f64eae96974bebbf
11642cc6a0f5323d500d41a0fcb1776f05bccc15
771a3c738710f7869f04dbdc4266f53e9e35425943a5775ce9db7c1fc226e639
GET /static/css/jquery.loadmask.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:09:37 GMT
content-type: text/css
content-length: 410
cache-control: public, max-age=604800
expires: Thu, 02 Feb 2023 22:09:37 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "352-5faa60e6-ed1d36b7b05a6c35;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 78fc92efaa09b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:09:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 26 Jan 2023 22:09:37 GMT
Connection: keep-alive
Content-Length: 0
pogothere.xyz/asd100.bin
172.64.107.19200 OK 118 kB IP 172.64.107.19:0
Size 118 kB (118210 bytes)
Hash 183dccc80f9ee3d550a8664dfb7510c4
c8a62a28589d63f70003fb4f7f199ef1f859a14a
23fa67b69a537e8768b034b1b400c27792dcbe5e0fd476ce2ccb50b008cc2ca1
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:09:36 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1793
last-modified: Thu, 26 Jan 2023 21:39:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzbDlaYX7k9jc2N0wY0VGNa%2BzMlKYK%2F3VDbg8OUH0FPnRR1ZYMLpGesKkei8QnN9wkjMVVQ5%2FkNDZlY%2BsHvN4igl1F1VtysZwA5YfSfoOeX5rvD%2BTerG2ohTVEkU2hXE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc92ee187d24e0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 25 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Hash 0ea171d4296b812ac4900dbe94c10730
441a37fdba3caeb233705d64be5ad67859e02ccf
68bc2515b13117b982622c4c9c29f2a287736e89f06b308538c4450e0c109e64
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: q/QONnhs8rfLfuie+OfF2g1B69qAC2Eu1CWhVpAbmsQFCCuYsR2OA1B/ipEyly+3Puo7rl5uW3LAbwPq79owrQ==
date: Thu, 26 Jan 2023 22:09:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L>m=2oe1p0&_p=912330232&cid=588936703.1674770977&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674770977&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-12KJUZ%2FGnIF&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L>m=2oe1p0&_p=912330232&cid=588936703.1674770977&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674770977&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-12KJUZ%2FGnIF&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GT41R23D5L>m=2oe1p0&_p=912330232&cid=588936703.1674770977&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674770977&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-12KJUZ%2FGnIF&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://oaxyteek.net
date: Thu, 26 Jan 2023 22:09:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-636490983%3A1674770977331281&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHe35OswuRVuf4wh60-vw-zQ9zkLdvQCe1DQSEu5WklzbYpfl13CR6GBQb_-RlEebJReSr2zaQ
142.250.74.109403 Forbidden 2.5 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-636490983%3A1674770977331281&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHe35OswuRVuf4wh60-vw-zQ9zkLdvQCe1DQSEu5WklzbYpfl13CR6GBQb_-RlEebJReSr2zaQ
IP 142.250.74.109:0
Hash da2e8a3ea7c433cfa60177b3c9200d9d
324a8d3d6d5f90e6651d828e7e1244937d6bf7b9
3ea0289379a89ec1d06b36e6aee6e525173263b70247ffdd519038fb4a6f89fe
GET /v3/signin/identifier?dsh=S-636490983%3A1674770977331281&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHe35OswuRVuf4wh60-vw-zQ9zkLdvQCe1DQSEu5WklzbYpfl13CR6GBQb_-RlEebJReSr2zaQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 22:09:37 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-iSuk1FMOWKPRawjGubMZHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:09:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:09:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:09:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:09:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7176
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 22:09:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 262b43386e404cb3d320c47c4cf792c1
87f304f8583fe6b6e942a9dbcb5efb5ee94987f2
ca0f72005920b2b2f49c387314540f3cd2f3d7808f0365dfb1c491500e8a8714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8065
x-amzn-requestid: 4a4a6d4c-9c4b-418d-be96-8a0d1de4828a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuHZsoAMFmWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-74c21aa22d11c4240019a4b3;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ep_QyiLEIxubEC9RgbxdlAVYnQ65fxR22squ9p-9aXfpUVyah_oSow==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:43 GMT
age: 1315
etag: "87f304f8583fe6b6e942a9dbcb5efb5ee94987f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0fe44d9606e6a149a253423f312dfc5
78e442e8a9142311c25dafd01823a240f4acb0d6
9aad8938c1fda9641f95a4369f57ea57303a28e05f56e3bb1961e17cfbb123f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13175
x-amzn-requestid: 14ccf28a-a84a-4903-9edc-7659096cb3ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRxOCFrkIAMFt8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0958c-6a67f1aa65038439793808fd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:35:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 10J4VSVgerDXDZu4y_1eRSX9p883b6Rx82BCc-B2Ck4Z8Eh31jB5uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 06:22:41 GMT
age: 56817
etag: "78e442e8a9142311c25dafd01823a240f4acb0d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:15:25 GMT
age: 53653
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3d856f57bcfd0bb18253cd77dd6541b
9d9680fb1a9232bb2b42b824dc11633666bfa31a
f2a03384e72a4d3350ee6addc49d6a507837eb195647016ea001e846eaccb0e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6055
x-amzn-requestid: dd44b3ab-6248-419a-995a-f3aaf59dae77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLRhMFPYIAMF91g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfc6d-4df410b022dbbb55297e6ac7;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:18:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c02qyu1rphr_LpUAQQRaTxlNGeEl-yKmVpshfKoWlsfKWiiciJURAw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:45:22 GMT
age: 48256
etag: "9d9680fb1a9232bb2b42b824dc11633666bfa31a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:35:59 GMT
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
age: 12819
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3df3868d4a13270faf944f911637a7
1b69b2433956c79510bc4a013648a5fb12882884
e13e2ca5d6552a96eb972936f553937a5aff566eb37f39b0928f15d3eeab617f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11372
x-amzn-requestid: d50f0c0e-a383-419a-a3ca-630d5fd32821
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPAw_E_rIAMF0hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf7b39-64abe6b72176db7d7b67f315;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 06:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7AecnloBAOZbROe_gGLZL8AcwRb1rrSIo577CwGZpzyDdtRa-Ae_9Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 1350
etag: "1b69b2433956c79510bc4a013648a5fb12882884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=1209440068&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770981511&utmac=UA-6469700-9&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAABAAAE~
142.250.74.46200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=1209440068&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770981511&utmac=UA-6469700-9&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAABAAAE~
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=3&utmn=1209440068&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=912330232&utmr=-&utmp=%2F-12KJUZ%2FGnIF&utmht=1674770981511&utmac=UA-6469700-9&utmcc=__utma%3D198071217.588936703.1674770977.1674770977.1674770977.1%3B%2B__utmz%3D198071217.1674770977.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Thu, 26 Jan 2023 02:27:08 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 70953
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
reoreexpresi.xyz/popunder.gif
172.67.203.148200 OK 0 B URL HTTP/2 reoreexpresi.xyz/popunder.gif
IP 172.67.203.148:0
GET /popunder.gif HTTP/1.1
Host: reoreexpresi.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:09:36 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 175745
last-modified: Tue, 24 Jan 2023 21:20:31 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAfhAa8oR7USB0OVnshPmaf8%2BRzGNhORFT5awWTPeM4iC8nkW1pbpQhIZMGOsrSDq9dZzy%2Bbu6%2BIKaq32FIorlRX3e8t%2BrAGxsF1zHleZwQ435x2LMq9uMbYCK30NtE7P%2F3i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc92ec9f9ab50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oaxyteek.net/funcript1674770976506.php?pub=25832099&v=gNzyMojjAI5kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjyRci3N9TGcZ0uMlW2FVjoYAjCBMjuNUDzcLwhNx2GMb1pNpG3RbjNYJTigOyiMQ2nQb3lMdTWAY5yMVD2Ic41IJny0eT=
172.64.197.21200 OK 0 B URL HTTP/2 oaxyteek.net/funcript1674770976506.php?pub=25832099&v=gNzyMojjAI5kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjyRci3N9TGcZ0uMlW2FVjoYAjCBMjuNUDzcLwhNx2GMb1pNpG3RbjNYJTigOyiMQ2nQb3lMdTWAY5yMVD2Ic41IJny0eT=
IP 172.64.197.21:0
GET /funcript1674770976506.php?pub=25832099&v=gNzyMojjAI5kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjyRci3N9TGcZ0uMlW2FVjoYAjCBMjuNUDzcLwhNx2GMb1pNpG3RbjNYJTigOyiMQ2nQb3lMdTWAY5yMVD2Ic41IJny0eT= HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/-12KJUZ/GnIF
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:09:37 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8bZmrAXKan1EEYeqb0lGu1sR4xy58sWKnWyeAVq%2BuLF8WvONaCi7ztH70ZKkbtFkg37ES%2F4scP0lluRaut%2F2BCewxSJuBCoM4HhpDcqzZvtcoNa8KG0%2B%2FSmYglWZxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fc92edc97d23fb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.107.19200 OK 0 B IP 172.64.107.19:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:09:37 GMT
content-type: text/plain
set-cookie: csu=795442120142146@1@1674770977; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxPdILkqBaUaEYt7pug%2FtHvSpnswbQA0EC12l0UJbo2KkvwKbaeN3V7Op6x16wf1sXKUNwcw25IJXWjQnxhvLe6NbZ%2BqRqnzi8hCgPfgGsHVaqwtznqix7u86jTwRDnP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fc92ee187024e0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1292531395%3A1674770977382048&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd5eV4gfU1Pbg5zOQWYLSMSTK9Evy29-8b8Qexb2cMzcmo1xRBdzU7j0afXYS0N9bmVZAASxg
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1292531395%3A1674770977382048&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd5eV4gfU1Pbg5zOQWYLSMSTK9Evy29-8b8Qexb2cMzcmo1xRBdzU7j0afXYS0N9bmVZAASxg
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S1292531395%3A1674770977382048&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd5eV4gfU1Pbg5zOQWYLSMSTK9Evy29-8b8Qexb2cMzcmo1xRBdzU7j0afXYS0N9bmVZAASxg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 22:09:37 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-gnsb5rEdLxmyZA4t5W9QJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2