r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8420
Expires: Fri, 06 Jan 2023 09:36:23 GMT
Date: Fri, 06 Jan 2023 07:16:03 GMT
Connection: keep-alive
homoluath.com/2LEq
172.67.208.161301 Moved Permanently 0 B IP 172.67.208.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /2LEq HTTP/1.1
Host: homoluath.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=91ee5ceb1jntjgpkphbhh7gtl7; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: adfly
strict-transport-security: max-age=0
location: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q4theTLc3iGxLb5RBbLzsuK7QEr8E7ICaNhcLbbhnGyxhosNq5Yz04QXgk5U8xxqrjySfsz7GSxh%2FvtkEEnAts4UrnXV6BleN76nzsJGfKFc6xM9gbFlBKZkwLjRAaq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7852aa835ae1b50f-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7333
Expires: Fri, 06 Jan 2023 09:18:17 GMT
Date: Fri, 06 Jan 2023 07:16:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2652
Expires: Fri, 06 Jan 2023 08:00:16 GMT
Date: Fri, 06 Jan 2023 07:16:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 06:48:00 GMT
content-type: application/json
age: 1684
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h9XsvqDcZY3S0NWc2khqlu53+b8mik6gQ7FhdK8QlUzq53KiJAoyvVuqlw/FLgF4uXC/eD+8Eb4=
x-amz-request-id: QRMCDYTB33SR5ZZA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 06:59:53 GMT
age: 971
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 07:16:04 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
172.64.109.35200 OK 5.8 kB URL HTTP/1.1 neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
IP 172.64.109.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (552), with CRLF, LF line terminators
Hash 2e2c33eb9a3e14c6cbc80eb9e54d4ba1
e2850af544333a7f8d8f90e2503de8a0b841866a
856bf9b6fae07a68e2f7f76d86076dab802b7e9cf4ac163bd6aefa761b504271
GET /-81182OXSD/2LEq?rndad=1532635802-1672989363 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=hqevk1bpu3s5iqnlvsh0ngc9m3; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Sat, 07-Jan-2023 07:16:04 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Sat, 07-Jan-2023 07:16:04 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp3=1532635802; expires=Sat, 07-Jan-2023 07:16:04 GMT; Max-Age=86400; path=/; domain=.neexulro.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 06 Jan 2023 07:16:04 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGgibI84nmuTR1WJh%2FvOYkG6Rae0gp22B7e4r7w6XkJv52shL78CW4Txxo42yXXgQLwZ9fRIxNk7PXf5uJaS6e5d6PR83L8gE%2BRZ1%2FptUYiEliIv1Arx9F8vleQKzOQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7852aa856c3274a5-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 03 Jan 2023 19:28:19 GMT
Expires: Wed, 03 Jan 2024 19:28:19 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 215265
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
cdn.neexulro.net/static/css/adfly_7.css
172.64.108.35200 OK 875 B URL HTTP/1.1 cdn.neexulro.net/static/css/adfly_7.css
IP 172.64.108.35:0
File type ASCII text, with very long lines (2735), with no line terminators
Hash f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a
GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-6a5aa4acec833b9;gz"
expires: Fri, 13 Jan 2023 07:02:14 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 830
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyX9r%2F%2BZQki947W%2B%2F%2FNMnf%2BwkfV9P4bF8eMVf1BqnM%2BZoTMZbU71tZQWTW3H2ZsZAL9mdvc0S%2B1cMUz%2F0a8JeTKG0MARQrgdiIA%2FZiCsyEa9me76iGdOQqgSwrABhZp7TOOf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7852aa875e1cd184-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/view118_bidshow.js
172.64.108.35200 OK 4.0 kB URL HTTP/1.1 cdn.neexulro.net/static/js/view118_bidshow.js
IP 172.64.108.35:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:07 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-3bacd69da000f03;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 837
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSuun%2BhpRwtPQ2dAnUWtWqXne5eyIVpYVKivq9GdKMTUDOcnP21YR%2FpXWDAumVj%2BVPKIT8EWj147Vk8Jj4oxKYNHzVPRR1aeeuDiKuveGLBCfa1zyTU824BW%2FEnU%2BClMYRM4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7852aa875cca8e0f-LHR
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/amvn.js
172.64.108.35200 OK 84 kB URL HTTP/1.1 cdn.neexulro.net/static/js/amvn.js
IP 172.64.108.35:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash a48391265ab5744c27845e3eaf564c32
4204b1879201e45cd24207e59a96e6cc6e5098b4
c607472726677f5d65d17f4956482f90f8fc04e5ab08e9f88e742e448c6003ab
GET /static/js/amvn.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: application/x-javascript
Content-Length: 84317
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:18 GMT
last-modified: Fri, 06 Jan 2023 00:20:02 GMT
etag: "3f2b3-63b76932-7f3dbfff7fea7a09;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 826
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M0YMioVt0ZZdCuXPhPTURRyf337FjB2wc167P50D%2Ft7WP%2FGRY7ARLu8iq7ruOrMQ5y%2BBqDNFqwqahLfWmVWvB1d2aQQyeInXMxCq1hRkRjmiDy%2FjtMIU655sTX8XrGuV%2Fyq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7852aa875e8d8897-LHR
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
54.230.245.152200 OK 36 kB URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP 54.230.245.152:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash b4dd748f7c80d33d5f650615bd6fae3c
e21ecccd7f5c657e91c976e26ff302ffc509a63f
4dce30d7045bd3f16af8f13718b78252b3e94feafa76e70c5ebc5ab057946baa
GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Content-Length: 36044
Connection: keep-alive
Date: Fri, 06 Jan 2023 07:16:04 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nk0zotReVV48g5FSBSi6kcdRqH3sOmS98YF3fvpwWaaqL3d3yuyZbA==
cdn.neexulro.net/static/image/delete2.png
172.64.108.35200 OK 577 B URL HTTP/1.1 cdn.neexulro.net/static/image/delete2.png
IP 172.64.108.35:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-a0c39838649de106;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 831
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7MASooyKH8ISg0zZYZF2NClDk2lvVVHOokqlOUX5M8elfFVAvuxuqIJabI4iJa5zwSO5zKRQiv8HzKMnTuXZkyUhrLDmOcj3u8QUIjUf3Q6GBP12487b3I%2BKJmBt1oWWh3R"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa885f9b8897-LHR
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/skip_ad/en_tran.png
172.64.108.35200 OK 5.1 kB URL HTTP/1.1 cdn.neexulro.net/static/image/skip_ad/en_tran.png
IP 172.64.108.35:0
File type PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29
GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:28 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-eb24f435e560d3dd;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 816
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HE9YndY26Gf12rdXLcMEgdFIw0CYF7x4bnE0CB70RxW6qj8zRzisydFficHpZXErJ1vWFjQ2xq98%2Bb8G9x9alQZh52thGVzhjJMUqiHSsiTYfYXnbPMgH%2FPQTBYpModKAtrL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa886f53d184-LHR
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
172.217.21.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash 8a7e27280e57186639a21af84223877d
d598222bd8e4f153bfd56aa39b40d2f2f44bc0ef
2068b2c86434e79699e2bef21a1459bef7723e152549dacf24bcf540b15c247b
GET /gtm.js?id=GTM-5NL9VFJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 06 Jan 2023 07:16:04 GMT
expires: Fri, 06 Jan 2023 07:16:04 GMT
cache-control: private, max-age=900
last-modified: Fri, 06 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.neexulro.net/static/image/logo_fb2.png
172.64.108.35200 OK 6.3 kB URL HTTP/1.1 cdn.neexulro.net/static/image/logo_fb2.png
IP 172.64.108.35:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:07 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-48354ceeda0c07b3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 837
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsCWO%2FZHVhFNV7rPDhl069KktNQbnvdpZ84GJk69FnIIIqX0dQp0DjbKcq7z28aghPICwhdWW912M1WNoykV3qw9U8w8Q12ZXuPg2FvzAGKYsn6MxWf3LqFLeWYYle57cORM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa8868ba7192-LHR
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/ahl6532.gif
172.64.108.35200 OK 3.2 kB URL HTTP/1.1 cdn.neexulro.net/static/image/ahl6532.gif
IP 172.64.108.35:0
File type GIF image data, version 89a, 166 x 58\012- data
Hash 48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:18 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-b4353aef5660bc5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 826
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3xwuDq3uKCmRYq1sfDOM28r%2BnQnbLudY3VTqILf18oCVymSgzk9QXPQZBdU12yDU36FpIArcnis%2BMV7KEVciin1OEzJCublMMqQWI3UaM6tFz3E4XqFC4JYSVLN6AT7NTKr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa886ce623d4-LHR
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/main.js?v=2022052901
172.64.108.35200 OK 705 B URL HTTP/1.1 cdn.neexulro.net/static/js/main.js?v=2022052901
IP 172.64.108.35:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: application/x-javascript
Content-Length: 705
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:10:10 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-5a0b6a8c1f70ff01;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6keq3U4%2B%2FMAsH%2FxkwhBWObspzoxWSOB7K727SWOGaMM5mVaFxRyIJU54cuYWcA87K4D1T8zTkDCxDrXDA7FVkcH5oMO7zvP289j9ZTr9QZtyjBb4XSlFplbh4nuMeYK7Cr4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7852aa875f51e630-LHR
alt-svc: h2=":443"; ma=60
salwaysesureto.info/popunder.gif
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 salwaysesureto.info/popunder.gif
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: salwaysesureto.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 301 Moved Permanently
Date: Fri, 06 Jan 2023 07:16:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 06 Jan 2023 08:16:04 GMT
Location: https://salwaysesureto.info/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDmY6%2B8lJixgaH1radAj2OQAjYopbWhVt15WiUxqrfcfyhieiWUq1AQhoyNLtgz96XfSQDjSlVTgNVQBAcuLuKjf8CbnvLiAY2JJ3apcXvEENQWBCnUSSddzpPg04%2Bha3shIai%2Bg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa88ceb90b51-OSL
alt-svc: h2=":443"; ma=60
neexulro.net/js/display.js
172.64.109.35200 OK 5.8 kB URL HTTP/1.1 neexulro.net/js/display.js
IP 172.64.109.35:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); FLYSESSID=hqevk1bpu3s5iqnlvsh0ngc9m3
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:06 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 838
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o00t1VdT%2BFWpNA80xs22yKkcssFlwW%2Fi4qe60qWIbNOuhvdlpywPQCaT5MUSAGe9XPl%2BleD1SRWa2bN9HGakCVUHRlFUsRcibssTvAN1Wm8ewSxid09Cz%2F1fRE975Fg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7852aa88ce9174a5-LHR
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5081feffa54965fbc666f943b34a023f
fd927a78f8368c001f8c285fa732d48e7214c64f
400b70984b85b8c75ba42b2a18d83175a49252511b51c48b38180c5a49e37be6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "400B70984B85B8C75BA42B2A18D83175A49252511B51C48B38180C5A49E37BE6"
Last-Modified: Fri, 06 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7146
Expires: Fri, 06 Jan 2023 09:15:10 GMT
Date: Fri, 06 Jan 2023 07:16:04 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
172.64.108.35200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
IP 172.64.108.35:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:16:04 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-95f251b8bd8ef212;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3menYDGGAYuKncLGNK4me6S9Q2RGaX6g0bbiuWP6bdo3E2jiuXysq%2BSc3q0OzFjk%2BdjGzZICjN5PAY0ilGe59g3dNaa6nsn6AyIjtuM6ZShwQcYcWhh8%2FdF8rwr4XwCUMYJA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa885d4e8e0f-LHR
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/d_top_bg.png
172.64.108.35200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/d_top_bg.png
IP 172.64.108.35:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:16 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-6bfb178d8ae4aca5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 828
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TJJjICPfn3gzpijLBB2Vzmy7SgFndPjhiCemrhZHQV3T2mOeiIxiwT%2BXOk0pGiQHbRWJvvIiAXNCO%2FQdtoBXSbezNwdSrHCYl2XI9nYHalS3jQ47J%2FKKxt5JV5HDkp5%2FiNp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa89e94d8897-LHR
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/d_bottom_bg2.png
172.64.108.35200 OK 2.8 kB URL HTTP/1.1 cdn.neexulro.net/static/image/d_bottom_bg2.png
IP 172.64.108.35:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:15 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-47ec8d363413ae2c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 829
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V63W8N3LWmDPIkwL%2BQeuEfyn6BF3fZySjRJa7KJHM5h%2FhHZrZTsEK41qv8vsunoxioP3pTIJ28MGfKjC1K8lY8sfoG5OOjLSX8JSYOHDrmljYgxxfUyKr%2FeBguONZ6K19ORp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa89f9e27192-LHR
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/od9SpYbZBYQ
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/od9SpYbZBYQ
IP 142.250.74.131:0
Hash 33e9eb80fc2eb726f93a49357902f203
6079d6395467f9c5ec8dbed9fe57d55b90712876
5d020309b0163bca5fa30ded92234c9ad63cdead648828e20e2b6f4ae72bd984
POST /s/gts1p5/od9SpYbZBYQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5081feffa54965fbc666f943b34a023f
fd927a78f8368c001f8c285fa732d48e7214c64f
400b70984b85b8c75ba42b2a18d83175a49252511b51c48b38180c5a49e37be6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "400B70984B85B8C75BA42B2A18D83175A49252511B51C48B38180C5A49E37BE6"
Last-Modified: Fri, 06 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7146
Expires: Fri, 06 Jan 2023 09:15:10 GMT
Date: Fri, 06 Jan 2023 07:16:04 GMT
Connection: keep-alive
salwaysesureto.info/Y2haS2tMVzk4VjUtFAUyNT4uLlhSMAAcKRsNayMCOlsIczwyTi4iD15fanJbVl58OwIHVWhyTRAcOz8eEFVrbQINDjV2TRVVa2VbTV5qZVpFHWd6TRcYOyxWUk4qPx8PVWt9XFFRYnJYVltieVk
188.114.97.1204 No Content 0 B URL HTTP/2 salwaysesureto.info/Y2haS2tMVzk4VjUtFAUyNT4uLlhSMAAcKRsNayMCOlsIczwyTi4iD15fanJbVl58OwIHVWhyTRAcOz8eEFVrbQINDjV2TRVVa2VbTV5qZVpFHWd6TRcYOyxWUk4qPx8PVWt9XFFRYnJYVltieVk
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Y2haS2tMVzk4VjUtFAUyNT4uLlhSMAAcKRsNayMCOlsIczwyTi4iD15fanJbVl58OwIHVWhyTRAcOz8eEFVrbQINDjV2TRVVa2VbTV5qZVpFHWd6TRcYOyxWUk4qPx8PVWt9XFFRYnJYVltieVk HTTP/1.1
Host: salwaysesureto.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 06 Jan 2023 07:16:04 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFbjVHlvTCkyY%2BurmDxTAZjygyGh%2BgV%2Bj5DILhE7YkX6ddprDY5mDu%2FvnDGq5etaIn15Vd1N1LsVbfOsQop65E2Ndn4aXq9Fdy7%2B4YsD%2BJ3ymtnHqAiii4%2BRcDT61oHuL7yPKwb7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7852aa898e921c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 07:08:12 GMT
age: 472
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
oodnaturedf.xyz/U3pUbEsyGDcBdDJHNko+IRZpSXkVX2YqL2BOOxwtNU1lXyhgHTxCKD8VIQgtIRU6GGU9HyBJeRUVNwYvFCw4PRkEOTMbKiQgMSUmJxMFCwViIxMuHgsuAVkENDMfIiMCIBxecxAqFi1yBw0dBAMkPGAtAxIdFyoFZCA6JS4FEzMUKgUoBycPBQoFFA49Nz42GxJIFQUBEUs3CTEkABYpfysqPSkACzk4GwIBNx8nMTgPE104IjRnKgowIhpYERUZEgglZxATXSA6NQchCRYUBgEENCMHCAwJFgUEJ2EZZg88FhQGAQIrDg4PDBkCBTQdOSATPQASInkmMQkAFT8vFCM5LgkZSxJeHRA7OQQmNSw3Ki85PywpHSQKN14SYzgMNiUJPx0rLz4eLD0KMB0EFRILLwcHPjAvFhQvYSA8NAo3HR1eJxdcPh8kPQppHAkeFwwoIRc1LCg8GAkbKg
65.9.44.68200 OK 1.2 kB URL HTTP/1.1 oodnaturedf.xyz/U3pUbEsyGDcBdDJHNko+IRZpSXkVX2YqL2BOOxwtNU1lXyhgHTxCKD8VIQgtIRU6GGU9HyBJeRUVNwYvFCw4PRkEOTMbKiQgMSUmJxMFCwViIxMuHgsuAVkENDMfIiMCIBxecxAqFi1yBw0dBAMkPGAtAxIdFyoFZCA6JS4FEzMUKgUoBycPBQoFFA49Nz42GxJIFQUBEUs3CTEkABYpfysqPSkACzk4GwIBNx8nMTgPE104IjRnKgowIhpYERUZEgglZxATXSA6NQchCRYUBgEENCMHCAwJFgUEJ2EZZg88FhQGAQIrDg4PDBkCBTQdOSATPQASInkmMQkAFT8vFCM5LgkZSxJeHRA7OQQmNSw3Ki85PywpHSQKN14SYzgMNiUJPx0rLz4eLD0KMB0EFRILLwcHPjAvFhQvYSA8NAo3HR1eJxdcPh8kPQppHAkeFwwoIRc1LCg8GAkbKg
IP 65.9.44.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Hash d8f9f9f6b6b261acc08504c15e3a794b
ad67e29890ae191f567cedb18cfc17c9a4efa446
cfd0fb3223706ac826fa9a35c808943a68e053fc1ea7803eea2b0d3de1a99b8e
GET /U3pUbEsyGDcBdDJHNko+IRZpSXkVX2YqL2BOOxwtNU1lXyhgHTxCKD8VIQgtIRU6GGU9HyBJeRUVNwYvFCw4PRkEOTMbKiQgMSUmJxMFCwViIxMuHgsuAVkENDMfIiMCIBxecxAqFi1yBw0dBAMkPGAtAxIdFyoFZCA6JS4FEzMUKgUoBycPBQoFFA49Nz42GxJIFQUBEUs3CTEkABYpfysqPSkACzk4GwIBNx8nMTgPE104IjRnKgowIhpYERUZEgglZxATXSA6NQchCRYUBgEENCMHCAwJFgUEJ2EZZg88FhQGAQIrDg4PDBkCBTQdOSATPQASInkmMQkAFT8vFCM5LgkZSxJeHRA7OQQmNSw3Ki85PywpHSQKN14SYzgMNiUJPx0rLz4eLD0KMB0EFRILLwcHPjAvFhQvYSA8NAo3HR1eJxdcPh8kPQppHAkeFwwoIRc1LCg8GAkbKg HTTP/1.1
Host: oodnaturedf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1203
Connection: keep-alive
Date: Fri, 06 Jan 2023 07:16:04 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 487e313569291f74bde8bb30db9e6efa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: ic_iBaBf7YdWhT7-bwAXkmKQSpHGX5ZccF7wGvvD57jjD-Mu8PPIXg==
neexulro.net/2market_bidshow.php?user_id=21589233&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww22.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D21589233%26pci%3D6448248841%26t%3D1672989364%26dest%3Dhttps%253A%252F%252Fdrive.google.com%252Ffolderview%253Fid%253D1LyPaixoY8iYIIhlle693EDi9Al3GdRjh&url_id=6448248841&t=29d93bda24cf1ec422d82095d35c9eed&w=49b87e296d7e6a7cd6f3b70388a4e298
172.64.109.35200 OK 82 B URL HTTP/1.1 neexulro.net/2market_bidshow.php?user_id=21589233&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww22.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D21589233%26pci%3D6448248841%26t%3D1672989364%26dest%3Dhttps%253A%252F%252Fdrive.google.com%252Ffolderview%253Fid%253D1LyPaixoY8iYIIhlle693EDi9Al3GdRjh&url_id=6448248841&t=29d93bda24cf1ec422d82095d35c9eed&w=49b87e296d7e6a7cd6f3b70388a4e298
IP 172.64.109.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c
GET /2market_bidshow.php?user_id=21589233&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww22.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D21589233%26pci%3D6448248841%26t%3D1672989364%26dest%3Dhttps%253A%252F%252Fdrive.google.com%252Ffolderview%253Fid%253D1LyPaixoY8iYIIhlle693EDi9Al3GdRjh&url_id=6448248841&t=29d93bda24cf1ec422d82095d35c9eed&w=49b87e296d7e6a7cd6f3b70388a4e298 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672985478.1.0.1672985486.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); FLYSESSID=hqevk1bpu3s5iqnlvsh0ngc9m3
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:04 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYK%2ByvH1Uh1oF7lP7Eo7KEtGgT3vnqT%2FRhi00jpZSogUatK6BkrADP85LLPzhb1ZNEeqoVpdg%2Bsn8TlGMRRHuecxOIdrwoLizMez8kuB4rDxB9K8YaqAL2sibZBnnV4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7852aa89ef5674a5-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73a99621729e1bc9e236a1085b98a0cf
5e1f71493085f6be7788f59987c1f0850b77d4d7
219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6121
Cache-Control: max-age=99166
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:04 GMT
Etag: "63b69329-1d7"
Expires: Sat, 07 Jan 2023 10:48:50 GMT
Last-Modified: Thu, 05 Jan 2023 09:06:49 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
oodnaturedf.xyz/utx?cb=dUNdgNIRZ5x8&top=neexulro.net&tid=604364
65.9.44.68204 No Content 0 B URL HTTP/2 oodnaturedf.xyz/utx?cb=dUNdgNIRZ5x8&top=neexulro.net&tid=604364
IP 65.9.44.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=dUNdgNIRZ5x8&top=neexulro.net&tid=604364 HTTP/1.1
Host: oodnaturedf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 06 Jan 2023 07:16:04 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 06 Jan 2023 07:17:04 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d42e11d52edd8bb7c6c82444d8414824.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: XzMsv3WkLKFKjuPmgIt8lRMCBmLcslVW8JrK-2d2p8cSnLkSwhS6gQ==
X-Firefox-Spdy: h2
oodnaturedf.xyz/utx?cb=RlRWMFml8a6s&top=neexulro.net&tid=709056
65.9.44.68204 No Content 0 B URL HTTP/2 oodnaturedf.xyz/utx?cb=RlRWMFml8a6s&top=neexulro.net&tid=709056
IP 65.9.44.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=RlRWMFml8a6s&top=neexulro.net&tid=709056 HTTP/1.1
Host: oodnaturedf.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 06 Jan 2023 07:16:04 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 06 Jan 2023 07:17:04 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d42e11d52edd8bb7c6c82444d8414824.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: sYf-nT-TW4wPlv96Eh9A1Hm4tKaIAdbWH_SY3uTrFrcPtyGggG1bHw==
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 618333d26fe297f7bf67ad5b3c931833
88c91b635eab0d4bd7710ddfc8e8af7a1044b65d
3aca80525f6f5eeaa6f518ad751069869f3afa016c92effb6e3d4a23f2c7d7d3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3ACA80525F6F5EEAA6F518AD751069869F3AFA016C92EFFB6E3D4A23F2C7D7D3"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7279
Expires: Fri, 06 Jan 2023 09:17:23 GMT
Date: Fri, 06 Jan 2023 07:16:04 GMT
Connection: keep-alive
heinndoorhises.info/V2Y1NjF4WVZFDAEKY29rEAJbbANiM2BxVSQEc2RlNVRjQmcRUhNCWDNbAwYFZFABEEE+AggHFyQSVEJEJFsEEFg5AFoLFyFbBBgCY0gGBx9lQEALAHESRVdWalcTRkUjCggHB2BUDA4IZFMGDwNm
188.114.96.1204 No Content 0 B URL HTTP/2 heinndoorhises.info/V2Y1NjF4WVZFDAEKY29rEAJbbANiM2BxVSQEc2RlNVRjQmcRUhNCWDNbAwYFZFABEEE+AggHFyQSVEJEJFsEEFg5AFoLFyFbBBgCY0gGBx9lQEALAHESRVdWalcTRkUjCggHB2BUDA4IZFMGDwNm
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /V2Y1NjF4WVZFDAEKY29rEAJbbANiM2BxVSQEc2RlNVRjQmcRUhNCWDNbAwYFZFABEEE+AggHFyQSVEJEJFsEEFg5AFoLFyFbBBgCY0gGBx9lQEALAHESRVdWalcTRkUjCggHB2BUDA4IZFMGDwNm HTTP/1.1
Host: heinndoorhises.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 06 Jan 2023 07:16:04 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4N%2F%2BG6DFkbzethjspFpdcCE7xdT8YCaHx8%2FKhEWxrVhrCYLnWRsE2fbVCEFxZJPdW5pAPnfQVwrYzkFIf9%2BbEY4YvcpukRBH8bZwrVkeHP%2FMxie9jCyjdA%2FQFJEBivwZUmORTJxn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7852aa8a2c90b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
oftheseveryh.xyz/MUxRaWlQLjIEVlBxM08cQyBsTFt3aWMvDQAtYgMLBCQ7BxAEP2VHCl0jJA0PQyM/HUdfKSVMW3ceNCwdQBgULAt7DQAYD1Y7OC0Hd34CISNQKQkNDHgeOgMlRiRjOToFOBwABVICCSQoUx5lWyNkGmY9KnArFwARaS04OD56CjVQM0knJyohd30JA1FQBSgZL3wrFBwiSRUlLhNkIRk+WVcACR4/ew4QBSVjHSA9WgUEBT4/UC0JJyBoNGEFJUk7OiE9CCcCBxp0AxY7IlR9JVELASQkPjgEJwIHGlUGAlAmV3xoTFt3DWBYXGYmA1o9dnkLLQRjBzQRRFZ6CywaehtiEVlnIiUtCGkCGCUoCToaAQ1EGxAZE2IEIQgPeQ4YDAIIaWMrCmN4OC4qWiIXEydhKjYNI1R9aAAKZ3h0Wytnf2FPA0IjPxlUZi49IwsHNWMR
108.156.22.63200 OK 1.2 kB URL HTTP/1.1 oftheseveryh.xyz/MUxRaWlQLjIEVlBxM08cQyBsTFt3aWMvDQAtYgMLBCQ7BxAEP2VHCl0jJA0PQyM/HUdfKSVMW3ceNCwdQBgULAt7DQAYD1Y7OC0Hd34CISNQKQkNDHgeOgMlRiRjOToFOBwABVICCSQoUx5lWyNkGmY9KnArFwARaS04OD56CjVQM0knJyohd30JA1FQBSgZL3wrFBwiSRUlLhNkIRk+WVcACR4/ew4QBSVjHSA9WgUEBT4/UC0JJyBoNGEFJUk7OiE9CCcCBxp0AxY7IlR9JVELASQkPjgEJwIHGlUGAlAmV3xoTFt3DWBYXGYmA1o9dnkLLQRjBzQRRFZ6CywaehtiEVlnIiUtCGkCGCUoCToaAQ1EGxAZE2IEIQgPeQ4YDAIIaWMrCmN4OC4qWiIXEydhKjYNI1R9aAAKZ3h0Wytnf2FPA0IjPxlUZi49IwsHNWMR
IP 108.156.22.63:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Hash cd9cd220c24919364409cd1dd01cd400
b9e42114f80680617f6ae30758078ce356eaea4e
051e7dada902d1f3dd63ed75096c8650a4353a9c7247f90504a77cc682e6e6f9
GET /MUxRaWlQLjIEVlBxM08cQyBsTFt3aWMvDQAtYgMLBCQ7BxAEP2VHCl0jJA0PQyM/HUdfKSVMW3ceNCwdQBgULAt7DQAYD1Y7OC0Hd34CISNQKQkNDHgeOgMlRiRjOToFOBwABVICCSQoUx5lWyNkGmY9KnArFwARaS04OD56CjVQM0knJyohd30JA1FQBSgZL3wrFBwiSRUlLhNkIRk+WVcACR4/ew4QBSVjHSA9WgUEBT4/UC0JJyBoNGEFJUk7OiE9CCcCBxp0AxY7IlR9JVELASQkPjgEJwIHGlUGAlAmV3xoTFt3DWBYXGYmA1o9dnkLLQRjBzQRRFZ6CywaehtiEVlnIiUtCGkCGCUoCToaAQ1EGxAZE2IEIQgPeQ4YDAIIaWMrCmN4OC4qWiIXEydhKjYNI1R9aAAKZ3h0Wytnf2FPA0IjPxlUZi49IwsHNWMR HTTP/1.1
Host: oftheseveryh.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1186
Connection: keep-alive
Date: Fri, 06 Jan 2023 07:16:04 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 b17cf9f4b1a924d2565eea6067d2d532.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HEL51-P1
X-Amz-Cf-Id: G_1jdBFzmk8ithQCjSkL5bw9j-_OdBiRFhl7YUoWq5eb7Rn89Qk2Og==
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f171297887219eb8cae83e0d853e59a6
2aaa92fb2ea42f40b7d73b3cab534396268c80ae
af7e1d13b1f481ed38a0762e6224aa987aa9a66ca82f982c70cb8e28f445d812
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF7E1D13B1F481ED38A0762E6224AA987AA9A66CA82F982C70CB8E28F445D812"
Last-Modified: Thu, 05 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14244
Expires: Fri, 06 Jan 2023 11:13:28 GMT
Date: Fri, 06 Jan 2023 07:16:04 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f171297887219eb8cae83e0d853e59a6
2aaa92fb2ea42f40b7d73b3cab534396268c80ae
af7e1d13b1f481ed38a0762e6224aa987aa9a66ca82f982c70cb8e28f445d812
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF7E1D13B1F481ED38A0762E6224AA987AA9A66CA82F982C70CB8E28F445D812"
Last-Modified: Thu, 05 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14232
Expires: Fri, 06 Jan 2023 11:13:16 GMT
Date: Fri, 06 Jan 2023 07:16:04 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/od9SpYbZBYQ
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/od9SpYbZBYQ
IP 142.250.74.131:0
Hash 33e9eb80fc2eb726f93a49357902f203
6079d6395467f9c5ec8dbed9fe57d55b90712876
5d020309b0163bca5fa30ded92234c9ad63cdead648828e20e2b6f4ae72bd984
POST /s/gts1p5/od9SpYbZBYQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adf.ly/static/other/main.html
104.20.66.244200 OK 2.4 kB URL HTTP/1.1 adf.ly/static/other/main.html
IP 104.20.66.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Hash b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e
GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-8936a98b6e2a0431;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7852aa8b5a92b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
d34opff713c3gh.cloudfront.net/ocjdGVlQRWCgwawZeImtiQgN1YGBUXTU5OgIKNhQZH28CPBA9TwIhHwF4AHAgCFN7ZnIeVigxaVRSKDVpQxEnMjZPA2AiJB1cezwzBE4xPiEKXClwIRMKKzkuG1sqN3FAcXN4ZFcFdn4jG1kiOSMBEnRmOgYSdGZlQhl2c2cwEnRmIxtZcGJxQXVjZGQKAX-JzZzASdGYmBBJ1F2VCAmhmfVcFdjExEVwpc2Y0BXZnZEIGdmdxQAcgPyYXUSkucUBxd2ZhXAdgI2lD
143.204.42.96200 OK 537 B URL HTTP/1.1 d34opff713c3gh.cloudfront.net/ocjdGVlQRWCgwawZeImtiQgN1YGBUXTU5OgIKNhQZH28CPBA9TwIhHwF4AHAgCFN7ZnIeVigxaVRSKDVpQxEnMjZPA2AiJB1cezwzBE4xPiEKXClwIRMKKzkuG1sqN3FAcXN4ZFcFdn4jG1kiOSMBEnRmOgYSdGZlQhl2c2cwEnRmIxtZcGJxQXVjZGQKAX-JzZzASdGYmBBJ1F2VCAmhmfVcFdjExEVwpc2Y0BXZnZEIGdmdxQAcgPyYXUSkucUBxd2ZhXAdgI2lD
IP 143.204.42.96:0
File type ASCII text, with very long lines (720), with no line terminators
Hash 17b9e19e3a7acfb39fe59d1f4a9ff8d0
64502230110e190469950d64d32e80c866b37664
3d7715296a2a8d6e8bb10867b75db1ec62796cb656b24d8fa06b14d070b87d1b
GET /ocjdGVlQRWCgwawZeImtiQgN1YGBUXTU5OgIKNhQZH28CPBA9TwIhHwF4AHAgCFN7ZnIeVigxaVRSKDVpQxEnMjZPA2AiJB1cezwzBE4xPiEKXClwIRMKKzkuG1sqN3FAcXN4ZFcFdn4jG1kiOSMBEnRmOgYSdGZlQhl2c2cwEnRmIxtZcGJxQXVjZGQKAX-JzZzASdGYmBBJ1F2VCAmhmfVcFdjExEVwpc2Y0BXZnZEIGdmdxQAcgPyYXUSkucUBxd2ZhXAdgI2lD HTTP/1.1
Host: d34opff713c3gh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oodnaturedf.xyz/
HTTP/1.1 200 OK
Content-Length: 537
Connection: keep-alive
Date: Fri, 06 Jan 2023 07:16:05 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RD8SH0ouAiQqbW4x534aP-p7nL6fYI96GFcERkMvkW0ymSAN8tZxrw==
d1a3jb5hjny5s4.cloudfront.net/ReEtqTEEbJAQqfgwiDnF2SHJaeXdeIRkjLwh2PS4tMilcNXMAbR42JUV7TCAgFixXaiQWKFd9ZxkvCHF1Xj8aIypFMgEuKxYtGzUmHW0fLXwVJBAlLRQqT34HTWVaaXNIYx0lLxwkHT9kSnsEOGRKe1t8b0huWQ5kSnsdJS9Of09/A115WjR3TG5ZDmRKex-g6ZEsKW3x0VntDaXNILA8vKhduWApzSHpafHBIek9+cR4iGCknFzNPfgdJe19icV4+V30
54.230.245.152200 OK 459 B URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/ReEtqTEEbJAQqfgwiDnF2SHJaeXdeIRkjLwh2PS4tMilcNXMAbR42JUV7TCAgFixXaiQWKFd9ZxkvCHF1Xj8aIypFMgEuKxYtGzUmHW0fLXwVJBAlLRQqT34HTWVaaXNIYx0lLxwkHT9kSnsEOGRKe1t8b0huWQ5kSnsdJS9Of09/A115WjR3TG5ZDmRKex-g6ZEsKW3x0VntDaXNILA8vKhduWApzSHpafHBIek9+cR4iGCknFzNPfgdJe19icV4+V30
IP 54.230.245.152:0
File type ASCII text, with very long lines (593), with no line terminators
Hash 27b9154b2e7cd1b9ee75ad89f95b7010
48b97829052c93784b3496065ed2347a3bf28821
3d48518065d0c21fed79aa6958b2e9c9015f1f5c5ce64e95d7c3fca444243e01
GET /ReEtqTEEbJAQqfgwiDnF2SHJaeXdeIRkjLwh2PS4tMilcNXMAbR42JUV7TCAgFixXaiQWKFd9ZxkvCHF1Xj8aIypFMgEuKxYtGzUmHW0fLXwVJBAlLRQqT34HTWVaaXNIYx0lLxwkHT9kSnsEOGRKe1t8b0huWQ5kSnsdJS9Of09/A115WjR3TG5ZDmRKex-g6ZEsKW3x0VntDaXNILA8vKhduWApzSHpafHBIek9+cR4iGCknFzNPfgdJe19icV4+V30 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oftheseveryh.xyz/
HTTP/1.1 200 OK
Content-Length: 459
Connection: keep-alive
Date: Fri, 06 Jan 2023 07:16:05 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Kt2WfEkQymRrZjra2JZjrwmWtsYICrhleEAROZXqN04BTuKi2HjLOg==
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f171297887219eb8cae83e0d853e59a6
2aaa92fb2ea42f40b7d73b3cab534396268c80ae
af7e1d13b1f481ed38a0762e6224aa987aa9a66ca82f982c70cb8e28f445d812
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF7E1D13B1F481ED38A0762E6224AA987AA9A66CA82F982C70CB8E28F445D812"
Last-Modified: Thu, 05 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14231
Expires: Fri, 06 Jan 2023 11:13:16 GMT
Date: Fri, 06 Jan 2023 07:16:05 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/favicon.ico
172.64.108.35200 OK 766 B URL HTTP/1.1 cdn.neexulro.net/static/image/favicon.ico
IP 172.64.108.35:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a
GET /static/image/favicon.ico HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672989354.2.0.1672989354.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 07:16:05 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 07:02:31 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-15b72dd35dac079e;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 814
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEJhUzpMxCJiNW1JgFYIlJIJWFL0kKkVsEQNiPZxtOqCvCa48czCsjN4cq2bBPLtCl%2BISjDxHhfUVFX9ahSuze9RPZNhmKhYGlWegj9QH%2F1qOW%2BO7QoyqFe1wR68EU0m%2Bu5E"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa8cac597192-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KD4V25mnF+/HubFVRldE4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lA+n2XjJYjtsAckpwx3TBd7FBUs=
www.google-analytics.com/ga.js
142.250.74.14200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Fri, 06 Jan 2023 05:34:16 GMT
Expires: Fri, 06 Jan 2023 07:34:16 GMT
Cache-Control: public, max-age=7200
Age: 6109
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 618333d26fe297f7bf67ad5b3c931833
88c91b635eab0d4bd7710ddfc8e8af7a1044b65d
3aca80525f6f5eeaa6f518ad751069869f3afa016c92effb6e3d4a23f2c7d7d3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3ACA80525F6F5EEAA6F518AD751069869F3AFA016C92EFFB6E3D4A23F2C7D7D3"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7278
Expires: Fri, 06 Jan 2023 09:17:23 GMT
Date: Fri, 06 Jan 2023 07:16:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5de6e5036a00ecdea79afacd31544e47
e914f0de643d42a7960bc4be81094b3bbe2eb97f
afb7782d7483cac296f2873907cd4561da329c68737f17cd150c682819e7e1c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5de6e5036a00ecdea79afacd31544e47
e914f0de643d42a7960bc4be81094b3bbe2eb97f
afb7782d7483cac296f2873907cd4561da329c68737f17cd150c682819e7e1c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heinndoorhises.info/popunder.gif
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 heinndoorhises.info/popunder.gif
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: heinndoorhises.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 301 Moved Permanently
Date: Fri, 06 Jan 2023 07:16:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 06 Jan 2023 08:16:05 GMT
Location: https://heinndoorhises.info/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5D4IT%2Fc5xlITZ8YI5UrxB7W7DkKquEbCpHxQP1onY59%2BccMRov0qFXjqguWjuTPhpb7zNexmHMvVMqErDFBb2mJsJejfl9ujWSe2djeoUwfN2rai4qsETYj1JWJM6rpmMTMeh%2Fk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa8d1bd5b515-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0b29dc8c7a991aa4bf6811e25dbc147c
03dc09f87a4017228b6c82dd57c02fc8c78ce909
442b3aa48f7f563c5c21632c1457584bc004b28eb3eb72ec6b210b7665f0a904
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4690
Cache-Control: max-age=115394
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:05 GMT
Etag: "63b6d825-1d7"
Expires: Sat, 07 Jan 2023 15:19:19 GMT
Last-Modified: Thu, 05 Jan 2023 14:01:09 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=85650353&utmhn=neexulro.net&utme=8(User)9(21589233)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=473438144&utmr=-&utmp=%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&utmht=1672989354556&utmac=UA-6469700-9&utmcc=__utma%3D218196230.1058324379.1672985479.1672985479.1672989355.2%3B%2B__utmz%3D218196230.1672985479.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2047962376&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.14302 Found 368 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=85650353&utmhn=neexulro.net&utme=8(User)9(21589233)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=473438144&utmr=-&utmp=%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&utmht=1672989354556&utmac=UA-6469700-9&utmcc=__utma%3D218196230.1058324379.1672985479.1672985479.1672989355.2%3B%2B__utmz%3D218196230.1672985479.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2047962376&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8a506562045fb4d5e8c3137469a0702d
d947a2f52c8818efe9e5d7a1656baaaff5774a8f
43d09d9df6461b6ddf638f95c98a98eece9145f99346acc492f473e0b40adaec
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=85650353&utmhn=neexulro.net&utme=8(User)9(21589233)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=473438144&utmr=-&utmp=%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&utmht=1672989354556&utmac=UA-6469700-9&utmcc=__utma%3D218196230.1058324379.1672985479.1672985479.1672989355.2%3B%2B__utmz%3D218196230.1672985479.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2047962376&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1058324379.1672985479&jid=2047962376&_v=5.7.2&z=85650353
Access-Control-Allow-Origin: *
Date: Fri, 06 Jan 2023 07:16:05 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 368
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash e8558683bf1a46c56190d0ba9f53d336
86f99c046068eb62ab3a0f9cad6e3241c1ba9a12
64225ded44ba5555c82e00ee952667244f702d29a09d4a3dc1ce0d357080bf5f
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 06 Jan 2023 07:16:05 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S2131103866%3A1672989365333443&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh458Hyvukqixp_cbna8qMdT4U3sO4Chwz0bXnskW48efN22wXTWo0ZlmkhL05o5WNEKkS7I4A
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-5R4psItNmzVsCbTawMwHZQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:FCVZyA7Tehuq2xUqf9b5GeRVhGlKqg:sCeLg0N7Sgf4qCM6;Path=/;Expires=Sun, 05-Jan-2025 07:16:05 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
54.230.245.26200 OK 51 kB URL HTTP/1.1 dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP 54.230.245.26:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Hash 69b40dc7b07850fa511e2e79db9ad0c3
27b2e60c99b0991570f1afecc179fec3dbad3678
ed227880dccd962b934e177062862b0d405a5db02ff2f8cdf91d6150917a51a2
GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
HTTP/1.1 200 OK
Content-Length: 50793
Connection: keep-alive
Date: Fri, 06 Jan 2023 07:16:05 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Kzx6LMBLAqReke0GwaupJA5GGIWFnFBYgScobQ07B1kUkQYK7EV3-A==
cdn.neexulro.net/static/image/apple-touch-icon.png
172.64.108.35403 Forbidden 436 B URL HTTP/1.1 cdn.neexulro.net/static/image/apple-touch-icon.png
IP 172.64.108.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a
GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1672989354.2.0.1672989354.0.0.0; _ga=GA1.1.1058324379.1672985479; __utma=218196230.1058324379.1672985479.1672985479.1672985479.1; __utmz=218196230.1672985479.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
HTTP/1.1 403 Forbidden
Date: Fri, 06 Jan 2023 07:16:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vf4MR1MRVUMq7XDtPg4IJ2NWtODWFpDIcaUqsD4A3bVYCce6qi9mcru0qCJkfp1WHrw2n4aTL1bVdvsFGs6N%2Bjyzv5a2GVlqh5tlsQwby9gG8v3bNDE34vMNj8%2BpTHxT493V"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7852aa8c9bdd8897-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ff3b4cd0aa28a61ef1a039c7ff73ce71
1081a41936a63ccdf3e9ebc021835a19c4125a87
367f96729ad2d9dbe57a5881a37c0bc7893ad0858af6fff7f8b565204eae3a1f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pogothere.xyz/
172.64.172.27200 OK 421 B IP 172.64.172.27:0
File type ASCII text, with no line terminators
Hash 077facc886ee304592ae5a9422726fa7
79ec209dba9673a8845efb47f2dfac42b14a0fc6
f767be8a862e57bfbb0065a4ed878d67db4c503fa4df6679dec657123c4dfc54
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Cookie: csu=1432618920822827@2@1672985489
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 07:16:05 GMT
content-type: text/plain
set-cookie: csu=1432618920822827@3@1672985489; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLtNkRBQxiGUgSf%2BSlpmIxfg1H%2F63ahfvvsOWm%2BeYSVo6FEsqHQ0vf%2B%2FiCkPX9NikayZ5YgDsAIpxjXQszg%2Br4jfucl1DIPkEA9UI9W2pA6k1mEDVn3clBkYZ5LTY8X1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7852aa8bed1b7686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9d5eb404693c69bc3cd4a08162568e5
7283a3be604758d65fdd222bda42ce54c1b28316
4bc0f440f12b15760b0c0bd5f989bd76100e48f94fca8a8a7ca5cd3025320ccb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1058324379.1672985479&jid=2047962376&_v=5.7.2&z=85650353
74.125.131.155200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1058324379.1672985479&jid=2047962376&_v=5.7.2&z=85650353
IP 74.125.131.155:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1058324379.1672985479&jid=2047962376&_v=5.7.2&z=85650353 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Jan 2023 07:16:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0b29dc8c7a991aa4bf6811e25dbc147c
03dc09f87a4017228b6c82dd57c02fc8c78ce909
442b3aa48f7f563c5c21632c1457584bc004b28eb3eb72ec6b210b7665f0a904
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4690
Cache-Control: max-age=115394
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:05 GMT
Etag: "63b6d825-1d7"
Expires: Sat, 07 Jan 2023 15:19:19 GMT
Last-Modified: Thu, 05 Jan 2023 14:01:09 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
oftheseveryh.xyz/multi?cs=OWE1WUwAWQVvfA1TA2B7DlYEYQ&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&agec=1672985489&fs=1&mbkb=131.75230566534916&ref=http%3A%2F%2Fneexulro.net%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_fljf=1672989354046&crc=1
108.156.22.63200 OK 1.6 kB URL HTTP/2 oftheseveryh.xyz/multi?cs=OWE1WUwAWQVvfA1TA2B7DlYEYQ&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&agec=1672985489&fs=1&mbkb=131.75230566534916&ref=http%3A%2F%2Fneexulro.net%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_fljf=1672989354046&crc=1
IP 108.156.22.63:0
File type ASCII text, with very long lines (3271), with no line terminators
Hash ae7a1fddced14e0d85a47fc1b372bfbb
aa13e9c3f7bed3b94ac3633c4ad02233f073338b
a2877a7a851bc0f27be7a7473fcf7d635fbca5ee4d53d9c7fac681b517159313
GET /multi?cs=OWE1WUwAWQVvfA1TA2B7DlYEYQ&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&agec=1672985489&fs=1&mbkb=131.75230566534916&ref=http%3A%2F%2Fneexulro.net%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_fljf=1672989354046&crc=1 HTTP/1.1
Host: oftheseveryh.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
content-length: 1590
date: Fri, 06 Jan 2023 07:16:05 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=376b57a8-e25f-4071-9785-5362ed0d69b4
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9e7d825887069100f188900375c625e6.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: e1i7b8pQk4a9AzcW75LYLhaxRffV_hgW439c_ai6Ivmjqq_2kAnj8A==
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
104.20.66.244200 OK 4.5 kB URL HTTP/2 cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP 104.20.66.244:0
Hash 5fb656c852aa0af121aed4171c1c5bd5
493eac38b44017df6b97c294c912395f271dde49
da2c9fc4fbe111f9d57ca3e1c34bfd4395b77770549014739d8158644d69571c
GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 07:16:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=25476
cache-control: public, max-age=604800
etag: W/"6384-5faa60e6-8a65ad130d426094;gz"
expires: Fri, 13 Jan 2023 07:08:15 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 470
server: cloudflare
cf-ray: 7852aa8ca86bb4fa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.200.35200 OK 19 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.200.35:0
Hash 7c8f16b43975e444e892877e4cea03b2
e4fddcd62f031cab04b970e944cb737eb625f4fe
3de6ed37c98ca0012e177936710c69d15bf90a877e6cdbabe9e251f38c2fa6f3
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: RKFAUHuy0A16kZzADX+aRTfiGDmNspujJp+M8AKbe5E6MW5HkWRB/kgbLncD5HZy0JtggFFwBcMBEMIqKvfvXQ==
date: Fri, 06 Jan 2023 07:16:05 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/jquery.loadmask.css
104.20.66.244200 OK 1.0 kB URL HTTP/2 cdn.adf.ly/static/css/jquery.loadmask.css
IP 104.20.66.244:0
Hash 1f6ba484c10efd0e0adbf8cb81365733
6e1fa59bcd31ea16ae6e8bff123d13e67be054d4
486bc85e265e4f0e37da6663cbfc318c2707f86e59029b7b3d7db671b319dc22
GET /static/css/jquery.loadmask.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 07:16:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=850
cache-control: public, max-age=604800
etag: W/"352-5faa60e6-f43ece4dd055e5cd;gz"
expires: Fri, 13 Jan 2023 07:08:15 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 470
server: cloudflare
cf-ray: 7852aa8ca870b4fa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
157.240.200.35301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 06 Jan 2023 07:16:05 GMT
Connection: keep-alive
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b9d5eb404693c69bc3cd4a08162568e5
7283a3be604758d65fdd222bda42ce54c1b28316
4bc0f440f12b15760b0c0bd5f989bd76100e48f94fca8a8a7ca5cd3025320ccb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 07:16:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L>m=2oe120&_p=473438144&cid=1058324379.1672985479&ul=en-us&sr=1280x1024&_s=1&sid=1672989354&sct=2&seg=0&dl=http%3A%2F%2Fneexulro.net%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L>m=2oe120&_p=473438144&cid=1058324379.1672985479&ul=en-us&sr=1280x1024&_s=1&sid=1672989354&sct=2&seg=0&dl=http%3A%2F%2Fneexulro.net%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GT41R23D5L>m=2oe120&_p=473438144&cid=1058324379.1672985479&ul=en-us&sr=1280x1024&_s=1&sid=1672989354&sct=2&seg=0&dl=http%3A%2F%2Fneexulro.net%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://neexulro.net
date: Fri, 06 Jan 2023 07:16:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8545
Expires: Fri, 06 Jan 2023 09:38:31 GMT
Date: Fri, 06 Jan 2023 07:16:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 532 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f10700532774ae20763554cf768a997a
d07c110a069c702da5054431ad926ca26550b320
f6387a0c60692a2f00f18ee3ce549c8d6f1518a96a8fbacde55c0122fb09dd77
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8545
Expires: Fri, 06 Jan 2023 09:38:31 GMT
Date: Fri, 06 Jan 2023 07:16:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8545
Expires: Fri, 06 Jan 2023 09:38:31 GMT
Date: Fri, 06 Jan 2023 07:16:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8545
Expires: Fri, 06 Jan 2023 09:38:31 GMT
Date: Fri, 06 Jan 2023 07:16:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8545
Expires: Fri, 06 Jan 2023 09:38:31 GMT
Date: Fri, 06 Jan 2023 07:16:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 905c01ccaa57e0ea71e9a2f58bbb2ca4
6cf4b068623644dd0ca790dbc75e3533e7759f8b
4b579d86c6b957bf5c777b44b474c1c8fac699ffe695757d43f9752b079ef42a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4473
x-amzn-requestid: 4732a7f2-382c-41a0-a96a-dbd073af76dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScwQG6hoAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419b-4b3c3ebf3c06242b360e6421;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gwxWbkGIJgnJKjE2vGO2EtjwRrLcjtGcmG8CQ9cBa7-AYpGbCzZRnA==
via: 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:05:44 GMT
age: 33022
etag: "6cf4b068623644dd0ca790dbc75e3533e7759f8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e96507584bce9f14a50123fb78a8102
c45249ddffb15b9e957af8f5203d7d06ddf32cf8
118f62631c92e42b135046647e828eb80a54405603f5b461320b483bce0c55ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11746
x-amzn-requestid: 1df278ae-becc-4016-a2c4-b41d07badc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eRlHbGlWoAMF-Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b6e895-5ec70fd53a30bd8c340440b6;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 15:11:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H5RdWl_JgJKAYmtiYd7GxKKk0ke7VUR7JvWXxdO1EEftsH8VnopgBw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 15:14:08 GMT
age: 57718
etag: "c45249ddffb15b9e957af8f5203d7d06ddf32cf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5333b07c55ecc31c8aebfa5f80476ba9
7c1e058b189cf70dc46e35fc199a05e919d2b589
55932f33cea20066103fb067a5589bcaf548c21f99a1bf7a64fe95e05e39a7e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8484
x-amzn-requestid: 11abddf9-f08a-4ec1-bbed-9b13f75667ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSd6THUMIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74374-355789823d721ed704e08c87;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:39:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _i_Yf8aS-CRuK6eD997E2wSEqR0cpNCqy_Iiwa0zW2NJ1wckXdU4AQ==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:50:58 GMT
age: 33908
etag: "7c1e058b189cf70dc46e35fc199a05e919d2b589"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21317de1-eb28-40df-9b2f-52c7e7d9a890.webp
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21317de1-eb28-40df-9b2f-52c7e7d9a890.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8838aa3f3695e0418a7b3206d448868
8d9b267ddd23df9ccc4090faa3c805b3bdee20b9
cf1dd2c5d212bcd9db1bc400d789eda6319b8777c2dd0844ef89729b468ca3d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21317de1-eb28-40df-9b2f-52c7e7d9a890.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6823
x-amzn-requestid: 53ddb60a-bb7d-4aa8-8ffe-c0ae75965ca8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSeJRFhLoAMFlzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b743d4-6d05214a6b210dc174440e79;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:40:36 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KtPYrZlC-Eo0eoe_qdj2fVQ0ArL1ikUafYXwNOhlaOljTzVLkKRl5A==
via: 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:05:12 GMT
age: 33054
etag: "8d9b267ddd23df9ccc4090faa3c805b3bdee20b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 008b9a75-d739-4c2b-97ee-125dab1961a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eH6EJF0uIAMFd8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b30a1a-3f738a875090ce970fba51f5;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 16:45:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -2r9e3QyrKCQGQVFWS-XL71lb7b3DyO1Svt4tTWZlh6Cnzoo2rnaFg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 02:25:28 GMT
age: 17438
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 884498828be14529bda4485a38b033c3
9443f22559b64c5861bbc50d0980dad8da158352
c48b1203e6b6e9468dc9a07934709f5ec2ba064fb2c9dd97f6cdc0e452a7dd77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6268
x-amzn-requestid: 3674eb24-1902-4722-8ea0-63b5fb36b41e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdsIEtbIAMFYsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7431a-1e840ef57d3fa7ab2362f37c;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jSI7UFknz6hbv5lG44ZUvaRg2ekHMRdi4NaLtpDGbpNrolofHvqbAQ==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:04:14 GMT
age: 33112
etag: "9443f22559b64c5861bbc50d0980dad8da158352"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=659712949&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(21589233)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=473438144&utmr=-&utmp=%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&utmht=1672989358910&utmac=UA-6469700-9&utmcc=__utma%3D218196230.1058324379.1672985479.1672985479.1672989355.2%3B%2B__utmz%3D218196230.1672985479.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.14200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=659712949&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(21589233)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=473438144&utmr=-&utmp=%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&utmht=1672989358910&utmac=UA-6469700-9&utmcc=__utma%3D218196230.1058324379.1672985479.1672985479.1672989355.2%3B%2B__utmz%3D218196230.1672985479.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=659712949&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(21589233)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=473438144&utmr=-&utmp=%2F-81182OXSD%2F2LEq%3Frndad%3D1532635802-1672989363&utmht=1672989358910&utmac=UA-6469700-9&utmcc=__utma%3D218196230.1058324379.1672985479.1672985479.1672989355.2%3B%2B__utmz%3D218196230.1672985479.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Thu, 05 Jan 2023 16:11:48 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 54261
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
cdn.adf.ly/static/css/core_default.css
104.20.66.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/core_default.css
IP 104.20.66.244:0
GET /static/css/core_default.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 07:16:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=41418
cache-control: public, max-age=604800
etag: W/"a1ca-5faa60e6-228c7387f6f934f1;gz"
expires: Fri, 13 Jan 2023 07:08:15 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 470
server: cloudflare
cf-ray: 7852aa8ca869b4fa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
salwaysesureto.info/popunder.gif
188.114.97.1200 OK 0 B URL HTTP/2 salwaysesureto.info/popunder.gif
IP 188.114.97.1:0
GET /popunder.gif HTTP/1.1
Host: salwaysesureto.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 07:16:04 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 14447
last-modified: Fri, 06 Jan 2023 03:15:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cX%2BaUOH3sXt6TLTwvWW8oBpR4GMS0dFM5jeTEGr31emuzyr63LlIa36Zjojx%2B7Im%2BfmFRcZL3yaZEAMuj10gm%2B6HwihlXdYm3fn5rrppaPUUyNwglaYsZv71JPhs8ovFFNL0C2u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7852aa89bec21c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
neexulro.net/funcript1672989353905.php?pub=21589233&v=UM4yOoTjIIzkMVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjygc13O9TGEZxuYlj2IV4oYAjCJMiuNUzzcLyhOxGGFbhpNpT3Yb3NMJTiQO5iYQznEb2lZdDWUY0yMVm2Vck1IJny0eT=
172.64.109.35200 OK 0 B URL HTTP/2 neexulro.net/funcript1672989353905.php?pub=21589233&v=UM4yOoTjIIzkMVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjygc13O9TGEZxuYlj2IV4oYAjCJMiuNUzzcLyhOxGGFbhpNpT3Yb3NMJTiQO5iYQznEb2lZdDWUY0yMVm2Vck1IJny0eT=
IP 172.64.109.35:0
GET /funcript1672989353905.php?pub=21589233&v=UM4yOoTjIIzkMVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjygc13O9TGEZxuYlj2IV4oYAjCJMiuNUzzcLyhOxGGFbhpNpT3Yb3NMJTiQO5iYQznEb2lZdDWUY0yMVm2Vck1IJny0eT= HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/-81182OXSD/2LEq?rndad=1532635802-1672989363
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 07:16:05 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hw76ptmrM8nk2%2FLoVpe%2F01pmvV4t4%2BPWT%2F9PDpZ7wViizRC2vRggrY35e96y7oe%2FhKKhJR9QuAf4ZvILAP1M2aHJqrIUYIkUGTfj02zGbcSHn3RBOmB3wPrGo6CdlK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7852aa8b099772eb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.172.27200 OK 0 B IP 172.64.172.27:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Cookie: csu=1432618920822827@2@1672985489
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 07:16:05 GMT
content-type: text/plain
set-cookie: csu=1432618920822827@3@1672985489; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6acLDakiIF4ReChso55t5FqE4ZbIdaBlq0%2FsQZElffNzHZCWsnlbvkiKyNO01RLaHz19GEfR7e6YdPgZXhuSfKOXx2RN7Ph%2BgSRngN1KTwQ0Mmo4fARKHIQkXRi4tYR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7852aa8b2c917686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S2131103866%3A1672989365333443&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh458Hyvukqixp_cbna8qMdT4U3sO4Chwz0bXnskW48efN22wXTWo0ZlmkhL05o5WNEKkS7I4A
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S2131103866%3A1672989365333443&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh458Hyvukqixp_cbna8qMdT4U3sO4Chwz0bXnskW48efN22wXTWo0ZlmkhL05o5WNEKkS7I4A
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S2131103866%3A1672989365333443&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh458Hyvukqixp_cbna8qMdT4U3sO4Chwz0bXnskW48efN22wXTWo0ZlmkhL05o5WNEKkS7I4A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 06 Jan 2023 07:16:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-r5tZZ4f9DBIr3mnE8ZjZjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2