r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10ab470535c002d333b4f27d38b51091
ed3b0850c5d75881de410f7e8ca35e012e38bd38
31d6655d048ec8a62e00125766fea65cde04beae0b11f12ce7f722c9a5f7e232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31D6655D048EC8A62E00125766FEA65CDE04BEAE0B11F12CE7F722C9A5F7E232"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Wed, 19 Oct 2022 04:35:35 GMT
Date: Wed, 19 Oct 2022 03:58:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 19 Oct 2022 03:51:34 GMT
Expires: Wed, 19 Oct 2022 04:38:04 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BKAvIHOzsmfnMdqhR5ZN1bzrbBN3FFpuFvsFKP97BCJVSljBCYK3Rw==
Age: 400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3603
Expires: Wed, 19 Oct 2022 04:58:18 GMT
Date: Wed, 19 Oct 2022 03:58:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SUqgGprs+ezzCa//k43PGWR+gdF/8BC1QyxiErPa41d2MHI2ZcKh12lUzoJiwB5iMXBn9QhxNNU=
x-amz-request-id: NWKR96R0QJ3S2D67
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 19 Oct 2022 03:04:06 GMT
age: 3249
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
rapidteria.com/31Na
104.21.59.85301 Moved Permanently 0 B IP 104.21.59.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /31Na HTTP/1.1
Host: rapidteria.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=u6detau0dvmqj746j5549qv6rj; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: adfly
strict-transport-security: max-age=0
location: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VlHQnBEDFTdPdJ4jbI2fU9c2Rlm51NgK0HNdasZbOvU9%2B82XPf7cIH%2FyzGHbYGPto6XCYYcPRf%2Fi87uWuulv%2BsqOwIngFWEvxczfGZXLxk9KF%2Fn8umCLhP8NamFrQWzzw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c6981ede810b39-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 19 Oct 2022 03:58:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 19 Oct 2022 03:43:40 GMT
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 04:00:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IGcX5dNDcsKnJTFi8_wlzYDtCYT0Pvii-NQoYCXAD9L7K4esyeFQXw==
Age: 875
neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
104.21.0.99200 OK 5.2 kB URL HTTP/1.1 neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
IP 104.21.0.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 23e2c2f1d30e6504855959c9b482c3e0
196f7afb116bf325552b285cadb27e2d78fd6eba
c425f88618dc843f0b12bf61aac7eb7dd4ed5b71c61206cff9854653e13b3f94
GET /-36713PKUC/31Na?rndad=1532635802-1666151895 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=b4bk2qoraesgfup7p3rva4lp2d; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Thu, 20-Oct-2022 03:58:15 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Thu, 20-Oct-2022 03:58:15 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp3=1532635802; expires=Thu, 20-Oct-2022 03:58:15 GMT; Max-Age=86400; path=/; domain=.neexulro.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 19 Oct 2022 03:58:15 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTZgrts4XCFiw6%2FUF%2FgQnxQDNVK1ewixNTTnPhx07VGkC30DFE3igBaqhs47s5ZQqAPjL1MkIcGTmOWGNka%2FlUn2mi6jpOyHsQAXrIGRDI7M637uPEHzzFm7E5gIIfo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c698209b840b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/css/adfly_7.css
104.21.0.99200 OK 875 B URL HTTP/1.1 cdn.neexulro.net/static/css/adfly_7.css
IP 104.21.0.99:0
File type ASCII text, with very long lines (2735), with no line terminators
Hash f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a
GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-b79b494dafd99b83;gz"
expires: Wed, 26 Oct 2022 03:02:53 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3322
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRbhWoAJ7JUWvSWtx31ITGqkuqXuZ2Afn012sua5KQ3y1AcbWdbx8%2FXbf3IgKcCBAlYNabmMm1rEdc1ZWss5eCUvCNeWXw7on6OFH0He1D40EzRRnn3GBEh9XTJn4%2B5rmhH5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c69823298bb4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/amvn.js
104.21.0.99200 OK 84 kB URL HTTP/1.1 cdn.neexulro.net/static/js/amvn.js
IP 104.21.0.99:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash e18d104a40e619d317d1b6bb2c0fd0f0
35a5b6b1052b39a5bf179b8af187351e03dff764
a8220537839a1da60e0bb97e8c27ec823dae4bb88934da6e17a049f1075be2d6
GET /static/js/amvn.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: application/x-javascript
Content-Length: 84159
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:02:53 GMT
last-modified: Wed, 19 Oct 2022 00:20:02 GMT
etag: "3f14d-634f42b2-68246e5d7e600ef7;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3321
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzeiqXdIOpF5oDUoPQCcpeuQgRcfJDTWh1RO%2Buc5x6LMpsoWgk8i%2B%2FborpK3Y7tY98LdfkBc1VC5fC9zHo%2BLu6stQQjSrBJ5L2cmMHXjyYJsOjHRg9DRZjO%2FuRs5Yhms7lmg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c6982338630afe-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/view118_bidshow.js
104.21.0.99200 OK 4.0 kB URL HTTP/1.1 cdn.neexulro.net/static/js/view118_bidshow.js
IP 104.21.0.99:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:03:01 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-53ef1c725fb7c923;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3314
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YolvyOGhrF%2BVBLArM9HEuATazFF3vL0dOJZ2FMaU8ijC903Zu2kAUPTDyOjRBqjznjdMGAAlMm3HBs%2FxhMDCooX9fvVD8B4GyKfmmu8dsDeR29FH4mXLJtrt2KrYlUE%2Baab3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c698233893b518-OSL
alt-svc: h2=":443"; ma=60
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.74200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.74:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 18 Oct 2022 09:55:18 GMT
Expires: Wed, 18 Oct 2023 09:55:18 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 64977
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c9b278637bdca251f78b46e4a0850473
a48fe5095fc27af1c6b6628149d9e8f655295621
eea38f271e134a85a7b586631a8831888ab81f0edb33120b26bd35cdfa032e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2849
Cache-Control: max-age=104159
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:15 GMT
Etag: "634e5e95-1d7"
Expires: Thu, 20 Oct 2022 08:54:14 GMT
Last-Modified: Tue, 18 Oct 2022 08:06:45 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
54.230.245.125200 OK 36 kB URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP 54.230.245.125:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash eafbe0525a0388e3f244d5abb189f491
3a1aa1b9b8026b25ef27a33a6067b1006e94d3e8
c885b28d65027906177c217c4cfdab1e7739274366ea6d03679ff7bf3f6ae33c
GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Content-Length: 36018
Connection: keep-alive
Date: Wed, 19 Oct 2022 03:58:15 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LWONryvR34J0wyAZdtU3WUAP98vwO2a48jAtvr9XNKCPpfzE2FsXVQ==
cdn.neexulro.net/static/image/skip_ad/en_tran.png
104.21.0.99200 OK 5.1 kB URL HTTP/1.1 cdn.neexulro.net/static/image/skip_ad/en_tran.png
IP 104.21.0.99:0
File type PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29
GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:03:34 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-d082b40bd28384ce;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3281
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgfaOP8S4GvCn7dwY8%2BRmInBlc%2BrxkO4%2FVpyPFG0Q35WoajG%2FHC4JWaIUVPIk4SkljmkT1wKOMwvlKxDKCN75tw2Z380j0v5gj5MQGeF0NrSboE8YBUA7ojJGpn3hKp%2FKHSi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c698244915b518-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/delete2.png
104.21.0.99200 OK 577 B URL HTTP/1.1 cdn.neexulro.net/static/image/delete2.png
IP 104.21.0.99:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:03:01 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-9320ae10e0d19c6b;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3314
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDfBLwKZYbzx36B0YMS2AKTztDNl%2F2wQa0op8vGQsIW5FTVgbjJXY%2BZDJfeCAfgLZgNIB22KcFLRycQSMDB26bSKxVXQ88GH4fOSJAGYyEXgTLhVWDWvnuX8cAmYK9xSOZkk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c6982448b00afe-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/spinner.gif
104.21.0.99200 OK 36 kB URL HTTP/1.1 cdn.neexulro.net/static/image/spinner.gif
IP 104.21.0.99:0
File type GIF image data, version 89a, 39 x 39\012- data
Hash 2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
GET /static/image/spinner.gif HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:03:01 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-3e1a311be9cf3f91;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3314
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9X66n8EmDauyESD%2Bk1AmRxvNTJCP7ca61qMrdkCLKsv0Zbi1Acnv2Y%2FnpJPo7PJGAf0CvsA7N9HXVBPkIfDIajkItCGOl%2BKEo3vHixXDJnXB92%2FEpTBQusntUOEqYt0uBsg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c698244ebfb51d-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/logo_fb2.png
104.21.0.99200 OK 6.3 kB URL HTTP/1.1 cdn.neexulro.net/static/image/logo_fb2.png
IP 104.21.0.99:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:02:56 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-8113dca053ec939e;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3319
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FaXhJbYpYq3MSRjx2cySrgrxE90nGDxWP3UCfrb3JB9zwQ%2F3Q%2B5Gm6k2KL9xTMBL1g6tL9MDUYnS8ymjc5CV37TXHY%2B%2BsmEH8yiqwsiPvSZh5FIhNBqrjj5qpDd5DWuftn%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c698244fbbb4f9-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/ahl6532.gif
104.21.0.99200 OK 3.2 kB URL HTTP/1.1 cdn.neexulro.net/static/image/ahl6532.gif
IP 104.21.0.99:0
File type GIF image data, version 89a, 166 x 58\012- data
Hash 48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:03:01 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-bdf1ebb6d8b3a2e3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3314
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcv%2Ft1EeV9TvmoiKUr2ICMJKG00Kj7GRPq7R5LIawRLNg5ch6xp2VR%2B42UnFuoJoE86M1nyx18hX1oMEeynx9CcHq28xbt03k672KdqmWACid%2BM6thxPjantZsZb%2FozVgnTA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c69824591eb518-OSL
alt-svc: h2=":443"; ma=60
neexulro.net/js/display.js
104.21.0.99200 OK 5.8 kB URL HTTP/1.1 neexulro.net/js/display.js
IP 104.21.0.99:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: FLYSESSID=b4bk2qoraesgfup7p3rva4lp2d; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:02:57 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-1bb6c6fda6fd5163;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3318
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yk5MqwYW%2B2tdStlKC4XlBEaJVOCCazmo%2BIYYLyd3dlun2g3KDaoWvV6O4nMIYWKZMf3CRqO9zRYwTbHqwTIiaH9WA2sWWVOwKJAGiCiZRhfXkxFztWtGgF76vs5MTsg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c698249cad0b4d-OSL
alt-svc: h2=":443"; ma=60
entriflingw.xyz/popunder.gif
172.67.174.234200 OK 58 B URL HTTP/1.1 entriflingw.xyz/popunder.gif
IP 172.67.174.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79c15b369d32d2f0f17c116f541b6df3
3039289d4d1f5bc7385a81621deb2614423b769b
e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
GET /popunder.gif HTTP/1.1
Host: entriflingw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 39959
Last-Modified: Tue, 18 Oct 2022 16:52:16 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWqjTiFB%2FgmN%2F8bgO8FlWr7jZTQ%2FHIBMsEYnRYTnFzqIRxPvV8%2BdoVwHIhZM84hERh0%2BWvgY3CW%2BggjIFpoC5rNTcLO6kdMa%2FqW4uTHfayqo1V4eRbicuffFuis2cYDV0Yo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c698249ee7b4f7-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 488d5de4809edc067920acd6de1342c8
3a0ebb65245784253fa15adbc972fe0fe2d68535
66c9ac655514eb4869c12dfed77bd9e2d8a401978bad7898020f13c204b7aec0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "66C9AC655514EB4869C12DFED77BD9E2D8A401978BAD7898020F13C204B7AEC0"
Last-Modified: Tue, 18 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20483
Expires: Wed, 19 Oct 2022 09:39:38 GMT
Date: Wed, 19 Oct 2022 03:58:15 GMT
Connection: keep-alive
cdn.neexulro.net/static/js/main.js?v=2022052901
104.21.0.99200 OK 705 B URL HTTP/1.1 cdn.neexulro.net/static/js/main.js?v=2022052901
IP 104.21.0.99:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: application/x-javascript
Content-Length: 705
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:49:01 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-8cbcca2019146215;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1r6RWhz3cYuBipQjbF%2FXaGIROAmOpstQvaQ2iKqveRr%2B7%2BgV3VJ6fgUNpkYDsLx9Cd5kDtz3GF2YnC2dO0nm6L4sNnEfkCHCxakVEpYpiqbvaD%2BlNwIIIBRUk25iRxqd4Xh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c698232fdc0b39-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 370a3bf92dc1c96dfb35f0231111f38d
bd47ab15d7274f0010df01ae287a7ea1cc474272
aea19bb4f9b124452fa9e1a7c7a62750a6979db8c5270c8b89e0c91a0365435c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AEA19BB4F9B124452FA9E1A7C7A62750A6979DB8C5270C8B89E0C91A0365435C"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1884
Expires: Wed, 19 Oct 2022 04:29:39 GMT
Date: Wed, 19 Oct 2022 03:58:15 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/d_top_bg.png
104.21.0.99200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/d_top_bg.png
IP 104.21.0.99:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:03:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-8cdf0c0df6a4e2a9;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3303
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDSrzfkeFksJrtqjRlzfh6PzC2oEMvSx3zK3yb3EB4MgY%2Fz6j%2FSLEKduhmvzPBMWtRFQLzFcA0WRtaqRN6E00oJVrO5oe0nmksxXDdqdLY%2F8OdLoYmQ5y21ypBSFArvZXC0M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c6982508e50afe-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/d_bottom_bg2.png
104.21.0.99200 OK 2.8 kB URL HTTP/1.1 cdn.neexulro.net/static/image/d_bottom_bg2.png
IP 104.21.0.99:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:03:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-4be0e3e54c61ce38;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3303
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOtjyUDMkfUf%2FgTyvBc2ixdX3nN22Rxbbo0ymY%2F46WVZKIwRjPqTDrwn1vv8FtkjaALXLTdgpqhlpkAYls70lrAmLA%2Fw3jJSGbEjnG6hQP%2Fvn6O5TaO%2BBYLO%2BYbtmEf7XVz0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c698251f1cb51d-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5184bc44914d41e00006a64e227f2587
f1854d16daa5ebd8fe53abf93d8492c18f7a026f
d4d172ce9d5d01a563fc406fce21dc36f9a95e08ab5d35c5fcbfda991d26f01e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D4D172CE9D5D01A563FC406FCE21DC36F9A95E08AB5D35C5FCBFDA991D26F01E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12465
Expires: Wed, 19 Oct 2022 07:26:00 GMT
Date: Wed, 19 Oct 2022 03:58:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5184bc44914d41e00006a64e227f2587
f1854d16daa5ebd8fe53abf93d8492c18f7a026f
d4d172ce9d5d01a563fc406fce21dc36f9a95e08ab5d35c5fcbfda991d26f01e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D4D172CE9D5D01A563FC406FCE21DC36F9A95E08AB5D35C5FCBFDA991D26F01E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12465
Expires: Wed, 19 Oct 2022 07:26:00 GMT
Date: Wed, 19 Oct 2022 03:58:15 GMT
Connection: keep-alive
entriflingw.xyz/VEJlYzV7fQYQCDcaKyxjEgAiMgZlJT82YxwnCAddBnInVmwDD0MXXDB/UlMMZHdTRUU9JlhRDHIxEQJBITFYUhM9LAMMCHI0WFIbZGxTUxtkZBBeBHI2FQJSaXNDE0EgLlhSA2J0VFYEbXJWWwNi
172.67.174.234204 No Content 0 B URL HTTP/2 entriflingw.xyz/VEJlYzV7fQYQCDcaKyxjEgAiMgZlJT82YxwnCAddBnInVmwDD0MXXDB/UlMMZHdTRUU9JlhRDHIxEQJBITFYUhM9LAMMCHI0WFIbZGxTUxtkZBBeBHI2FQJSaXNDE0EgLlhSA2J0VFYEbXJWWwNi
IP 172.67.174.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VEJlYzV7fQYQCDcaKyxjEgAiMgZlJT82YxwnCAddBnInVmwDD0MXXDB/UlMMZHdTRUU9JlhRDHIxEQJBITFYUhM9LAMMCHI0WFIbZGxTUxtkZBBeBHI2FQJSaXNDE0EgLlhSA2J0VFYEbXJWWwNi HTTP/1.1
Host: entriflingw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 19 Oct 2022 03:58:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL6iemRgfWB6NMOZPeyMKGwOrXqBtdcyjnwaV9eimatF4Ubd4z2EXfT8MzhiNG1bxFLbNPcA6%2Bub9IAUVNB6XTwN5xYUHqWk3983JhC5y%2FmxppcVGcl0O55IskpbjpehecU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c69824cd660b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
entriflingw.xyz/Wkt0aGR1dBcbWQkdLiUxDwVCMlc2LBcwCC8vMwQdPAwmWD09bQABAGd9RFxXbH9SGA0+dkVOFy4qAB0XZ3pSAQo8JElOEmd6WltQdHlNRlR8PklZQi47FQ9Za20EHBA2dkVeUmx6QVldanhNWVM
172.67.174.234204 No Content 0 B URL HTTP/2 entriflingw.xyz/Wkt0aGR1dBcbWQkdLiUxDwVCMlc2LBcwCC8vMwQdPAwmWD09bQABAGd9RFxXbH9SGA0+dkVOFy4qAB0XZ3pSAQo8JElOEmd6WltQdHlNRlR8PklZQi47FQ9Za20EHBA2dkVeUmx6QVldanhNWVM
IP 172.67.174.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Wkt0aGR1dBcbWQkdLiUxDwVCMlc2LBcwCC8vMwQdPAwmWD09bQABAGd9RFxXbH9SGA0+dkVOFy4qAB0XZ3pSAQo8JElOEmd6WltQdHlNRlR8PklZQi47FQ9Za20EHBA2dkVeUmx6QVldanhNWVM HTTP/1.1
Host: entriflingw.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 19 Oct 2022 03:58:15 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCGpaxav6hF6TFoapyoi6iv5GZOkAn4RQTWJMRv%2BUQkHQKIbOV4ORUVfY%2B2gIu5MOc%2FGJoN78sK5cF142UvzGfZ%2B7wEGMoheRCTOjOSm8bJ4eejo1dVLrld0B38%2FfTIGojo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c69824ed6e0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 488d5de4809edc067920acd6de1342c8
3a0ebb65245784253fa15adbc972fe0fe2d68535
66c9ac655514eb4869c12dfed77bd9e2d8a401978bad7898020f13c204b7aec0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "66C9AC655514EB4869C12DFED77BD9E2D8A401978BAD7898020F13C204B7AEC0"
Last-Modified: Tue, 18 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20483
Expires: Wed, 19 Oct 2022 09:39:38 GMT
Date: Wed, 19 Oct 2022 03:58:15 GMT
Connection: keep-alive
getherefwu.xyz/a3d1TXkKFRYgRgpKF2sMGRtIaEstUkcLHR0bTTUYGxAFPB4IRlsuFQQCESsLBBkBYxcOA1B/PyMSLT0BJiEsLD85Ti0sKFsjMxwBDCQgeDopRT8rPCo9EAI4Bz84fkFSMwIAKD0dRRs2LiUmBS9TODZ8LxkkIzodPjMSKCtaEyACOxs/JA8aWD8nJTQpLzQDOgNCFCwODDQzfCxORTcOERgtIic3DTMNDDQkDywMPi1HQwo/UjMRfzczJBkcPTEbMA4oKjUPHhMDIjR/ID0yDXQ8JxsNBCg+GwAZAD0/NxU3IDgzHD0xEAYALyo+LRw8ExE0FUAIJDBgPzw6DSIrIx8nJilbHzcMPjE9Jn08KhRFOTItRhImMSkAEB4hJTslCB4jEjAhGik2DSNfAQQaIwlWNTsmDxIWEiYVKUIWBg
108.157.229.5200 OK 1.2 kB URL HTTP/1.1 getherefwu.xyz/a3d1TXkKFRYgRgpKF2sMGRtIaEstUkcLHR0bTTUYGxAFPB4IRlsuFQQCESsLBBkBYxcOA1B/PyMSLT0BJiEsLD85Ti0sKFsjMxwBDCQgeDopRT8rPCo9EAI4Bz84fkFSMwIAKD0dRRs2LiUmBS9TODZ8LxkkIzodPjMSKCtaEyACOxs/JA8aWD8nJTQpLzQDOgNCFCwODDQzfCxORTcOERgtIic3DTMNDDQkDywMPi1HQwo/UjMRfzczJBkcPTEbMA4oKjUPHhMDIjR/ID0yDXQ8JxsNBCg+GwAZAD0/NxU3IDgzHD0xEAYALyo+LRw8ExE0FUAIJDBgPzw6DSIrIx8nJilbHzcMPjE9Jn08KhRFOTItRhImMSkAEB4hJTslCB4jEjAhGik2DSNfAQQaIwlWNTsmDxIWEiYVKUIWBg
IP 108.157.229.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3019), with no line terminators
Hash 0e283801ba626a31ee8e609f26f04773
3fdd29749c2a3b477d61c925a45519ef544eefd3
c18b62f7e91bd7241e299d7968aaf75e70880f70a934238d31b1cf1c7e7e2ad1
Analyzer Verdict Alert quad9 Sinkholed
GET /a3d1TXkKFRYgRgpKF2sMGRtIaEstUkcLHR0bTTUYGxAFPB4IRlsuFQQCESsLBBkBYxcOA1B/PyMSLT0BJiEsLD85Ti0sKFsjMxwBDCQgeDopRT8rPCo9EAI4Bz84fkFSMwIAKD0dRRs2LiUmBS9TODZ8LxkkIzodPjMSKCtaEyACOxs/JA8aWD8nJTQpLzQDOgNCFCwODDQzfCxORTcOERgtIic3DTMNDDQkDywMPi1HQwo/UjMRfzczJBkcPTEbMA4oKjUPHhMDIjR/ID0yDXQ8JxsNBCg+GwAZAD0/NxU3IDgzHD0xEAYALyo+LRw8ExE0FUAIJDBgPzw6DSIrIx8nJilbHzcMPjE9Jn08KhRFOTItRhImMSkAEB4hJTslCB4jEjAhGik2DSNfAQQaIwlWNTsmDxIWEiYVKUIWBg HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1176
Connection: keep-alive
Date: Wed, 19 Oct 2022 03:58:15 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 ce3c66cc97e84e18b943362365d9ba66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: f5OSSpXfhMp2Pxac0iXJRVSqm64cu-4U4ivJ6YWSdY0QwhZnV1h2cQ==
cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
104.21.0.99200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
IP 104.21.0.99:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:58:15 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-616091c58406c4e2;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyp50t1FnNYLqF%2B9x5V97CIteQlnb0W7erLnFadmJ1KH2uINJqagvF1P7loaNw3xCIkpaN%2FRuhJ520EPWwEv9S6kcB7chsQlYfCipN0z1UHDkB7%2F2QGmizBZlyhEeEb%2B7zik"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c6982449e6b4fd-OSL
alt-svc: h2=":443"; ma=60
neexulro.net/2market_bidshow.php?user_id=19267661&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww.vagas.com.br%2Fempregos%2Fboticario&url_id=5724774027&t=06357cdef8ff951f6e733522287be077&w=b56934d9f971bbcb197007f441954c71
104.21.0.99200 OK 82 B URL HTTP/1.1 neexulro.net/2market_bidshow.php?user_id=19267661&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww.vagas.com.br%2Fempregos%2Fboticario&url_id=5724774027&t=06357cdef8ff951f6e733522287be077&w=b56934d9f971bbcb197007f441954c71
IP 104.21.0.99:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c
GET /2market_bidshow.php?user_id=19267661&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww.vagas.com.br%2Fempregos%2Fboticario&url_id=5724774027&t=06357cdef8ff951f6e733522287be077&w=b56934d9f971bbcb197007f441954c71 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: FLYSESSID=b4bk2qoraesgfup7p3rva4lp2d; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:15 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIbGcHlsOi6v2hyX3m9Xuw5u42IkAFT7xOD52bq6NYAPF700bB56SisOC5aqIgORWfT%2FsD6RJzXf2yNH8fptgTznhYugjEYPGf1uN%2F5syhsPQ1IOFoHoE7XeFFc6x0U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75c69824fcd20b4d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
getherefwu.xyz/utx?cb=zaAA70IzKkL2&top=neexulro.net&tid=604364
108.157.229.5204 No Content 0 B URL HTTP/2 getherefwu.xyz/utx?cb=zaAA70IzKkL2&top=neexulro.net&tid=604364
IP 108.157.229.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?cb=zaAA70IzKkL2&top=neexulro.net&tid=604364 HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 19 Oct 2022 03:58:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 19 Oct 2022 03:59:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 269b0fad85dfd450220cf6573a2d384e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: kEEAd1ieXyg80qbG6i3EahPNQ19r6xZ2IoKXCcUugK3rZ0cmktchrg==
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 103 kB IP 172.64.199.35:0
Size 103 kB (102745 bytes)
Hash 5d9ebe1b116b2247c0e66d7b79f1aa95
5d7b92a75c9c7832163d905946cb79708233a48f
3f77e20bcbae5be8229c1ea4b91a9d49948deaa0b19090ef34e7ee1fa0f6ed9d
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2721
last-modified: Wed, 19 Oct 2022 03:12:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u15yoB39Z7j%2FrPFHyHvztsjdQPRarLaoPZiijXmWUqRqP7C72lCwASXTwzSt1eagGnRo1v1wzJygTx8vHEqC6CiQxxHY%2BjtVbaKZWe84qO%2BWq6V6pjp6mfFfGmuCn5Ev"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c698257ae474b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
getherefwu.xyz/utx?cb=Bglq5rw4YJ5E&top=neexulro.net&tid=709056
108.157.229.5204 No Content 0 B URL HTTP/2 getherefwu.xyz/utx?cb=Bglq5rw4YJ5E&top=neexulro.net&tid=709056
IP 108.157.229.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?cb=Bglq5rw4YJ5E&top=neexulro.net&tid=709056 HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 19 Oct 2022 03:58:15 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 19 Oct 2022 03:59:15 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 269b0fad85dfd450220cf6573a2d384e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: I5TS_jiwRH-gyIs9t58BL5A0GXypg5OXD7jQnuc70rJOopkXNK0Unw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lguUNJBw1LIlVVYhw90UDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QkLeKTbWaBRtW7jRwT454RCRBqE=
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c34def7a05a057e1895601b8fd3e094
2d268b4d3887e681a7a347704b7dfca0a297b14f
654dc5ea6988802edebf4264eabc3813dd9263355eec520f5505b5371613d952
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "654DC5EA6988802EDEBF4264EABC3813DD9263355EEC520F5505B5371613D952"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10773
Expires: Wed, 19 Oct 2022 06:57:49 GMT
Date: Wed, 19 Oct 2022 03:58:16 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/favicon.ico
104.21.0.99200 OK 766 B URL HTTP/1.1 cdn.neexulro.net/static/image/favicon.ico
IP 104.21.0.99:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a
GET /static/image/favicon.ico HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:16 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 26 Oct 2022 03:08:15 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-15b72dd35dac079e;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 3001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wx8wUPsMJtcc0xkFVilVjCaOiWWwa0GOTh18%2FxL4WE0HA7TPD2CyeXQ6ZVYg3Ecfok9P%2FqS8wgaAmmBC1BSz4%2FPC65NZgVxbR6KOiiK%2FymFtDHyVo9NmjIYK0hxLYjSjzptG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c69826efd8b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
Hash ccf7b1d7bb2c4010611f3a14c34492c0
14f03d6cfbded0b4becdb7eff258a9a9a4ebb9b7
898b1ef36e52255a0f26f5f3e3340fd4261441120223b31b156c25ed208d804f
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Wed, 19 Oct 2022 03:05:25 GMT
Expires: Wed, 19 Oct 2022 05:05:25 GMT
Cache-Control: public, max-age=7200
Age: 3171
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 325555f8766a0c9d9f4357e77e94cb07
21eb606142da285a6a6750fba560cd99fea1c34f
642b267a9dc106c9c6bac5bbfa574cd6b28a206fa6239d30b692bb148ebdc183
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4409
Cache-Control: max-age=126965
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Etag: "634eb194-1d7"
Expires: Thu, 20 Oct 2022 15:14:21 GMT
Last-Modified: Tue, 18 Oct 2022 14:00:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 54771211784c0c7057e8eec201a79967
d8a1ef8c9d62ae7212ba02f3b9086f486f319665
397b95796f0ec0d2a79673b5b37c5f0132337eee09e6acf9d477aa7b8b914080
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=166040037&utmhn=neexulro.net&utme=8(User)9(19267661)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151904290&utmac=UA-6469700-9&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1276087329&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174302 Found 368 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=166040037&utmhn=neexulro.net&utme=8(User)9(19267661)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151904290&utmac=UA-6469700-9&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1276087329&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c579b3d3bf5e382b1391bee591522910
02dcd514b121247df662eeddcb7ad075fceb9ca9
729020fd8b3f5d1bca00846a127964ae92a508de3d6a387ceca319617898cdca
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=166040037&utmhn=neexulro.net&utme=8(User)9(19267661)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151904290&utmac=UA-6469700-9&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1276087329&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=492643347.1666151904&jid=1276087329&_v=5.7.2&z=166040037
Access-Control-Allow-Origin: *
Date: Wed, 19 Oct 2022 03:58:16 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 368
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 54771211784c0c7057e8eec201a79967
d8a1ef8c9d62ae7212ba02f3b9086f486f319665
397b95796f0ec0d2a79673b5b37c5f0132337eee09e6acf9d477aa7b8b914080
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dvl8xapgpqgc1.cloudfront.net/HeXpxMVYaFR9XaQ0TFQxgSU5CB2JfEAJeOAlHM389DwMQVj0VOERSHV8OC1VrSVwdUDgeR1dUOBpHQBc3HRhMBXANCh5aawgCF1U+ChsZWjNfDxAMOxYAGF06GF9Dd2NXSlQDZlECQABzSjhUA2YVEx9ELlxIQUluTyVHBXNKOFQDZgsMVAIXQExfAX9cSE-FWMxoRHhRkP0hBAGZJS0EAc0tKF1gkHBweSXNLPEgHeElcBAxn
143.204.42.77200 OK 524 B URL HTTP/1.1 dvl8xapgpqgc1.cloudfront.net/HeXpxMVYaFR9XaQ0TFQxgSU5CB2JfEAJeOAlHM389DwMQVj0VOERSHV8OC1VrSVwdUDgeR1dUOBpHQBc3HRhMBXANCh5aawgCF1U+ChsZWjNfDxAMOxYAGF06GF9Dd2NXSlQDZlECQABzSjhUA2YVEx9ELlxIQUluTyVHBXNKOFQDZgsMVAIXQExfAX9cSE-FWMxoRHhRkP0hBAGZJS0EAc0tKF1gkHBweSXNLPEgHeElcBAxn
IP 143.204.42.77:0
File type ASCII text, with very long lines (713), with no line terminators
Hash 6af24c319a0fcc8e35be0c2c1d14f6e3
04de38e245032189c346e76898a51bf100aa4367
a71ff538c92679be574223d9cecf93182ab1bd8e7a0b33178f06d03b36cfa40e
GET /HeXpxMVYaFR9XaQ0TFQxgSU5CB2JfEAJeOAlHM389DwMQVj0VOERSHV8OC1VrSVwdUDgeR1dUOBpHQBc3HRhMBXANCh5aawgCF1U+ChsZWjNfDxAMOxYAGF06GF9Dd2NXSlQDZlECQABzSjhUA2YVEx9ELlxIQUluTyVHBXNKOFQDZgsMVAIXQExfAX9cSE-FWMxoRHhRkP0hBAGZJS0EAc0tKF1gkHBweSXNLPEgHeElcBAxn HTTP/1.1
Host: dvl8xapgpqgc1.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getherefwu.xyz/
HTTP/1.1 200 OK
Content-Length: 524
Connection: keep-alive
Date: Wed, 19 Oct 2022 03:58:16 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Rv8ubKvAS0XPa8P_JL9AKgW6TRX0EQfLriYabIPDc1sp0F79lymOig==
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1807315122&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151904294&utmac=UA-11545465-2&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1217742710&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1807315122&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151904294&utmac=UA-11545465-2&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1217742710&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1807315122&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151904294&utmac=UA-11545465-2&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1217742710&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Wed, 19 Oct 2022 03:58:16 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash c303c621e0b5f10f908fe1612a23b479
9563841dfa1bfb0511ef63794adc06c5b15d750e
2cc0029180c821dd6c69e273ecb17b35ec8834404bfcb56886f8911d3022a134
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 19 Oct 2022 03:58:16 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-2147026138%3A1666151896228419&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqQGnoBpuHbds_nLen4TmrOLK-CUzza9Gk76dgQTwk8QJ_UsJ3esQNAUjJuTZAZILTYyj0X
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-3Qovrve7MGZtHVNQ1tcdwQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:KlzwpLqQ9sZRiZP1TFy0UMsOr-qNVA:eHuTOQyMq4YQ57SI;Path=/;Expires=Fri, 18-Oct-2024 03:58:16 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
getherefwu.xyz/utx?cb=9tLoXHgM763c&top=neexulro.net&tid=709056
108.157.229.5204 No Content 0 B URL HTTP/2 getherefwu.xyz/utx?cb=9tLoXHgM763c&top=neexulro.net&tid=709056
IP 108.157.229.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /utx?cb=9tLoXHgM763c&top=neexulro.net&tid=709056 HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 19 Oct 2022 03:58:16 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Wed, 19 Oct 2022 03:59:16 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 269b0fad85dfd450220cf6573a2d384e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 1rHHJD8LNBJ1ssTmy4_SXO744EVf0OFLBY1l2zNWbk7eIrQZIF1mpQ==
X-Firefox-Spdy: h2
getherefwu.xyz/multi?cs=bmZ6NnFZVkkCRFpSTgVAWFVNA0I&abt=0&red=1&sm=76&k=emprego%20botic%20empregos%20shrink%20your%20urls%20paid%20vagas&v=1.0.60.0&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_YltY=1666151903900&crc=1
108.157.229.5200 OK 1.5 kB URL HTTP/2 getherefwu.xyz/multi?cs=bmZ6NnFZVkkCRFpSTgVAWFVNA0I&abt=0&red=1&sm=76&k=emprego%20botic%20empregos%20shrink%20your%20urls%20paid%20vagas&v=1.0.60.0&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_YltY=1666151903900&crc=1
IP 108.157.229.5:0
File type ASCII text, with very long lines (3263), with no line terminators
Hash deb6cf0aad61496a04810036f75b7a71
b5f857d8921015fc6f101f835daa8eca246c9ead
bbcdd2cba739decaed441b83576637b2a61aec18f62a94ce9e54667904a6b6a8
Analyzer Verdict Alert quad9 Sinkholed
GET /multi?cs=bmZ6NnFZVkkCRFpSTgVAWFVNA0I&abt=0&red=1&sm=76&k=emprego%20botic%20empregos%20shrink%20your%20urls%20paid%20vagas&v=1.0.60.0&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_YltY=1666151903900&crc=1 HTTP/1.1
Host: getherefwu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1539
date: Wed, 19 Oct 2022 03:58:16 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=6d901f26-cb89-4a59-b8b7-206d3c580f3c
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 269b0fad85dfd450220cf6573a2d384e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: ovFYmpmgjFGySxQqUl1uiNFO35vkpE4WoEwESH8MR3h1_BcDl4VJFg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a894be9666bac9386ca9c53e728a6575
c1a05b6607367a523f62b22aa0043df3662a60b3
fcd8ad7e5d99817eab280177b0e57b1038bde1b3253a3c166a1de1d7258a16db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 398 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash eb56b7c824039920eb1450e469e4e658
7da864255e65cf171f5792abb9aa22172390025a
4d279d505e103da2c25376ed489e5c257c2e4f1fae8ff5a8fd4489e97f1ea618
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 19 Oct 2022 03:58:16 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1560612020%3A1666151896275902&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpqyEJGg-tDWEg7HBkZrj-PN8Mkqq4yEdTnc2uqnH1meUGVupJ3I03eo59CGjNEjsRh-0QNtw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-klo8BbLRfl6LerNXgAdjRg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:dSrofmTd0qQPJAh0MpE8vMDMyV4OlQ:vJHgXRcdGK90MlTk;Path=/;Expires=Fri, 18-Oct-2024 03:58:16 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 325555f8766a0c9d9f4357e77e94cb07
21eb606142da285a6a6750fba560cd99fea1c34f
642b267a9dc106c9c6bac5bbfa574cd6b28a206fa6239d30b692bb148ebdc183
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4409
Cache-Control: max-age=126965
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Etag: "634eb194-1d7"
Expires: Thu, 20 Oct 2022 15:14:21 GMT
Last-Modified: Tue, 18 Oct 2022 14:00:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
d1a3jb5hjny5s4.cloudfront.net/tZ3ViWDUEGgw+ChMcBmUCV0xSbQNBHxE3WxdIDz9QCgUYYXteNBYCDSs2Dn5BHRFfaBMLFAw/CEEQDDsIVlMDPFdaRUQsRQgeXzpFDx4FMkMGHgl+QAZIDzdPDhkOORBVM1d2BUJHUnBNVkRHa3dCR1I0XAkAGn0HVw1abmpRQUdrd0JHUipDQkYjYQNJRU-t9B1cSBzteCFBQHgdXRFJoBFdER2oFARwQPVMIDUdqc15DTGgTEkhT
54.230.245.125200 OK 445 B URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/tZ3ViWDUEGgw+ChMcBmUCV0xSbQNBHxE3WxdIDz9QCgUYYXteNBYCDSs2Dn5BHRFfaBMLFAw/CEEQDDsIVlMDPFdaRUQsRQgeXzpFDx4FMkMGHgl+QAZIDzdPDhkOORBVM1d2BUJHUnBNVkRHa3dCR1I0XAkAGn0HVw1abmpRQUdrd0JHUipDQkYjYQNJRU-t9B1cSBzteCFBQHgdXRFJoBFdER2oFARwQPVMIDUdqc15DTGgTEkhT
IP 54.230.245.125:0
File type ASCII text, with very long lines (596), with no line terminators
Hash dc034cbc4751129a9d479e2bc372b0a0
6e0973dcaecc63153ffac46a37e4329593258f4d
06fded4513bca12b24fc812b230664a59e8ae159fbfebf19850d0a2f07df29d4
GET /tZ3ViWDUEGgw+ChMcBmUCV0xSbQNBHxE3WxdIDz9QCgUYYXteNBYCDSs2Dn5BHRFfaBMLFAw/CEEQDDsIVlMDPFdaRUQsRQgeXzpFDx4FMkMGHgl+QAZIDzdPDhkOORBVM1d2BUJHUnBNVkRHa3dCR1I0XAkAGn0HVw1abmpRQUdrd0JHUipDQkYjYQNJRU-t9B1cSBzteCFBQHgdXRFJoBFdER2oFARwQPVMIDUdqc15DTGgTEkhT HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Content-Length: 445
Connection: keep-alive
Date: Wed, 19 Oct 2022 03:58:16 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CQ1FEDljxIIiudxUyTsKW7_yx5HxGbRQP8QFSTfu8c1GW0_wmZ7PAw==
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=492643347.1666151904&jid=1276087329&_v=5.7.2&z=166040037
173.194.73.154200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=492643347.1666151904&jid=1276087329&_v=5.7.2&z=166040037
IP 173.194.73.154:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=492643347.1666151904&jid=1276087329&_v=5.7.2&z=166040037 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Oct 2022 03:58:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-2147026138%3A1666151896228419&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqQGnoBpuHbds_nLen4TmrOLK-CUzza9Gk76dgQTwk8QJ_UsJ3esQNAUjJuTZAZILTYyj0X
216.58.207.237403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-2147026138%3A1666151896228419&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqQGnoBpuHbds_nLen4TmrOLK-CUzza9Gk76dgQTwk8QJ_UsJ3esQNAUjJuTZAZILTYyj0X
IP 216.58.207.237:0
Hash 56925e671bb278f1abd9cca4717b80aa
0e98426e1f9c9ec074f92771fc4c2bb53cac6579
39bc0a0c3a7122d531095af92d9fce8865d2a0018df98c1d90df4ff43924e3d8
GET /v3/signin/identifier?dsh=S-2147026138%3A1666151896228419&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqQGnoBpuHbds_nLen4TmrOLK-CUzza9Gk76dgQTwk8QJ_UsJ3esQNAUjJuTZAZILTYyj0X HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 19 Oct 2022 03:58:16 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-9ABKSUgFbNyw66mKXGLing' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a894be9666bac9386ca9c53e728a6575
c1a05b6607367a523f62b22aa0043df3662a60b3
fcd8ad7e5d99817eab280177b0e57b1038bde1b3253a3c166a1de1d7258a16db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neexulro.net/funcript1666151903888.php?pub=19267661&v=wMi2dYizIN62MIiTwOixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWcazMZBmyYOyxYEjDcW3oZADCdMhuMUjzVLkhYxTGMb2pMpm3NbhNYJjihOkiNQDnJbklNd2WMY4yMVj2Icx1IJny0eS=
104.21.0.99200 OK 437 B URL HTTP/2 neexulro.net/funcript1666151903888.php?pub=19267661&v=wMi2dYizIN62MIiTwOixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWcazMZBmyYOyxYEjDcW3oZADCdMhuMUjzVLkhYxTGMb2pMpm3NbhNYJjihOkiNQDnJbklNd2WMY4yMVj2Icx1IJny0eS=
IP 104.21.0.99:0
Hash ce88348efd45eec455fa9741f4f83cd2
1c3da0c8666ab6c0913e74787ff948fedc333e0b
a846b8b0dfe8ffa0a723bfe0413ecbbddde314dd477be6aab2520707f48f918d
GET /funcript1666151903888.php?pub=19267661&v=wMi2dYizIN62MIiTwOixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWcazMZBmyYOyxYEjDcW3oZADCdMhuMUjzVLkhYxTGMb2pMpm3NbhNYJjihOkiNQDnJbklNd2WMY4yMVj2Icx1IJny0eS= HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/-36713PKUC/31Na?rndad=1532635802-1666151895
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppDr5wgiSC5ZXdr%2BCKUxYR%2Brmfy0jJcXRDCC5%2FlyDaYNCU8PdykHKeAU%2FVZSBrOe8hInsQtwZxMEemyC%2B2VhlTkT%2FGoLp925pOnm9TZoWTDJxZydy3iS6Mi0GpvMRlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c69824db5d1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adf.ly/static/other/main.html
104.20.67.244200 OK 2.4 kB URL HTTP/1.1 adf.ly/static/other/main.html
IP 104.20.67.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Hash b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e
GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 03:58:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-ef3ca68773a05f57;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75c698264c44b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ada3c7aa45f1d7674b0d455c8324af19
112f474190bb58b03b211f0679adf331f59f4ca5
1365c83200f590150e65088557bcd8dbae9fe5c4a6d961aabea719c7bc15a99c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5946
Cache-Control: max-age=133564
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Etag: "634ec55a-118"
Expires: Thu, 20 Oct 2022 17:04:20 GMT
Last-Modified: Tue, 18 Oct 2022 15:25:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ada3c7aa45f1d7674b0d455c8324af19
112f474190bb58b03b211f0679adf331f59f4ca5
1365c83200f590150e65088557bcd8dbae9fe5c4a6d961aabea719c7bc15a99c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5134
Cache-Control: max-age=132752
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Etag: "634ec55a-118"
Expires: Thu, 20 Oct 2022 16:50:48 GMT
Last-Modified: Tue, 18 Oct 2022 15:25:14 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ada3c7aa45f1d7674b0d455c8324af19
112f474190bb58b03b211f0679adf331f59f4ca5
1365c83200f590150e65088557bcd8dbae9fe5c4a6d961aabea719c7bc15a99c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3797
Cache-Control: max-age=131415
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Etag: "634ec55a-118"
Expires: Thu, 20 Oct 2022 16:28:31 GMT
Last-Modified: Tue, 18 Oct 2022 15:25:14 GMT
Server: ECS (amb/6BB2)
X-Cache: HIT
Content-Length: 280
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
54.230.245.36200 OK 50 kB URL HTTP/1.1 dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP 54.230.245.36:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Hash f3bd98ba0c1d63a73a7c9efc3760d742
2b27a6c2f98f4b87f33b3da437000c7e4a86b068
4ad46ce141b6de6c9b4d72164d712d85898eb22742ce327412b1037a33116ad8
GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
HTTP/1.1 200 OK
Content-Length: 49674
Connection: keep-alive
Date: Wed, 19 Oct 2022 03:58:16 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NB7vvyLYDXNftY6tKPmAUj-Dm1kxgXIF83OsTgNZu_jhiWPHakmg6g==
cdn.adf.ly/static/image/shrink_bg.png
104.20.66.244200 OK 1.1 kB URL HTTP/2 cdn.adf.ly/static/image/shrink_bg.png
IP 104.20.66.244:0
File type PNG image data, 667 x 46, 8-bit colormap, non-interlaced\012- data
Hash ace2a1fd9b8ed03d7254a4ec19c6c52f
13d0f68736ee1f294c2befec82559c2fb485a0d5
0cb0f5132e79b484f85ba745ea8c54fa2e8e0cd9f100108d71b8600d9953aa31
GET /static/image/shrink_bg.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1053
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1769
cache-control: public, max-age=604800
etag: "6e9-5faa60e6-be896a2a808f1240;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe4c1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/header_bg.png
104.20.66.244200 OK 398 B URL HTTP/2 cdn.adf.ly/static/image/header_bg.png
IP 104.20.66.244:0
File type PNG image data, 1 x 527, 8-bit colormap, non-interlaced\012- data
Hash d6239fed8d14ec957142a25ed6daf6f6
b9a65ad955afed9e9dab0c4f20c7d192da9013a5
651ae3a78e79c228b19c52944098d704c91fdf2cf94ae7f692046b13da9d95ae
GET /static/image/header_bg.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 398
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1153
cache-control: public, max-age=604800
etag: "481-5faa60e6-f6933bccb6874a0a;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe481bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/shrink_button_icon.png
104.20.66.244200 OK 786 B URL HTTP/2 cdn.adf.ly/static/image/shrink_button_icon.png
IP 104.20.66.244:0
File type PNG image data, 28 x 28, 8-bit gray+alpha, non-interlaced\012- data
Hash 8d9e9f6158147b21e5ae5ed89568824b
691681a806514a8cb0f5aabc3ea8cb55751e82cc
a19cd7ace58ee6e84a5718558dba9a2422ed271f8dd4050cf804a969b0223fd3
GET /static/image/shrink_button_icon.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 786
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2110
cache-control: public, max-age=604800
etag: "83e-5faa60e6-be37f9f29eccbea0;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe4d1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/logo.png
104.20.66.244200 OK 9.3 kB URL HTTP/2 cdn.adf.ly/static/image/logo.png
IP 104.20.66.244:0
File type PNG image data, 185 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 25e3e75dd5d6f30361d61e919335858e
8ec690d03b8e684911d8ba56014d4787e9259dd1
556a6fbbcc8e98218bb37809bdc03bf149fa25de12afc0d848f45160d0e1d9a9
GET /static/image/logo.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 9336
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10726
cache-control: public, max-age=604800
etag: "29e6-5faa60e6-b22ed065d915c717;;;"
expires: Wed, 26 Oct 2022 03:09:29 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2927
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe4b1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/register_bg.png
104.20.66.244200 OK 4.3 kB URL HTTP/2 cdn.adf.ly/static/image/register_bg.png
IP 104.20.66.244:0
File type PNG image data, 232 x 127, 8-bit/color RGB, non-interlaced\012- data
Hash cee3d1ab0848cfb8e2d1fdc3b2a391be
f257b98616fbb92280b0b1b7df8668ae4bf55f85
8e98fa4dd23daf2f180b4471ebf93072eede457f39e49c9d4612aa77e400edaa
GET /static/image/register_bg.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 4261
cf-bgj: imgq:85,h2pri
cf-polished: origSize=6527
cache-control: public, max-age=604800
etag: "197f-5faa60e6-9bea14491ff4c242;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe4e1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/button_join_now_tick.png
104.20.66.244200 OK 526 B URL HTTP/2 cdn.adf.ly/static/image/button_join_now_tick.png
IP 104.20.66.244:0
File type PNG image data, 25 x 22, 8-bit gray+alpha, non-interlaced\012- data
Hash 908da63dd84c3779d24637561f51c849
ff5f96c70f3e2604bbe64dbe49cf537a3be0a504
9382c13e42e2a935e6117cea49fe5b5f4f64848905ad1cb655931338674b3acd
GET /static/image/button_join_now_tick.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 526
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1691
cache-control: public, max-age=604800
etag: "69b-5faa60e6-4233504e03fd6057;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe511bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/paid_bg.png
104.20.66.244200 OK 8.4 kB URL HTTP/2 cdn.adf.ly/static/image/paid_bg.png
IP 104.20.66.244:0
File type PNG image data, 235 x 120, 8-bit/color RGB, non-interlaced\012- data
Hash 43f11e1726e8517122fff2183c7b8277
a57a930dd0c7ff69e9081d09a46e23cf82008bc0
9999c1a71aa32cfe3f84a6dba19ed1f72ec2da44f667f1d98a683231e72c6566
GET /static/image/paid_bg.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 8418
cf-bgj: imgq:85,h2pri
cf-polished: origSize=9477
cache-control: public, max-age=604800
etag: "2505-5faa60e6-fa524698f5c459e0;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe4f1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/arrow.png
104.20.66.244200 OK 673 B URL HTTP/2 cdn.adf.ly/static/image/arrow.png
IP 104.20.66.244:0
File type PNG image data, 16 x 17, 8-bit colormap, non-interlaced\012- data
Hash 2fbe8bab7bb5526dd5d8a78110c745c1
f55a47fa0bd2325f21a49c30d05fdb06d0873b97
316ab9aa5b6fb9ca0537e2ced46f86afdde404f5dd9ab45ee008334ee629a547
GET /static/image/arrow.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 673
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1508
cache-control: public, max-age=604800
etag: "5e4-5faa60e6-944ddc46968cf1f1;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe531bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/header_gradient.jpg
104.20.66.244200 OK 6.6 kB URL HTTP/2 cdn.adf.ly/static/image/header_gradient.jpg
IP 104.20.66.244:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1250x370, components 3\012- data
Hash 46ce1d6ebcca92b73b612eaf4abd91c2
a7d8a802159e6a19e202ddae55f4c1e402312124
d67f6ec3cc802fa7c71f3f056a33930d35b68317dc426ede3501cda10c7af865
GET /static/image/header_gradient.jpg HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/jpeg
content-length: 6647
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=8872
cache-control: public, max-age=604800
etag: "22a8-5faa60e6-8ea5f64bb41938f5;;;"
expires: Wed, 26 Oct 2022 03:09:29 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2927
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe471bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/header_optimised.jpg
104.20.66.244200 OK 14 kB URL HTTP/2 cdn.adf.ly/static/image/header_optimised.jpg
IP 104.20.66.244:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1250x527, components 3\012- data
Hash ec0815e37925355b8e9c740f5b72df93
58b7116b7e5a444452a390bb2d506bf905fe26c5
d1442a04f428fe91569072a05e787a465173ba62db26b314aae18454dc323a67
GET /static/image/header_optimised.jpg HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/jpeg
content-length: 14542
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15782
cache-control: public, max-age=604800
etag: "3da6-5faa60e6-c64a23a13a96a793;;;"
expires: Wed, 26 Oct 2022 03:03:53 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3263
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe491bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/fb_f.png
104.20.66.244200 OK 627 B URL HTTP/2 cdn.adf.ly/static/image/fb_f.png
IP 104.20.66.244:0
File type PNG image data, 20 x 33, 8-bit colormap, non-interlaced\012- data
Hash b51e39a0a89e6f1a5647c41159898db6
5736e4c9c7d918c3573654daf199ff53796bffc4
8d0960acf2db4c6517fcf63d1e3c78281028aebb297fbaa6be705aec48f50496
GET /static/image/fb_f.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 627
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1493
cache-control: public, max-age=604800
etag: "5d5-5faa60e6-9e9409dea292876d;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe521bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/share_bg.png
104.20.66.244200 OK 4.4 kB URL HTTP/2 cdn.adf.ly/static/image/share_bg.png
IP 104.20.66.244:0
File type PNG image data, 262 x 122, 8-bit/color RGB, non-interlaced\012- data
Hash 173de09eb243e527c1c5e95914804c2a
337e51abf3434833735356d0872269ccb02dffce
c947cc5919806c731e9de86e8416e5be9a86a6ce5bf84e0f2908e572187f49b2
GET /static/image/share_bg.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 4389
cf-bgj: imgq:85,h2pri
cf-polished: origSize=5302
cache-control: public, max-age=604800
etag: "14b6-5faa60e6-19f22597f27d93c7;;;"
expires: Wed, 26 Oct 2022 03:11:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2824
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982afe501bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Wed, 19 Oct 2022 03:58:16 GMT
Connection: keep-alive
Content-Length: 0
cdn.adf.ly/static/image/ft_payoneer.png
104.20.66.244200 OK 1.6 kB URL HTTP/2 cdn.adf.ly/static/image/ft_payoneer.png
IP 104.20.66.244:0
File type PNG image data, 81 x 27, 8-bit colormap, non-interlaced\012- data
Hash 3f05c16e8fb7c3e994e9eaa59930411d
56342cfb4fdc44fa9506fb7cc60e47ac9c65d66d
51f7fdb57a08c4b0b3919549dc9e72a34007c7375995e5ff29cec81d07d23025
GET /static/image/ft_payoneer.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1637
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1674
cache-control: public, max-age=604800
etag: "68a-5faa60e6-7fc6b0122ea3f1a9;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e621bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/lmp.png
104.20.66.244200 OK 1.5 kB URL HTTP/2 cdn.adf.ly/static/image/lmp.png
IP 104.20.66.244:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash ec036773a30e76a0a23c3af042ffe184
c8562d46f7486032a6498bf4aecd101a3d183aa7
22fae56dbda99d0bcffb1eb2019c49ca046ffcdc2ecfe29c44dcb27d8ddbe917
GET /static/image/lmp.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1501
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2522
cache-control: public, max-age=604800
etag: "9da-5faa60e6-ca3445bca8b770a7;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e681bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/api.png
104.20.66.244200 OK 1.3 kB URL HTTP/2 cdn.adf.ly/static/image/api.png
IP 104.20.66.244:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 65ab6a59ef32afc554ea4d2db379cc6d
cbbeeb50c39a3707dbd66136b89add288826dbb2
7edea0c7762fe081e955686783f5ecb9f917602ddbb06629efaaaeacf708dbea
GET /static/image/api.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1306
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2121
cache-control: public, max-age=604800
etag: "849-5faa60e6-beeec2650c1ba7b8;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e6a1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/stats.png
104.20.66.244200 OK 1.8 kB URL HTTP/2 cdn.adf.ly/static/image/stats.png
IP 104.20.66.244:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 4662a3e0181a85b19daa8c4984e7db1c
e2abee1334afe9076baa0ceb87697773c731ace6
4209d36116ee7ad0a4511907a64b69d5432888435d36e63a4eb4b4f18757c48b
GET /static/image/stats.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1800
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2651
cache-control: public, max-age=604800
etag: "a5b-5faa60e6-ee8eb5971225bd8d;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e691bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/safe.png
104.20.66.244200 OK 1.5 kB URL HTTP/2 cdn.adf.ly/static/image/safe.png
IP 104.20.66.244:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash dd0ac68c378f45ebb3c7a5fe66069d58
f4d7da753a321d9a0c652e5523d06e0c165acad3
76f44cb76c462eee126d730b09e671ebe6eb76b69b2c3245367dd60471cf69ba
GET /static/image/safe.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1519
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2181
cache-control: public, max-age=604800
etag: "885-5faa60e6-7c8ee46b7105f43f;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e661bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/ft_paypal.png
104.20.66.244200 OK 1.1 kB URL HTTP/2 cdn.adf.ly/static/image/ft_paypal.png
IP 104.20.66.244:0
File type PNG image data, 81 x 27, 8-bit colormap, non-interlaced\012- data
Hash c23a3a6add3b4d4938dc0dd81d3562c0
3e1c6eba183f89ee35d87b3808c663ba3e5d42cb
44a53eb4a93c6fef31da21b5d5ec44d86f71dc8bf0f876429b2a367379036507
GET /static/image/ft_paypal.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1124
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1161
cache-control: public, max-age=604800
etag: "489-5faa60e6-951599f6767de80e;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e6f1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/ads.png
104.20.66.244200 OK 1.2 kB URL HTTP/2 cdn.adf.ly/static/image/ads.png
IP 104.20.66.244:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 246d3388656b3e971014334b6d96e948
f44a3290c1bc4192261ce8b3ceb6077bda4f1f51
735db4a29ea600da115918d95f40f7690ca67822ac3010b4a2b49b2c90631c54
GET /static/image/ads.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1230
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1973
cache-control: public, max-age=604800
etag: "7b5-5faa60e6-bb4904a17bccdce9;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e671bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/footer_bg.png
104.20.66.244200 OK 105 B URL HTTP/2 cdn.adf.ly/static/image/footer_bg.png
IP 104.20.66.244:0
File type PNG image data, 1 x 75, 4-bit colormap, non-interlaced\012- data
Hash 14c3d680a9ccbee4781a42cd937992b0
24b70ef01e7d09e36ba24a9aafd45d3e7ecae711
c2155d272755682b65a63f24d0d1ed094e77067d62060d03357591b9bee16c59
GET /static/image/footer_bg.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 105
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1012
cache-control: public, max-age=604800
etag: "3f4-5faa60e6-c7aa353d6113caee;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e6c1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/scripts.png
104.20.66.244200 OK 2.0 kB URL HTTP/2 cdn.adf.ly/static/image/scripts.png
IP 104.20.66.244:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash b9c6ed000852f11521996c16b42123cd
fe42a426fd4dfc882568eaa162b8a0b4932b91a9
b704ea637b7584208cc45d91210d8a26aac9cc0f0e09fdc8a53442f7b5be713b
GET /static/image/scripts.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 1955
cf-bgj: imgq:85,h2pri
cf-polished: origSize=2998
cache-control: public, max-age=604800
etag: "bb6-5faa60e6-3fc776c1980cf63a;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e6b1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/footer_home_lr_bg.png
104.20.66.244200 OK 126 B URL HTTP/2 cdn.adf.ly/static/image/footer_home_lr_bg.png
IP 104.20.66.244:0
File type PNG image data, 1 x 51, 8-bit/color RGB, non-interlaced\012- data
Hash 7748d35119270ad4dacecf08494c3dc8
3c85b905bfe577af40c6f86743afd3e6b981ff2a
885f1971671fea356f27e224cb09da9de79d3e51ec4ec79df169f2e300e108aa
GET /static/image/footer_home_lr_bg.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 126
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1045
cache-control: public, max-age=604800
etag: "415-5faa60e6-b31c99c9b656537e;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e6d1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/image/footer_home_ll_bg.png
104.20.66.244200 OK 129 B URL HTTP/2 cdn.adf.ly/static/image/footer_home_ll_bg.png
IP 104.20.66.244:0
File type PNG image data, 1 x 51, 8-bit/color RGB, non-interlaced\012- data
Hash ddc84a825812be7c48f439d9681799a3
ca28d5c166494901ac06f026593c434751e6099a
74a32e604762c99ef32ac78c1585d5f1e27d0fb5f59dd5b440ec3cfd4ea6c0ce
GET /static/image/footer_home_ll_bg.png HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.adf.ly/static/css/core_default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: image/png
content-length: 129
cf-bgj: imgq:85,h2pri
cf-polished: origSize=1053
cache-control: public, max-age=604800
etag: "41d-5faa60e6-bca017fba69cf5b6;;;"
expires: Wed, 26 Oct 2022 03:11:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2823
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c6982b2e6e1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ada3c7aa45f1d7674b0d455c8324af19
112f474190bb58b03b211f0679adf331f59f4ca5
1365c83200f590150e65088557bcd8dbae9fe5c4a6d961aabea719c7bc15a99c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5134
Cache-Control: max-age=132752
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 03:58:16 GMT
Etag: "634ec55a-118"
Expires: Thu, 20 Oct 2022 16:50:48 GMT
Last-Modified: Tue, 18 Oct 2022 15:25:14 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8009
Expires: Wed, 19 Oct 2022 06:11:46 GMT
Date: Wed, 19 Oct 2022 03:58:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8009
Expires: Wed, 19 Oct 2022 06:11:46 GMT
Date: Wed, 19 Oct 2022 03:58:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8009
Expires: Wed, 19 Oct 2022 06:11:46 GMT
Date: Wed, 19 Oct 2022 03:58:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8009
Expires: Wed, 19 Oct 2022 06:11:46 GMT
Date: Wed, 19 Oct 2022 03:58:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8009
Expires: Wed, 19 Oct 2022 06:11:46 GMT
Date: Wed, 19 Oct 2022 03:58:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87d6cfa7-6d1f-40ca-bf2d-507a8fffc5dd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87d6cfa7-6d1f-40ca-bf2d-507a8fffc5dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34233831dc5c15001753b8bcc03382b0
00790fcdc95ebb458a67c1de32fbb58039795d81
a63d7d3ff74534fa2edfef6aae76074b228fdd3966917903176d897e7ea1e1c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87d6cfa7-6d1f-40ca-bf2d-507a8fffc5dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7749
x-amzn-requestid: 389e9ef8-8bf4-4aa4-9255-e71f64442dd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aBq4FFKioAMFoOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a2500-307d1b4103e58eb400cdc6bc;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 03:12:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CSmVVhHYJ0HW3D61Xse0jsVoDBqKGx-scT6Vno55Ld8x3aK5gDU41w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 05:06:33 GMT
age: 82304
etag: "00790fcdc95ebb458a67c1de32fbb58039795d81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.199.35200 OK 114 kB IP 172.64.199.35:0
Size 114 kB (113505 bytes)
Hash 00b6d9617e9304457764395e56ed7849
faf0a406d56ff534d31bf6174704669157fc14ec
2e1c2251e230ea6da7c662d0f4b8179c9ca19a89ffb6005a1e891f0ab228f7d7
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:15 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2721
last-modified: Wed, 19 Oct 2022 03:12:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96jPTMv5GwzAc9TWiS%2BF7fzVslJzPSb1znx%2FYe8uAzUjpfxLj66ylv4zcVwLUuILBp9mAd9Q%2BdOwDIs23tNL8TCOphhAYTyFX0jpiAJiwfq%2FZ%2BWmxlvz6X45Ffjz6Jy%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c698257ae674b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97a40388-4af0-420d-bed9-b95e11c797a2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97a40388-4af0-420d-bed9-b95e11c797a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af15d820ca84500be65f5d6df5e4f68d
b62e825f4ca21fb1caebbc8c3ba51f42c99c1e7d
b64a6e7d9a74d7cb273b2bb6abad92c2b9b236edf3144f7e79bf872bf77e8086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97a40388-4af0-420d-bed9-b95e11c797a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10533
x-amzn-requestid: 9860aa35-699e-4903-bb76-82708f4d0f47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aH05UEN7IAMFsNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c9b6e-2cbc5b1c281887c4504b5333;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 00:01:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: C1Arrm8Zqkx8hoBiylbdu0GaYCFBRKel3XEfxJiyb0fkJq6IjVP3Hg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 07:36:58 GMT
age: 73279
etag: "b62e825f4ca21fb1caebbc8c3ba51f42c99c1e7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F194b4740-96c9-4288-beb4-2bb6b10771b1.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F194b4740-96c9-4288-beb4-2bb6b10771b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b18cc36d516d20449dbba4fa894e898
40f6c41e0259a820bec12e31c6e650fd6c5dea57
1202e14ec5edc289d0be7b7f9d8538b9bc23a35f4ede6eae39179a61f6128bb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F194b4740-96c9-4288-beb4-2bb6b10771b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4044
x-amzn-requestid: 08cb82b3-386b-4d87-b11c-ab7c4c66173b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFFWEDjIAMF5jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1bbb-4d516cbb74baf2a0228f8cbe;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4gPxIb8DzdibfZ-TsuJIDW7YYeeMvz5vpXrp4wsUenEzjEHnRn7yzg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:56:09 GMT
age: 21728
etag: "40f6c41e0259a820bec12e31c6e650fd6c5dea57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cdcf17-9e2f-4bb5-86ea-922d7258ed44.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cdcf17-9e2f-4bb5-86ea-922d7258ed44.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e6dd56d33fda025f69932af82f55d5e
6e6e759da34abd631f612bbf8e8a8819ac88f72f
1142335500fea094b376dd97f3b8d9c981c0e49d7333974a4e9e5003b199bcf7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cdcf17-9e2f-4bb5-86ea-922d7258ed44.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6842
x-amzn-requestid: 42572e50-1b54-4fa5-a097-ecfc883b7283
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFAoFsXoAMFzGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1b9d-3037bbed16620d9903d8d70e;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3JZIEudKeDI284VpBnSwoIps6WeZZgD9IP84e_HB5kQGxaWy7GFY8g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:51:32 GMT
age: 22005
etag: "6e6e759da34abd631f612bbf8e8a8819ac88f72f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg
34.120.237.76200 OK 35 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b683fafb36238c7da6be76247f60600b
e975f7a307a970ab45b03f861fd7d875ec66028d
b65fa7f3e7e0d999ebdfc1a4beb74e21221e4ceabd9e57ed0af6ab4560e12fdd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc809406-f843-4494-9a76-eab77bec4daa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 35276
x-amzn-requestid: 6e8a79ad-d0f3-4290-a1ed-ef9b1239f193
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFApGzbIAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1b9d-65cf1b926ab122b1716a2983;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:17 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hPbTIgByMSbi22qlqk74Vk8h6AWf5DxSWDZHjew5y-RHl6X0uRu_wQ==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:42:49 GMT
age: 22528
etag: "e975f7a307a970ab45b03f861fd7d875ec66028d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=791560357&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(19267661)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151908893&utmac=UA-6469700-9&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=791560357&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(19267661)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151908893&utmac=UA-6469700-9&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=3&utmn=791560357&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(19267661)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Vagas%20de%20emprego%20-%20Botic%C3%A1rio%20-%20Empregos%20%7C%20VAGAS.com.br&utmhid=976692237&utmr=-&utmp=%2F-36713PKUC%2F31Na%3Frndad%3D1532635802-1666151895&utmht=1666151908893&utmac=UA-6469700-9&utmcc=__utma%3D218196230.492643347.1666151904.1666151904.1666151904.1%3B%2B__utmz%3D218196230.1666151904.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Tue, 18 Oct 2022 17:00:37 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 39463
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
pogothere.xyz/
172.64.199.35200 OK 0 B IP 172.64.199.35:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: text/plain
set-cookie: csu=1998548763875269@1@1666151895; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M95i3X8wAI%2FMw3OBKGI1O3SI%2FaKoWBD%2BOMO5hpRMFLelzFZEK3qkYllfzIbEZDMYgOwM6%2FZ8zKprfPkFX4W1sYWilGLD5GZ0JunnonrYbsKa6YUHAWbAgw07bGAN8Ng6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75c698257ae574b5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/core_default.css
104.20.66.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/core_default.css
IP 104.20.66.244:0
GET /static/css/core_default.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=41418
cache-control: public, max-age=604800
etag: W/"a1ca-5faa60e6-228c7387f6f934f1;gz"
expires: Wed, 26 Oct 2022 03:11:11 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2825
server: cloudflare
cf-ray: 75c698293db91bfa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 2PDUwb52bCneQkSZy5wXqDcDTjiNtUfx/0LohEQKRrZ500s4eMliJYnPzG4FXZkrpcn0P79DN7RtkIqUMvY90Q==
date: Wed, 19 Oct 2022 03:58:16 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1560612020%3A1666151896275902&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpqyEJGg-tDWEg7HBkZrj-PN8Mkqq4yEdTnc2uqnH1meUGVupJ3I03eo59CGjNEjsRh-0QNtw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1560612020%3A1666151896275902&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpqyEJGg-tDWEg7HBkZrj-PN8Mkqq4yEdTnc2uqnH1meUGVupJ3I03eo59CGjNEjsRh-0QNtw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1560612020%3A1666151896275902&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpqyEJGg-tDWEg7HBkZrj-PN8Mkqq4yEdTnc2uqnH1meUGVupJ3I03eo59CGjNEjsRh-0QNtw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 19 Oct 2022 03:58:16 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-huL0f5_L8hKtU6oTu6qHoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
104.20.66.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP 104.20.66.244:0
GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 19 Oct 2022 03:58:16 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=25476
cache-control: public, max-age=604800
etag: W/"6384-5faa60e6-8a65ad130d426094;gz"
expires: Wed, 26 Oct 2022 03:11:11 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2825
server: cloudflare
cf-ray: 75c698295dc81bfa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2