dl.kaoskrew.org/46i
69.39.238.242301 Moved Permanently 0 B IP 69.39.238.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /46i HTTP/1.1
Host: dl.kaoskrew.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: FLYSESSID=iu4u7451lttbfien841re2704h; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: adfly
strict-transport-security: max-age=0
location: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
content-type: text/html; charset=UTF-8
content-length: 0
date: Sat, 07 Jan 2023 23:36:23 GMT
server: LiteSpeed
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18727
Expires: Sun, 08 Jan 2023 04:48:30 GMT
Date: Sat, 07 Jan 2023 23:36:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19347
Expires: Sun, 08 Jan 2023 04:58:50 GMT
Date: Sat, 07 Jan 2023 23:36:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 22:48:10 GMT
content-type: application/json
age: 2893
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19561
Expires: Sun, 08 Jan 2023 05:02:24 GMT
Date: Sat, 07 Jan 2023 23:36:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kstDoFT+bOXkcGUVFsv2PmrndWK460iK8kq+m/zViWTV9goxKVNV/iZDs22t+HFZIL9k78eAeYUP9Cj6to3H7w==
x-amz-request-id: TDE8JXY6NMZT3C6W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 23:15:31 GMT
age: 1252
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 23:36:23 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 23:17:21 GMT
age: 1143
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
104.21.0.99200 OK 6.9 kB URL HTTP/1.1 neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
IP 104.21.0.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1710), with CRLF, LF line terminators
Hash f7088aead0725e7cec87eae4847316e8
fb439ef9a9548253467ff681987e8a5f48d7bcf1
1b54cb9d31122f21375c6b38aa132fae74d1ff6fea7b0265ee01aa309509d243
GET /-30251IDSH/46i?rndad=1532635802-1673134583 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=lbbscgc3no6uoog0lu4m3knh8j; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Sun, 08-Jan-2023 23:36:24 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Sun, 08-Jan-2023 23:36:24 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp3=1532635802; expires=Sun, 08-Jan-2023 23:36:24 GMT; Max-Age=86400; path=/; domain=.neexulro.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 07 Jan 2023 23:36:24 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hkcWKk%2Fivem%2BNr2QMwnqWNKq%2BSfzAaweDU1KP%2BvvP2Le6E1lHFk12eSou0J%2FekEql0DuyVSi6cRDWMAr4llwmZOeihd7LuiwjVi2Ybwp9JdHrhEPVqiGqNr%2BddYHfU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786083eebbf0b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.42200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.42:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 07 Jan 2023 05:39:03 GMT
Expires: Sun, 07 Jan 2024 05:39:03 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 64641
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
cdn.neexulro.net/static/js/view118_bidshow.js
172.67.150.219200 OK 4.0 kB URL HTTP/1.1 cdn.neexulro.net/static/js/view118_bidshow.js
IP 172.67.150.219:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:34 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-5c74f9ea89cd6c48;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2030
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B%2FgscLgEWnB%2FZUYEg5x%2FGbVWZ4jFhpYgUOPFHHfpKfQbvZgiFNN0qnetXgJ%2BKQNKnjZoS6oZvYOkLw7wcR%2FC2G2K2gTYh%2ByguOby7y3OegO0R%2BAqc61JAYyvvdRyqn%2BTFI%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786083f12d06b4e8-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/amvn.js
172.67.150.219200 OK 84 kB URL HTTP/1.1 cdn.neexulro.net/static/js/amvn.js
IP 172.67.150.219:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash 0e897c2db61039404ebce1fa5f44d823
c05efc7b565e4655657df1e4798fc94703f882bd
b8ad2167808aa7be6282bf8e34145af6d04bc101e163ac186cddc48f8f0836f7
GET /static/js/amvn.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: application/x-javascript
Content-Length: 84325
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:34 GMT
last-modified: Sat, 07 Jan 2023 12:20:02 GMT
etag: "3f2ab-63b96372-7f3dbfff7fea7a09;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2030
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxe8JcT2VOG1B4WqLIajjOzsVFPum3W5RKRj5RXcVNTsHAtcsnG4wle0MNGU5jzi04I9DixCRRVpiRXtXNl4tVeiLd9HmBpPvRoKAJV9cGwfa4ghAl22%2FxsBCXB6iYtg8yZ2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786083f12f260b51-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/css/adfly_7.css
172.67.150.219200 OK 875 B URL HTTP/1.1 cdn.neexulro.net/static/css/adfly_7.css
IP 172.67.150.219:0
File type ASCII text, with very long lines (2735), with no line terminators
Hash f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a
GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-6a5aa4acec833b9;gz"
expires: Sat, 14 Jan 2023 23:02:34 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2030
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5LsI5p%2BF22RuGJZj95tWtPhTsKUUYqD8V1P6qJ%2F%2FQgoPjWTfvRtqo0SecMIHCX3YkBfA16Q7qRMwCya6z8T%2FjTmr%2FJJ%2FnDL7FGSEQjz%2FqT4mnnKEQuI12%2B8teIeReAr%2B%2FZf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786083f12ba50b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
172.217.21.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash faa1d2fba239abadbd8fa8637346e1a6
d5d36eff2669122479f0919c124cad4ea5b4c5b2
69669b77450307874a8ab894efb70ea4f6ab66c1f9c479a23c6154ce50a65559
GET /gtm.js?id=GTM-5NL9VFJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 07 Jan 2023 23:36:24 GMT
expires: Sat, 07 Jan 2023 23:36:24 GMT
cache-control: private, max-age=900
last-modified: Sat, 07 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6141
Cache-Control: max-age=126767
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:24 GMT
Etag: "63b9362a-1d7"
Expires: Mon, 09 Jan 2023 10:49:11 GMT
Last-Modified: Sat, 07 Jan 2023 09:06:50 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 17cf9dce587a0172ed5024014092613a
c4d54d41bb2065c443b71ce4cb0765afcf25ff5d
c9e7f02104dba48ac14728545d4e4fbc2393ab6c2cb4b36504aad9626f8d10b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
54.230.245.85200 OK 36 kB URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP 54.230.245.85:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash b9eaac3c2979b518c0e1fc9e7f208e7b
c9da1d074b6d02f9d1a42bc604a06b3250117cb4
1eac5c0597db0f9d5fa2ead186e06a7ead76645a32ca7365fe1615f217a0ef2c
GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Content-Length: 36033
Connection: keep-alive
Date: Sat, 07 Jan 2023 23:36:24 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6_l5NOVQQAqaORS1ZP8mZwMtxAZiNQjKyavVfo-abHRsWg_cFDqa7A==
cdn.neexulro.net/static/image/delete2.png
172.67.150.219200 OK 577 B URL HTTP/1.1 cdn.neexulro.net/static/image/delete2.png
IP 172.67.150.219:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2024
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kptuyrb1s%2FrLO9fRx3iWRz9ns0Nnn8pTBJqIR2TTpl74LmAZ%2BmwPCujFnj%2FuVjgLQmDkm0JcjvqReFqBKloXFQ07qMLAw%2Bp%2BfAYDmP3ONl4S5s9My1aqLeD0Jd0GaDWq7bj%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f278030b51-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/ahl6532.gif
172.67.150.219200 OK 3.2 kB URL HTTP/1.1 cdn.neexulro.net/static/image/ahl6532.gif
IP 172.67.150.219:0
File type GIF image data, version 89a, 166 x 58\012- data
Hash 48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2024
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6h4PBLukJTMxjBxNPRm3BDjzyzTQkRSN5UEngQV88hxzZb8DR38HU0705fP7VNgNRjTKnw2T12aVMlBqvf13N0i1Uw1LbfMG0so3M3QN2y6efWW6ZSIKsKYQ3a0HguLQ%2BRg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f27edab51e-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/skip_ad/en_tran.png
172.67.150.219200 OK 5.1 kB URL HTTP/1.1 cdn.neexulro.net/static/image/skip_ad/en_tran.png
IP 172.67.150.219:0
File type PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29
GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-eb24f435e560d3dd;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2024
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKYpusP4r64RHVF5ImIg1bV35tL5Lnxi6l%2BNUW%2FOcAXNVeBOaf7jXiCyh089P%2Bndg39HXyh0mOHe6aRxEjXQhCa4QtfDgfQOfmrNA%2BJ0Fc4CTlXLhYdHa7viHp2puFdb5LCH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f27c790b39-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/logo_fb2.png
172.67.150.219200 OK 6.3 kB URL HTTP/1.1 cdn.neexulro.net/static/image/logo_fb2.png
IP 172.67.150.219:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:35 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-50f7a0a7015a0140;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2029
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5DqgzIAIeM3u68r%2Fk7u%2BD0piJuYmERzA048iaxT7zM%2FyY3q%2Fohl4s0JZBxQP7Cl7%2BV99Wz9%2FKlqxePn4UG%2B9NeGHUFIBjVTfJ8xyW3HmsPCX4Ud3RfEstmTAB8eC3fE3H9D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f27bb31bfa-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/spinner.gif
172.67.150.219200 OK 36 kB URL HTTP/1.1 cdn.neexulro.net/static/image/spinner.gif
IP 172.67.150.219:0
File type GIF image data, version 89a, 39 x 39\012- data
Hash 2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
GET /static/image/spinner.gif HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:35 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-abbbac75116acc85;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2029
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QzUrRRvhapDfpnpxE19CVnRVg7sM5ecl9x9EOpdGJncwqq7o8klLVcz5m1V1J4EhiyYwiaXHGKqD9eECwCoVhb4o7ZUChHI7gqyLGlXiFtTqv1Euje%2BHjalYUU6LiY1JNXs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f298330b51-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/main.js?v=2022052901
172.67.150.219200 OK 705 B URL HTTP/1.1 cdn.neexulro.net/static/js/main.js?v=2022052901
IP 172.67.150.219:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: application/x-javascript
Content-Length: 705
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:36:03 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-5a0b6a8c1f70ff01;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep4BSKeg0sBL6FeWx9ZnrAUZkz4qcIHLQVM66128EcQWin0Hov5mPKS%2FnLhsTT0Jwjp%2FsSBRoijQEhrXMH8OOC4gjPt4VRjdoKXH0XfONdGVTXzd%2FfkKUeTz%2BuGK%2B6kPpBP1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786083f12964b517-OSL
alt-svc: h2=":443"; ma=60
neexulro.net/js/display.js
104.21.0.99200 OK 5.8 kB URL HTTP/1.1 neexulro.net/js/display.js
IP 104.21.0.99:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: FLYSESSID=lbbscgc3no6uoog0lu4m3knh8j; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:34 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-1a029ed62bba2563;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2030
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVYqsyvdn53kHlk9wB9gD3HFnIXm9x9ex4KgjRPzwzm3%2FiKJ1np0FKvwwIP8TybJPFJ%2FCQm9SscNFn9ljC4EN0j5R3e9Kp3aHzyOprPSIDeGJYl4dtktx%2Fal03dTJUA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786083f2dfc5b4eb-OSL
alt-svc: h2=":443"; ma=60
oreakingoutin.info/popunder.gif
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 oreakingoutin.info/popunder.gif
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: oreakingoutin.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 301 Moved Permanently
Date: Sat, 07 Jan 2023 23:36:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 08 Jan 2023 00:36:24 GMT
Location: https://oreakingoutin.info/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvaWkmSF6XJFOfkTju%2B%2BC2uofaMoAcw7GyC6i2O9FUH4fUMHFklKRB8tNyBir9XezmCUayw%2BOc1tERVYTrqpnkYxzKIosAGNrFiabuC98I78G6XR0Nuub9fthcFC0MpHxM8SqKg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f30ff1b4eb-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/d_bottom_bg2.png
172.67.150.219200 OK 2.8 kB URL HTTP/1.1 cdn.neexulro.net/static/image/d_bottom_bg2.png
IP 172.67.150.219:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-e40381177193f2ef;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2024
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rClXuxbdC%2BgucLVf9ye6JLv3iHSxvHslWqv2Vb4orq55oK7n%2F4S2%2BgNaSIZEuhmc6e00pL668rD0PwP9d1g14HQsKPiN4Ub5705DMIQ1YB9CJ%2BEGIrebQprfNPU76ian3ZKO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f338c60b51-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/d_top_bg.png
172.67.150.219200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/d_top_bg.png
IP 172.67.150.219:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:02:40 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-4968c22d9bbfac4c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2024
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwa4UNmFS5BGCFkRkxqDgLcY35sucsenfLNOyOcFDlT9GysJl5sMMk1Vp6LmjI9O%2FFkKoanOPy%2B4DKKqDwXylGZN2Dy9dtL4TuIsHBcT82GdroO%2F7jphdyEYFLuQLCE%2FcoX0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f379070b51-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/1q1beIWMaWQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1q1beIWMaWQ
IP 142.250.74.131:0
Hash 76f61ac3a229b1e9e2ff5e1d85b65c27
a7465daa61653366a6a31a1ccfeb78ece251b7b9
0654c5b9731ffe13490b41cdb12e7ecffcb9576fc5610bc9d59c54cf03fcf957
POST /s/gts1p5/1q1beIWMaWQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 72c77defbaf70b99340064f11787f5c7
2d0104bed8450b0e6ee7b117b63863732e843120
6a6039c3747af0425573f40cc3df903ac4b8a5862efb989b6d9f18dbcff138b0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6A6039C3747AF0425573F40CC3DF903AC4B8A5862EFB989B6D9F18DBCFF138B0"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21315
Expires: Sun, 08 Jan 2023 05:31:39 GMT
Date: Sat, 07 Jan 2023 23:36:24 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/1q1beIWMaWQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1q1beIWMaWQ
IP 142.250.74.131:0
Hash 76f61ac3a229b1e9e2ff5e1d85b65c27
a7465daa61653366a6a31a1ccfeb78ece251b7b9
0654c5b9731ffe13490b41cdb12e7ecffcb9576fc5610bc9d59c54cf03fcf957
POST /s/gts1p5/1q1beIWMaWQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 659e6eebfc722c7065b84735c4609559
4ea173ad0b025693e955518b595a7f8833458622
79040ec4b1f0bffab5b3e9e71130d35a8ec01183bd31aedce7504414d9dc4c8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "79040EC4B1F0BFFAB5B3E9E71130D35A8EC01183BD31AEDCE7504414D9DC4C8C"
Last-Modified: Thu, 05 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5622
Expires: Sun, 08 Jan 2023 01:10:06 GMT
Date: Sat, 07 Jan 2023 23:36:24 GMT
Connection: keep-alive
push.services.mozilla.com/
52.24.78.9101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.24.78.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wmLFfqs+UpZsQ8t8zi8mLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vcVRopLSVNCk3iqVBTDO5qrrmoE=
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 659e6eebfc722c7065b84735c4609559
4ea173ad0b025693e955518b595a7f8833458622
79040ec4b1f0bffab5b3e9e71130d35a8ec01183bd31aedce7504414d9dc4c8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "79040EC4B1F0BFFAB5B3E9E71130D35A8EC01183BD31AEDCE7504414D9DC4C8C"
Last-Modified: Thu, 05 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5622
Expires: Sun, 08 Jan 2023 01:10:06 GMT
Date: Sat, 07 Jan 2023 23:36:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 659e6eebfc722c7065b84735c4609559
4ea173ad0b025693e955518b595a7f8833458622
79040ec4b1f0bffab5b3e9e71130d35a8ec01183bd31aedce7504414d9dc4c8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "79040EC4B1F0BFFAB5B3E9E71130D35A8EC01183BD31AEDCE7504414D9DC4C8C"
Last-Modified: Thu, 05 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5622
Expires: Sun, 08 Jan 2023 01:10:06 GMT
Date: Sat, 07 Jan 2023 23:36:24 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
172.67.150.219200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
IP 172.67.150.219:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sat, 14 Jan 2023 23:36:24 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-95f251b8bd8ef212;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCqM7DZT3%2F4hDhMXgS6IEB6OKuy1KRhrHpUlx2x0x18NCCsEeg84JQDDVuKPboYhYRWv22SyaDdFVTXKXwF7WNK%2BS54ls0I7MVNKTlWILoui0uvjaCeUE3OBE4RdpxDtaKZb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f27e2bb4e8-OSL
alt-svc: h2=":443"; ma=60
hatsamevill.xyz/TUZteTIsJA4UDSx7D19HPypQXAALY18/Vn4nBhRKPi0dEAQ3JwRXUSEpGB1UPykDDRwjIxlcAAt/Iz9eBBc1CWoDLzQXYBgHGjV6NQsvPgN6Il1NYQA8Hgx0CBQGM0oDFjc9RTkMBkh8CTwKFWoIBwc1ejUNKBNnPQoVSXgrP10PdRwqAhtbDCM7FGB1HBpMdwMvI0F1GAsYM3YYEjwtQWh0KzQDNQQiMWc+ADhNRQcFXRt3GjUiHXQcAwsxQjUTBjRFBy84L2M0NhkaAj0nIS4DNxUKL0IXKCsfcDUyGRoCPQIgOmh+EgU/Qw4rPzBwDgBIS3ApEFUxdX9rXANhJh8bG2oEcS8uXnQkXRZWKw4dAXobA1swS3ggLxELeyU4CncsHgEBYTUAHxxxLhI/E0U4CgowYCwxWA5hKgBeHHUuFi4uVWssHhZcPXsCKwcdIwgeBTQQHR0
65.9.44.33200 OK 1.2 kB URL HTTP/1.1 hatsamevill.xyz/TUZteTIsJA4UDSx7D19HPypQXAALY18/Vn4nBhRKPi0dEAQ3JwRXUSEpGB1UPykDDRwjIxlcAAt/Iz9eBBc1CWoDLzQXYBgHGjV6NQsvPgN6Il1NYQA8Hgx0CBQGM0oDFjc9RTkMBkh8CTwKFWoIBwc1ejUNKBNnPQoVSXgrP10PdRwqAhtbDCM7FGB1HBpMdwMvI0F1GAsYM3YYEjwtQWh0KzQDNQQiMWc+ADhNRQcFXRt3GjUiHXQcAwsxQjUTBjRFBy84L2M0NhkaAj0nIS4DNxUKL0IXKCsfcDUyGRoCPQIgOmh+EgU/Qw4rPzBwDgBIS3ApEFUxdX9rXANhJh8bG2oEcS8uXnQkXRZWKw4dAXobA1swS3ggLxELeyU4CncsHgEBYTUAHxxxLhI/E0U4CgowYCwxWA5hKgBeHHUuFi4uVWssHhZcPXsCKwcdIwgeBTQQHR0
IP 65.9.44.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3042), with no line terminators
Hash 4a3ea51cd7029532cdf4ba9d70cd5323
6ec72a3c493c0750bdf9c76983677c98890343cc
dfa0e2538c1cbc632a545320fb08dc0dc1559af9cb792fd7eb490b0ff7ee83f5
GET /TUZteTIsJA4UDSx7D19HPypQXAALY18/Vn4nBhRKPi0dEAQ3JwRXUSEpGB1UPykDDRwjIxlcAAt/Iz9eBBc1CWoDLzQXYBgHGjV6NQsvPgN6Il1NYQA8Hgx0CBQGM0oDFjc9RTkMBkh8CTwKFWoIBwc1ejUNKBNnPQoVSXgrP10PdRwqAhtbDCM7FGB1HBpMdwMvI0F1GAsYM3YYEjwtQWh0KzQDNQQiMWc+ADhNRQcFXRt3GjUiHXQcAwsxQjUTBjRFBy84L2M0NhkaAj0nIS4DNxUKL0IXKCsfcDUyGRoCPQIgOmh+EgU/Qw4rPzBwDgBIS3ApEFUxdX9rXANhJh8bG2oEcS8uXnQkXRZWKw4dAXobA1swS3ggLxELeyU4CncsHgEBYTUAHxxxLhI/E0U4CgowYCwxWA5hKgBeHHUuFi4uVWssHhZcPXsCKwcdIwgeBTQQHR0 HTTP/1.1
Host: hatsamevill.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1191
Connection: keep-alive
Date: Sat, 07 Jan 2023 23:36:24 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 2fe761c42f710dbc97bfbe41f450bf42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: aVllzUDq-cm3RRW0JSSLfUrpKMAHyvUjMeqeksMCIeUlc9Lgkb37ng==
neexulro.net/2market_bidshow.php?user_id=2744562&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=magnet%3A%3Fxt%3Durn%3Abtih%3AE7314F7C7D7BE744C2138BB088F9F8DADA96C516%26dn%3DStray.v1.4.MULTi16.REPACK-KaOs%26tr%3Dudp%253A%252F%252Ffe.dealclub.de%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.leechers-paradise.org%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252F9.rarbg.to%253A2710%252Fannounce%26tr%3Dudp%253A%252F%252Fexodus.desync.com%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.uw0.xyz%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fopen.stealth.si%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.tiny-vps.com%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.torrent.eu.org%253A451%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.opentrackr.org%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.moeking.me%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.internetwarriors.net%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.cyberia.is%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fopen.demonii.si%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.openbittorrent.com%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.opentrackr.org%253A1337%252Fannounce%26tr%3Dhttp%253A%252F%252Ftracker.openbittorrent.com%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Fopentracker.i2p.rocks%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.internetwarriors.net%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.leechers-paradise.org%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fcoppersurfer.tk%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.zer0day.to%253A1337%252Fannounce&url_id=7124224527&t=55348a641d7a0ffa877b7b77108d5d64&w=c2a111424463f5e8b4ee762771f27d32
104.21.0.99200 OK 82 B URL HTTP/1.1 neexulro.net/2market_bidshow.php?user_id=2744562&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=magnet%3A%3Fxt%3Durn%3Abtih%3AE7314F7C7D7BE744C2138BB088F9F8DADA96C516%26dn%3DStray.v1.4.MULTi16.REPACK-KaOs%26tr%3Dudp%253A%252F%252Ffe.dealclub.de%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.leechers-paradise.org%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252F9.rarbg.to%253A2710%252Fannounce%26tr%3Dudp%253A%252F%252Fexodus.desync.com%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.uw0.xyz%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fopen.stealth.si%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.tiny-vps.com%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.torrent.eu.org%253A451%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.opentrackr.org%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.moeking.me%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.internetwarriors.net%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.cyberia.is%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fopen.demonii.si%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.openbittorrent.com%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.opentrackr.org%253A1337%252Fannounce%26tr%3Dhttp%253A%252F%252Ftracker.openbittorrent.com%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Fopentracker.i2p.rocks%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.internetwarriors.net%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.leechers-paradise.org%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fcoppersurfer.tk%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.zer0day.to%253A1337%252Fannounce&url_id=7124224527&t=55348a641d7a0ffa877b7b77108d5d64&w=c2a111424463f5e8b4ee762771f27d32
IP 104.21.0.99:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c
GET /2market_bidshow.php?user_id=2744562&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=magnet%3A%3Fxt%3Durn%3Abtih%3AE7314F7C7D7BE744C2138BB088F9F8DADA96C516%26dn%3DStray.v1.4.MULTi16.REPACK-KaOs%26tr%3Dudp%253A%252F%252Ffe.dealclub.de%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.leechers-paradise.org%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252F9.rarbg.to%253A2710%252Fannounce%26tr%3Dudp%253A%252F%252Fexodus.desync.com%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.uw0.xyz%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fopen.stealth.si%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.tiny-vps.com%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.torrent.eu.org%253A451%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.opentrackr.org%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.moeking.me%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.internetwarriors.net%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.cyberia.is%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fopen.demonii.si%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.openbittorrent.com%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.opentrackr.org%253A1337%252Fannounce%26tr%3Dhttp%253A%252F%252Ftracker.openbittorrent.com%253A80%252Fannounce%26tr%3Dudp%253A%252F%252Fopentracker.i2p.rocks%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.internetwarriors.net%253A1337%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.leechers-paradise.org%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Fcoppersurfer.tk%253A6969%252Fannounce%26tr%3Dudp%253A%252F%252Ftracker.zer0day.to%253A1337%252Fannounce&url_id=7124224527&t=55348a641d7a0ffa877b7b77108d5d64&w=c2a111424463f5e8b4ee762771f27d32 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: FLYSESSID=lbbscgc3no6uoog0lu4m3knh8j; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:24 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJZjonxZeKw3K4YBDgZDlY1qMrw1YdPavQNY4Ah1o2WbDJa9H4HqrKLBaX6m1SXojJZOHjFMHUTtxmStVV6oCfMFwCJGOF1KZHRUyvhWN6hydL79UY4y1sepXOwVvLA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 786083f33835b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
hatsamevill.xyz/utx?cb=7fiTIgAxiCcL&top=neexulro.net&tid=709056
65.9.44.33204 No Content 0 B URL HTTP/2 hatsamevill.xyz/utx?cb=7fiTIgAxiCcL&top=neexulro.net&tid=709056
IP 65.9.44.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=7fiTIgAxiCcL&top=neexulro.net&tid=709056 HTTP/1.1
Host: hatsamevill.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 07 Jan 2023 23:36:24 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 07 Jan 2023 23:37:24 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a842e6ed7853f1a77f754cf5bae38910.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: Cu3VOUv4wHfK4A7y5Z5rMZc74Xka6bM6R7_rNrATgzs31SwBqZFhWA==
X-Firefox-Spdy: h2
hatsamevill.xyz/utx?cb=gYi2SR2KbBMC&top=neexulro.net&tid=604364
65.9.44.33204 No Content 0 B URL HTTP/2 hatsamevill.xyz/utx?cb=gYi2SR2KbBMC&top=neexulro.net&tid=604364
IP 65.9.44.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=gYi2SR2KbBMC&top=neexulro.net&tid=604364 HTTP/1.1
Host: hatsamevill.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 07 Jan 2023 23:36:24 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 07 Jan 2023 23:37:24 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a842e6ed7853f1a77f754cf5bae38910.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: kEhdtQwx5wDtg5rJQ0QjE2FRtvgxXksSkkc86SMLTpMKfNqGQV4aQg==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/1q1beIWMaWQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1q1beIWMaWQ
IP 142.250.74.131:0
Hash 76f61ac3a229b1e9e2ff5e1d85b65c27
a7465daa61653366a6a31a1ccfeb78ece251b7b9
0654c5b9731ffe13490b41cdb12e7ecffcb9576fc5610bc9d59c54cf03fcf957
POST /s/gts1p5/1q1beIWMaWQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oreakingoutin.info/NWl1N2UaVhZEWGc9GWc/BgEPcz1FOiFZJH4PIw4oUygdEldzPx5cQ0EAEQpTBV1GAVETGRxTWARPBkMEQRwGClQTABtRCghPAwpUG1pBGVYER0cREAhYU0MVVA5IBkNFHQFbWARfQgRUBl1AAFcMWUQ
188.114.96.1204 No Content 0 B URL HTTP/2 oreakingoutin.info/NWl1N2UaVhZEWGc9GWc/BgEPcz1FOiFZJH4PIw4oUygdEldzPx5cQ0EAEQpTBV1GAVETGRxTWARPBkMEQRwGClQTABtRCghPAwpUG1pBGVYER0cREAhYU0MVVA5IBkNFHQFbWARfQgRUBl1AAFcMWUQ
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NWl1N2UaVhZEWGc9GWc/BgEPcz1FOiFZJH4PIw4oUygdEldzPx5cQ0EAEQpTBV1GAVETGRxTWARPBkMEQRwGClQTABtRCghPAwpUG1pBGVYER0cREAhYU0MVVA5IBkNFHQFbWARfQgRUBl1AAFcMWUQ HTTP/1.1
Host: oreakingoutin.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 07 Jan 2023 23:36:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kD6mKaX6Uq00M7IRk2SdRseZrJN%2FtWRT3ij66OfaMi4gmVdsv%2F25cX5uNe4Quh00%2B7QS21TTDmjyIiyq0Gx5C%2B3l%2BFnZ0%2FsQKfcZfjlIZbEiBBFrtJ3PstGM30Hdt9E1zXX96bY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 786083f3995c0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oreakingoutin.info/ODNxeDYXDBILC21nHRNUVGEfO3BAVig/d3ZlHUFaYVQ3IG5vdlcMX1wORkgPCAZHXkZRV0xKDx5ABRlCTUBMSRBRXRcXCx5FTEkYCB1HSBgJFQRFBx5HARlRBQJXCEJMX0xJAA8AQEsCDQRDQAMB
188.114.96.1204 No Content 0 B URL HTTP/2 oreakingoutin.info/ODNxeDYXDBILC21nHRNUVGEfO3BAVig/d3ZlHUFaYVQ3IG5vdlcMX1wORkgPCAZHXkZRV0xKDx5ABRlCTUBMSRBRXRcXCx5FTEkYCB1HSBgJFQRFBx5HARlRBQJXCEJMX0xJAA8AQEsCDQRDQAMB
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ODNxeDYXDBILC21nHRNUVGEfO3BAVig/d3ZlHUFaYVQ3IG5vdlcMX1wORkgPCAZHXkZRV0xKDx5ABRlCTUBMSRBRXRcXCx5FTEkYCB1HSBgJFQRFBx5HARlRBQJXCEJMX0xJAA8AQEsCDQRDQAMB HTTP/1.1
Host: oreakingoutin.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 07 Jan 2023 23:36:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdIYNEG7%2Bs9ZxOoiRi7WUmcs1XowN%2FnlheRfW8BPJMsWsdCtDL0mIRIoxZKUKZ7I13keX0uAKfTP6jqy3JrwBU5QpS6Cyyf9Amnhs5QItiv2DgSyXnhMjYQSJylWLxnJi26CZjI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 786083f3f9af0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hatsamevill.xyz/Y0UxMjICJ1JfDQJ4UxRHESkMFwAlYAN0VlIkAlhQVi1bXEtWNgUcUQ8qRFZUESpfRhwNIEUXACUTY18KUBQBAl4iA1peUQkMdmcBVnNVXmsrIV9GVSEQYEF7GR9iYEoQAHNKQjIBZVV5KA0FQnsJAFB3ZgB2eF57Kx9id1wiE3MXACEkSH9wNQ0ECmsicGV7aiE8Ymd/GQxYA2ExBnADfjE1cHxLNj15YHdRCXlBcTQBWll5BAtmaFxbBGZaXhkkeWBUKz9gWXkiMWh8dlYvaWNRFwpmfFYhdnsLUyV9YlFzWi9pY1FTD3JaaCJ3axcAIQd0XXQAP2dFZRtoe0V2UQtVcEgmcmgDSlEmXwNIMhRVQ1MrF1dncTowfWNzMCZgRgI7MmtIVDshV3BfOWADdFYEKVR/YQQicHcLDiNGcFchdmtYVggpclRcFGNbQV0NNQxCaioERFV8Fgl2e1gMMkQ
65.9.44.33200 OK 1.2 kB URL HTTP/1.1 hatsamevill.xyz/Y0UxMjICJ1JfDQJ4UxRHESkMFwAlYAN0VlIkAlhQVi1bXEtWNgUcUQ8qRFZUESpfRhwNIEUXACUTY18KUBQBAl4iA1peUQkMdmcBVnNVXmsrIV9GVSEQYEF7GR9iYEoQAHNKQjIBZVV5KA0FQnsJAFB3ZgB2eF57Kx9id1wiE3MXACEkSH9wNQ0ECmsicGV7aiE8Ymd/GQxYA2ExBnADfjE1cHxLNj15YHdRCXlBcTQBWll5BAtmaFxbBGZaXhkkeWBUKz9gWXkiMWh8dlYvaWNRFwpmfFYhdnsLUyV9YlFzWi9pY1FTD3JaaCJ3axcAIQd0XXQAP2dFZRtoe0V2UQtVcEgmcmgDSlEmXwNIMhRVQ1MrF1dncTowfWNzMCZgRgI7MmtIVDshV3BfOWADdFYEKVR/YQQicHcLDiNGcFchdmtYVggpclRcFGNbQV0NNQxCaioERFV8Fgl2e1gMMkQ
IP 65.9.44.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Hash 93072d779bb02e310bffcc4ec161173c
bea97b0ec9f53e1097040b6559f6bdf9a4be8eb5
bf5c67460bb487e84b47d98caba631b5261431ed09996f8e24e13c1a18352e48
GET /Y0UxMjICJ1JfDQJ4UxRHESkMFwAlYAN0VlIkAlhQVi1bXEtWNgUcUQ8qRFZUESpfRhwNIEUXACUTY18KUBQBAl4iA1peUQkMdmcBVnNVXmsrIV9GVSEQYEF7GR9iYEoQAHNKQjIBZVV5KA0FQnsJAFB3ZgB2eF57Kx9id1wiE3MXACEkSH9wNQ0ECmsicGV7aiE8Ymd/GQxYA2ExBnADfjE1cHxLNj15YHdRCXlBcTQBWll5BAtmaFxbBGZaXhkkeWBUKz9gWXkiMWh8dlYvaWNRFwpmfFYhdnsLUyV9YlFzWi9pY1FTD3JaaCJ3axcAIQd0XXQAP2dFZRtoe0V2UQtVcEgmcmgDSlEmXwNIMhRVQ1MrF1dncTowfWNzMCZgRgI7MmtIVDshV3BfOWADdFYEKVR/YQQicHcLDiNGcFchdmtYVggpclRcFGNbQV0NNQxCaioERFV8Fgl2e1gMMkQ HTTP/1.1
Host: hatsamevill.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1199
Connection: keep-alive
Date: Sat, 07 Jan 2023 23:36:25 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 a970743f386cb7ff58c6ef8459b5f9e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: VMBP9byu7zS2e1Z8j0G2PnUYnLA7XwN1zNmnlCaRgBaovzm-KEIE_Q==
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 659e6eebfc722c7065b84735c4609559
4ea173ad0b025693e955518b595a7f8833458622
79040ec4b1f0bffab5b3e9e71130d35a8ec01183bd31aedce7504414d9dc4c8c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "79040EC4B1F0BFFAB5B3E9E71130D35A8EC01183BD31AEDCE7504414D9DC4C8C"
Last-Modified: Thu, 05 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5621
Expires: Sun, 08 Jan 2023 01:10:06 GMT
Date: Sat, 07 Jan 2023 23:36:25 GMT
Connection: keep-alive
neexulro.net/funcript1673134572884.php?pub=2744562&v=zNQy0oNjTIYkyVLnCIJs2IICjMouyULDCMJxj8aCyeIv6ZdWHZJy1lZmSRwgiEcDGMFx0AIDjMox0AMjiMwvi8Y2maljuVZ2ERVgskZCWM1ulUbDnMQxioOjidJyzBay2Ol0wYXD2eJg1sMDnNR204bW2a4XiBLyCOJwo4YCXMNxoAICjVoOiBNymcV3m9OGTZdumlN2mVUozAZCDMIu5UMzWLMh1xOGTbYp4pN3mbENwJZiGOQi4QNnjbRlidMWDYZyiVZ2mcQ1iJfyQe==
104.21.0.99200 OK 767 B URL HTTP/2 neexulro.net/funcript1673134572884.php?pub=2744562&v=zNQy0oNjTIYkyVLnCIJs2IICjMouyULDCMJxj8aCyeIv6ZdWHZJy1lZmSRwgiEcDGMFx0AIDjMox0AMjiMwvi8Y2maljuVZ2ERVgskZCWM1ulUbDnMQxioOjidJyzBay2Ol0wYXD2eJg1sMDnNR204bW2a4XiBLyCOJwo4YCXMNxoAICjVoOiBNymcV3m9OGTZdumlN2mVUozAZCDMIu5UMzWLMh1xOGTbYp4pN3mbENwJZiGOQi4QNnjbRlidMWDYZyiVZ2mcQ1iJfyQe==
IP 104.21.0.99:0
Hash 19dc05b35bafc28455bdf1a4470afcc9
016d774578960fc5284fce159b0c0c4a016ac43c
8008570f5b7618bc82a3096a93927ee1e8084d1a2f116b60f7d07d8beb35eac4
GET /funcript1673134572884.php?pub=2744562&v=zNQy0oNjTIYkyVLnCIJs2IICjMouyULDCMJxj8aCyeIv6ZdWHZJy1lZmSRwgiEcDGMFx0AIDjMox0AMjiMwvi8Y2maljuVZ2ERVgskZCWM1ulUbDnMQxioOjidJyzBay2Ol0wYXD2eJg1sMDnNR204bW2a4XiBLyCOJwo4YCXMNxoAICjVoOiBNymcV3m9OGTZdumlN2mVUozAZCDMIu5UMzWLMh1xOGTbYp4pN3mbENwJZiGOQi4QNnjbRlidMWDYZyiVZ2mcQ1iJfyQe== HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 23:36:25 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CN17scnSQvuUSvNiKHMeB5mq5FpM4vs8z%2FX5LUxeWaA6kt19Gr1Q1FdYID%2BGuosFLIFMLfYh%2BzNGhPGPczqUP6nKN9vn26H1McyS10FWkIV6ZJxhk7bb1aWbl8CKNHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 786083f3fd040b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adf.ly/static/other/main.html
104.20.67.244200 OK 2.4 kB URL HTTP/1.1 adf.ly/static/other/main.html
IP 104.20.67.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Hash b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e
GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 23:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-8936a98b6e2a0431;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786083f4fdb80b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.google-analytics.com/ga.js
142.250.74.14200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sat, 07 Jan 2023 23:34:16 GMT
Expires: Sun, 08 Jan 2023 01:34:16 GMT
Cache-Control: public, max-age=7200
Age: 129
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 72c77defbaf70b99340064f11787f5c7
2d0104bed8450b0e6ee7b117b63863732e843120
6a6039c3747af0425573f40cc3df903ac4b8a5862efb989b6d9f18dbcff138b0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6A6039C3747AF0425573F40CC3DF903AC4B8A5862EFB989B6D9F18DBCFF138B0"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21314
Expires: Sun, 08 Jan 2023 05:31:39 GMT
Date: Sat, 07 Jan 2023 23:36:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 15d71d16973e737741f664044f4281ba
2529884d0c4b41752d8cdbed4d1ca996820e6f0d
cc93cc0cd6a9fa4032b9a8d1d80e081a1baff7457a72804c87dfe9024b1b943e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da7ec93331115a56d02c21741e842b75
404bb54f30808d62e5a981f4a92b6afebe0c3003
3b2283c2f0d27b3a2c83e9275017ea72ae7245e5e7bac35627f99fe9e940035c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:25 GMT
Last-Modified: Sat, 07 Jan 2023 22:15:56 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
d3akmxskpi6zai.cloudfront.net/9NFlIQXpXNiYnRUAwLHxMBG17d04SMzsuFERkJxNPZDwtJk1NDzglXEAjLHxKEjUpLx0Jfy0vGQlobiAeVmR8Zw5ENiN8GUMuJDUTQTs/M1xBOHUsFU4wJC0bEWsOdFQEfHpxUkMwJiUVQyptc0paLW1zSgVpZnFfBxttc0pDMCZ3ThFqCmRIBCF+dV8HG2-1zSkYvbXI7BWl9b0odfHpxHVE6Iy5fBh96cUsEaXlxSxFreCcTRjwuLgIRaw5wSgF3eGcPCWg
54.230.245.221200 OK 522 B URL HTTP/1.1 d3akmxskpi6zai.cloudfront.net/9NFlIQXpXNiYnRUAwLHxMBG17d04SMzsuFERkJxNPZDwtJk1NDzglXEAjLHxKEjUpLx0Jfy0vGQlobiAeVmR8Zw5ENiN8GUMuJDUTQTs/M1xBOHUsFU4wJC0bEWsOdFQEfHpxUkMwJiUVQyptc0paLW1zSgVpZnFfBxttc0pDMCZ3ThFqCmRIBCF+dV8HG2-1zSkYvbXI7BWl9b0odfHpxHVE6Iy5fBh96cUsEaXlxSxFreCcTRjwuLgIRaw5wSgF3eGcPCWg
IP 54.230.245.221:0
File type ASCII text, with very long lines (712), with no line terminators
Hash 564ebefdee15617b6c379ae548aaceec
19ca6dcc7beaa0e75b17424d1e0bca700d575781
3180c555bd3816ee4824b535373bcfdb0ee6fe5773d3aac0657380626bfbb1a8
GET /9NFlIQXpXNiYnRUAwLHxMBG17d04SMzsuFERkJxNPZDwtJk1NDzglXEAjLHxKEjUpLx0Jfy0vGQlobiAeVmR8Zw5ENiN8GUMuJDUTQTs/M1xBOHUsFU4wJC0bEWsOdFQEfHpxUkMwJiUVQyptc0paLW1zSgVpZnFfBxttc0pDMCZ3ThFqCmRIBCF+dV8HG2-1zSkYvbXI7BWl9b0odfHpxHVE6Iy5fBh96cUsEaXlxSxFreCcTRjwuLgIRaw5wSgF3eGcPCWg HTTP/1.1
Host: d3akmxskpi6zai.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hatsamevill.xyz/
HTTP/1.1 200 OK
Content-Length: 522
Connection: keep-alive
Date: Sat, 07 Jan 2023 23:36:25 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TZO1TYxFdUA2MsFpRiPSYY5QvXWuOWUrNjC12L-3G1wmmjHeOXDJ4Q==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 15d71d16973e737741f664044f4281ba
2529884d0c4b41752d8cdbed4d1ca996820e6f0d
cc93cc0cd6a9fa4032b9a8d1d80e081a1baff7457a72804c87dfe9024b1b943e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1510172505&utmhn=neexulro.net&utme=8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134573384&utmac=UA-6469700-9&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=12013246&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
142.250.74.14302 Found 367 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1510172505&utmhn=neexulro.net&utme=8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134573384&utmac=UA-6469700-9&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=12013246&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d6450b2ce7f29b6fa5d3b92630c3e927
06e2c0c046e68d2a44280f16c2b16b73c2ad1886
ed82285780dd4de7241cba0f020d9117b9a3ededb207861ee36b3814d9d6de4a
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1510172505&utmhn=neexulro.net&utme=8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134573384&utmac=UA-6469700-9&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=12013246&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=310040843.1673134573&jid=12013246&_v=5.7.2&z=1510172505
Access-Control-Allow-Origin: *
Date: Sat, 07 Jan 2023 23:36:25 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 367
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=746137013&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134573389&utmac=UA-36753711-1&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=955929506&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAABAAAE~
142.250.74.14200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=746137013&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134573389&utmac=UA-36753711-1&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=955929506&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAABAAAE~
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=2&utmn=746137013&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134573389&utmac=UA-36753711-1&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=955929506&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Sat, 07 Jan 2023 23:36:25 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
pogothere.xyz/asd100.bin
172.64.132.29200 OK 103 kB IP 172.64.132.29:0
Size 103 kB (102794 bytes)
Hash 682d98abc0188c3175154120f5360576
6e1a57b6116ba98de9fc7c3aa189114fed3fb316
8a7656e8bc34c39b3177e4e2567547e9d8d7ee8e3ea4480a1f3419aa53c5aae3
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 07 Jan 2023 23:36:24 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6526
last-modified: Sat, 07 Jan 2023 21:47:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFx4kdMMdZsI57uj8H39pfdXxKpjvfNNdCv%2FyvN1O4qleyq36mrQUeZAJ3tkENOVBqwBMwZX4SSYLc0GNak4YvXSPaqz6pGMkybEYUH0MySTyheAosYpUIfLwUkLcu0Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 786083f42dc924d7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1a3jb5hjny5s4.cloudfront.net/VRm83Q00lAFklcjIGU356dlYHdntgBUQsIzZSRxsEBxpQDTgKKH4pIjEaETc3IlIHZSEnAVB+ayMBVH58YA5TIXBySUMzIi1SRCA1LRpANyUxHRE2LHsCWDkkKgNWZn8AWhlzaHRfHzQkKAtYND5jXQctOWNdB3J9aF8ScA9jXQc0JChZA2Z+BEoFczVwWx-JwD2NdBzE7Y1x2cn1zQQdqaHRfUCYuLQAScQt0XwZzfXdfBmZ/dgleMSggAE9mfwBeB3ZjdklCfnw
54.230.245.85200 OK 456 B URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/VRm83Q00lAFklcjIGU356dlYHdntgBUQsIzZSRxsEBxpQDTgKKH4pIjEaETc3IlIHZSEnAVB+ayMBVH58YA5TIXBySUMzIi1SRCA1LRpANyUxHRE2LHsCWDkkKgNWZn8AWhlzaHRfHzQkKAtYND5jXQctOWNdB3J9aF8ScA9jXQc0JChZA2Z+BEoFczVwWx-JwD2NdBzE7Y1x2cn1zQQdqaHRfUCYuLQAScQt0XwZzfXdfBmZ/dgleMSggAE9mfwBeB3ZjdklCfnw
IP 54.230.245.85:0
File type ASCII text, with very long lines (595), with no line terminators
Hash 3d3c82a9867d28d16675eceb69e02fae
e7fe5ae63e68a973f095d5860d8105a345b87286
43e97afd5aec8c6d66789370ed62886f1ee7be52dbbc73bc687f178f1b9aef62
GET /VRm83Q00lAFklcjIGU356dlYHdntgBUQsIzZSRxsEBxpQDTgKKH4pIjEaETc3IlIHZSEnAVB+ayMBVH58YA5TIXBySUMzIi1SRCA1LRpANyUxHRE2LHsCWDkkKgNWZn8AWhlzaHRfHzQkKAtYND5jXQctOWNdB3J9aF8ScA9jXQc0JChZA2Z+BEoFczVwWx-JwD2NdBzE7Y1x2cn1zQQdqaHRfUCYuLQAScQt0XwZzfXdfBmZ/dgleMSggAE9mfwBeB3ZjdklCfnw HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hatsamevill.xyz/
HTTP/1.1 200 OK
Content-Length: 456
Connection: keep-alive
Date: Sat, 07 Jan 2023 23:36:25 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -QsBAFEIKGbhJwZ3H51t0dMEMYpv3VKmyB8QbFM3qNGoieXvRjylYA==
hatsamevill.xyz/utx?cb=lqCIUXXkOkqJ&top=neexulro.net&tid=709056
65.9.44.33204 No Content 29 B URL HTTP/2 hatsamevill.xyz/utx?cb=lqCIUXXkOkqJ&top=neexulro.net&tid=709056
IP 65.9.44.33:0
Hash 502a0b9f75983746901d28177d9df97c
5148b20f7a5f78ba1f07d3c44e7d4963001c2838
1501be4d6610648b895c87f0278a420f6d3955d99e64b92aa5753a3dc80c785e
GET /utx?cb=lqCIUXXkOkqJ&top=neexulro.net&tid=709056 HTTP/1.1
Host: hatsamevill.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 07 Jan 2023 23:36:25 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 07 Jan 2023 23:37:25 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 a842e6ed7853f1a77f754cf5bae38910.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: e1DcOUbu9HfFn-nRGfH5tWG2LPZetPYHkLezrYBfiOvr8rPdaWPt-g==
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.132.29200 OK 104 kB IP 172.64.132.29:0
Size 104 kB (103972 bytes)
Hash 92cab6114c2cee0e160d283bad7bd6d7
04f0bca69a318d8cf13fcc331648ec50de0ba6ac
d4c68558f4f3f16499c0465798535773953ea6633605c6f75ca5cd81de5bf165
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 07 Jan 2023 23:36:24 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6526
last-modified: Sat, 07 Jan 2023 21:47:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DTjo297jTAPw7nKlB3KJZRG5ZwAP3eDp4OmsUTUm4cgb5df%2BEBwqRJ2XT7w4iuDUiSJxbQBQRNni0ySuxk10t5OpWGurztNOtuDAM%2FuLJ61GnAJOZkZNJ1jiYnnYiAz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 786083f41dba24d7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.29200 OK 418 B IP 172.64.132.29:0
File type ASCII text, with no line terminators
Hash 334062deeb7972694f3179dc6271562d
c19d41ee56f81f1d979ae438922abed5fac33ac4
f8ba574101aeff587e37bd68ef4fa8624735651ca0c12a4759b2f8956cff2a89
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 23:36:25 GMT
content-type: text/plain
set-cookie: csu=1293793080504530@1@1673134585; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4zWz7jsDpy0kxlJ7rr5ScWbhAoKS4f3LARvwO4SOMhEZUPXI6FLP2US0pr8imC66%2B24xL7h7YP7urDRugzuIpjAVGaCg64Duk0uzCB7rwQ8yt8Frv%2BS56FhBRrfxIBT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 786083f43dea24d7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 910d902590c4dce2c5fde148d455a94c
05617b6a2fd1a7eb4fcb098a7ce48011d3f835bc
3bfd7cff0474a36458748e4cc6dfa647fdd7bd8b4fa792079042a04c7dffe0b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=310040843.1673134573&jid=12013246&_v=5.7.2&z=1510172505
74.125.131.157200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=310040843.1673134573&jid=12013246&_v=5.7.2&z=1510172505
IP 74.125.131.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=310040843.1673134573&jid=12013246&_v=5.7.2&z=1510172505 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Jan 2023 23:36:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da7ec93331115a56d02c21741e842b75
404bb54f30808d62e5a981f4a92b6afebe0c3003
3b2283c2f0d27b3a2c83e9275017ea72ae7245e5e7bac35627f99fe9e940035c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:25 GMT
Last-Modified: Sat, 07 Jan 2023 22:15:56 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 23:36:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.neexulro.net/static/image/apple-touch-icon.png
172.67.150.219403 Forbidden 436 B URL HTTP/1.1 cdn.neexulro.net/static/image/apple-touch-icon.png
IP 172.67.150.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a
GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251IDSH/46i?rndad=1532635802-1673134583
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1673134572.1.0.1673134573.0.0.0; _ga=GA1.1.310040843.1673134573
HTTP/1.1 403 Forbidden
Date: Sat, 07 Jan 2023 23:36:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DYcDnB0%2FF7m4yMvX5Ux8eIZ%2BbRfm9un6HQ20mOK0XCQna7iRoYZpaZw9Bo6WAFxSR8Y8RnNhsdVc5MoN7zGLZmTZWCzKbZlEm%2B4fMTEfiO9snoEDs5%2B%2BNwcPb1aOISl65pX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 786083f5bb1b0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
oreakingoutin.info/popunder.gif
188.114.96.1200 OK 51 kB URL HTTP/2 oreakingoutin.info/popunder.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df0e953618f11f6f09e3b18d7c8fa818
782e3f074eeea82b88ed425d4fb0e9be9aa22222
d7ef788e4f235d7c948bef5ebc6d035b5ba2f4ad45a64cb6e1c164bb480a60aa
GET /popunder.gif HTTP/1.1
Host: oreakingoutin.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 23:36:24 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 75241
last-modified: Sat, 07 Jan 2023 02:42:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRLBPZGwtZ6oTfe5%2FSrIF2jhkaeqrXoIjaz7ykZ%2BYA7ghTgnqmUv3VRXSuruq2ZNq7wOFEIqAejtXhvAd%2F1DubByO075HXz50RRMNlRrEjYYjnPyVlIlG6nUidc92yI9VFO3VP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 786083f409b20b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L>m=2oe120&_p=1015521528&cid=310040843.1673134573&ul=en-us&sr=1280x1024&_s=1&sid=1673134572&sct=1&seg=0&dl=http%3A%2F%2Fneexulro.net%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L>m=2oe120&_p=1015521528&cid=310040843.1673134573&ul=en-us&sr=1280x1024&_s=1&sid=1673134572&sct=1&seg=0&dl=http%3A%2F%2Fneexulro.net%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GT41R23D5L>m=2oe120&_p=1015521528&cid=310040843.1673134573&ul=en-us&sr=1280x1024&_s=1&sid=1673134572&sct=1&seg=0&dl=http%3A%2F%2Fneexulro.net%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://neexulro.net
date: Sat, 07 Jan 2023 23:36:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 6.4 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Hash eb18e0a9eac9854f45d36df650290f31
7ee276c265f57454e70b65fed5c02f147099e51d
652be7ca843e15d3ad09bbdadf6c73c2fc455cb3df6ff73a5ca49038b0427e9b
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 22z8fimgz+C7XVFPVx3qbF6KQnp3DDjJoatxu8qjePTx4AYdr5iYlGK34UEC9ZQUb6OuNZ2c6XjV8YfL/WqjXQ==
date: Sat, 07 Jan 2023 23:36:25 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Sat, 07 Jan 2023 23:36:25 GMT
Connection: keep-alive
Content-Length: 0
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14350
Expires: Sun, 08 Jan 2023 03:35:36 GMT
Date: Sat, 07 Jan 2023 23:36:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14350
Expires: Sun, 08 Jan 2023 03:35:36 GMT
Date: Sat, 07 Jan 2023 23:36:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14350
Expires: Sun, 08 Jan 2023 03:35:36 GMT
Date: Sat, 07 Jan 2023 23:36:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5dc193698e3154c6727f0f8a468f4896
ac3e055c64cc024e55bbdc2bdfdb07799f06f83b
4e7fa4cc65a3514cd05a6582a7bcafa3b898cf9cf5fcc5f580c4b05c2b09e5e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14548
x-amzn-requestid: 0cd053bc-a097-4556-b8c0-915bbb88f514
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTwpdHmRIAMFQRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c7d5-2ef52fce3665e4186b885964;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:03:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zMJf0AJITcZpkBO6RdriTA5M4yIcO7e6N1_KmCh923nYMmOsRfuSGA==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 07:39:51 GMT
age: 57395
etag: "ac3e055c64cc024e55bbdc2bdfdb07799f06f83b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd37b37f6-0573-4e9c-a9a7-e929e467ad92.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd37b37f6-0573-4e9c-a9a7-e929e467ad92.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1cff64e08720bab2f19d7f3649776cb
9a3a7926851f5b902977cd16430e1cc4289bd222
b3dadac3a431a57c0c2cb3627dfcba8d81917efc0f227d9b7c9cd356e072a28f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd37b37f6-0573-4e9c-a9a7-e929e467ad92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6903
x-amzn-requestid: 4b171872-69b6-443a-8a17-2567e164549f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTxzEFnkIAMF09w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c9ad-6affd2bd5d1bc0572faa2b3b;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wDg8MwE6fQk7WB6QtUYfaM6QdZBctOXIR0ZkbxkpyBiZprZcEPlTEg==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 07:37:06 GMT
age: 57560
etag: "9a3a7926851f5b902977cd16430e1cc4289bd222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973f3653-99a9-4d8b-a3ca-26124b0a7350.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973f3653-99a9-4d8b-a3ca-26124b0a7350.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c7a07834f3ef5cfbd27c91b49c2df3e
5f53a0fd71f8ba434419f6c43e922d785302a7fa
43fe896ad03ec8ca66cccca45cf4edebf2d6b2801fe0b10e5cf215a753fb1d34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973f3653-99a9-4d8b-a3ca-26124b0a7350.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11694
x-amzn-requestid: 840b4dd7-e46f-4e7c-8d4f-711d2aab8595
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ4C9GjVIAMFfhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d3ac-134744d563ff9f7455c10c72;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:05:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CHFsO0cW-zhk34DjUlvCrkPBGw8XSsbAXoaljJaiz5BTGzyLRpHYhA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 04:48:08 GMT
age: 67698
etag: "5f53a0fd71f8ba434419f6c43e922d785302a7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 407fef75-2217-4da7-8ea8-b5ede48a0615
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNKshEEvoAMFkMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b524b6-72ca4e7b3034e7ac1f3fa1ed;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:03:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xOpZDrVh8MsfFqh0HuJJIWFvlgIm0jUE73p9MpgRA1PO_VAv0vP2nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 16:43:14 GMT
age: 24792
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc604aed78008733f09b024b71a6fda9
0f3f633b0b34ac3662febdc45704362c49622a42
7c4f5871e571148c25f83b8676846ab1b0e82be3f4a1b3fb7c05bfe23e29c1b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9644
x-amzn-requestid: 63281b3f-e673-4836-9729-7f595b0fb8b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDu5FkioAMF9tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65f-5869b987090de6f758472be9;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JsNm98uTnFfNyDnk651OGxB92JTaNKc7H92yP3FCBhUb9BBsFs-Ygg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:41:46 GMT
age: 6880
etag: "0f3f633b0b34ac3662febdc45704362c49622a42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd30a0870-7ffa-4b03-b726-03d60ff15842.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd30a0870-7ffa-4b03-b726-03d60ff15842.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c58ad285780651622892d30a6c1e66f
90eb61d9434ce2574932168ec17109285e38f88f
8b782f6d2f34d2c328c33f92e11fb0503114f3044472939a5622f985a61ca10f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd30a0870-7ffa-4b03-b726-03d60ff15842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: b3b64efa-b34d-45d9-bb88-6f6cd6944a2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTNhhGI6IAMFT2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b78fa3-6f8071403bde1f0040135133;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 03:04:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eLzTJctAd0mc8ElAxmyOEmt6EAaZpjNQud1wh7w3uafVRiGlQuCJrA==
via: 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 03:23:23 GMT
age: 72783
etag: "90eb61d9434ce2574932168ec17109285e38f88f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=867091399&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134577891&utmac=UA-6469700-9&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAABAAAE~
142.250.74.14200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=867091399&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134577891&utmac=UA-6469700-9&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAABAAAE~
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=3&utmn=867091399&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1015521528&utmr=-&utmp=%2F-30251IDSH%2F46i%3Frndad%3D1532635802-1673134583&utmht=1673134577891&utmac=UA-6469700-9&utmcc=__utma%3D218196230.310040843.1673134573.1673134573.1673134573.1%3B%2B__utmz%3D218196230.1673134573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sat, 07 Jan 2023 13:34:18 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 36131
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
accounts.google.com/v3/signin/identifier?dsh=S-452118225%3A1673134585316302&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7h29q7m-h-A7hWXVcyou1imKHw8S72K6BjxD3gUuJ4OiRCSFxzhlrh5S8oHCPzo0odGqKUjw
216.58.211.13403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-452118225%3A1673134585316302&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7h29q7m-h-A7hWXVcyou1imKHw8S72K6BjxD3gUuJ4OiRCSFxzhlrh5S8oHCPzo0odGqKUjw
IP 216.58.211.13:0
GET /v3/signin/identifier?dsh=S-452118225%3A1673134585316302&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7h29q7m-h-A7hWXVcyou1imKHw8S72K6BjxD3gUuJ4OiRCSFxzhlrh5S8oHCPzo0odGqKUjw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 07 Jan 2023 23:36:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-OStq5aGSDlmv1nFsju33YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/jquery.loadmask.css
104.20.67.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/jquery.loadmask.css
IP 104.20.67.244:0
GET /static/css/jquery.loadmask.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 23:36:25 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=850
cache-control: public, max-age=604800
etag: W/"352-5faa60e6-ed1d36b7b05a6c35;gz"
expires: Sat, 14 Jan 2023 23:09:16 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1629
server: cloudflare
cf-ray: 786083f6494cb509-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/core_default.css
104.20.67.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/core_default.css
IP 104.20.67.244:0
GET /static/css/core_default.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 23:36:25 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=41418
cache-control: public, max-age=604800
etag: W/"a1ca-5faa60e6-43aa68c40fef0c2b;gz"
expires: Sat, 14 Jan 2023 23:09:16 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1629
server: cloudflare
cf-ray: 786083f6494ab509-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
104.20.67.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP 104.20.67.244:0
GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 23:36:25 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=25476
cache-control: public, max-age=604800
etag: W/"6384-5faa60e6-2ce8da3c9d76af49;gz"
expires: Sat, 14 Jan 2023 23:09:16 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1629
server: cloudflare
cf-ray: 786083f64946b509-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2