r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13103
Expires: Sun, 05 Feb 2023 14:07:18 GMT
Date: Sun, 05 Feb 2023 10:28:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16319
Expires: Sun, 05 Feb 2023 15:00:54 GMT
Date: Sun, 05 Feb 2023 10:28:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 09:36:17 GMT
content-type: application/json
age: 3158
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4507
Expires: Sun, 05 Feb 2023 11:44:02 GMT
Date: Sun, 05 Feb 2023 10:28:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hXLMflYfBlyJdteg7zOLJeHGJFH/XX7whBTeqc0Yu6PtkAtvs9L+zyE5fYHnt+TfvV0c8MN77u0=
x-amz-request-id: Q47HYNW64EJ7CNQW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 10:24:26 GMT
age: 269
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
172.67.157.221200 OK 5.7 kB URL HTTP/1.1 oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
IP 172.67.157.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (552), with CRLF, LF line terminators
Hash fef3e2a0fb47776ded545e823c45f896
02cb3cd048b0a7bfa950d96d8bdd9b55d23eb19a
3f0dd21bf69752d27ca1a98072aec781edb70f9d2062d732d6605ea4b63f46b4
GET /-1JLQC/42Iz?rndad=579728665-1675592020 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=middsp47s29dqknvlq6v06ht6b; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Mon, 06-Feb-2023 10:28:55 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Mon, 06-Feb-2023 10:28:55 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp3=1532635802; expires=Mon, 06-Feb-2023 10:28:55 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 05 Feb 2023 10:28:55 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BxIJcWib3iZkyObIxzouTxAyHpZ8JrPqYitIyU1ThEFF4bhKuNR8E%2BZ9vE6jFZbxU7f9WRFUcRfr17IlLvthBFYDCo6%2BgdDe5FccwXRe%2FBTKO5Azln7qGOVJtGQRzw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af646ce550afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:28:55 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 08:57:41 GMT
Expires: Fri, 02 Feb 2024 08:57:41 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 264674
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
cdn.oaxyteek.net/static/js/amvn.js
172.67.157.221200 OK 84 kB URL HTTP/1.1 cdn.oaxyteek.net/static/js/amvn.js
IP 172.67.157.221:0
File type Unicode text, UTF-8 text, with very long lines (15948)
Hash 4fffba04ce6ff6eb2b958f288493b5d3
fa55371d0e5496c2a814ef51e73462b2ef11387d
ba07392e24680b0f68a5a77a6360128d767d48ef5ef2aa35468767a228fc719b
GET /static/js/amvn.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:55 GMT
Content-Type: application/x-javascript
Content-Length: 84293
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:12 GMT
last-modified: Sun, 05 Feb 2023 00:20:02 GMT
etag: "3f2ab-63def632-3a8d07bd3ec0da7d;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba0HRpugm4%2BYi2IHOMh%2BZwfeyW%2FwZWdW8HmOLSPIXEmxKs6UfZK0SvxfD0bNwpXYB1JG7T5hxi6Op1%2BpIoW%2FcZ9xSKphgH2lk4FtCzbXl8V5SKgvYSJ2SUrv4w6Hcktf7Ve%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af649aaca1c0e-OSL
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/css/adfly_7.css
172.67.157.221200 OK 875 B URL HTTP/1.1 cdn.oaxyteek.net/static/css/adfly_7.css
IP 172.67.157.221:0
File type ASCII text, with very long lines (2735), with no line terminators
Hash f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a
GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-a94c583d5cffa0cf;gz"
expires: Sun, 12 Feb 2023 10:02:12 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPZSyfxxST6zP3C0cc7%2F%2FAFBXa1ccIA39rCeQ2uMbX4X5wtgKojsfAg3W1hV2EeQncKu00X42ESUzoiA0BrNHT3%2FP%2BN16WTsECHHgNYfT9%2BMhtRxjNs%2FuKJQw52WiGGFLWTh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af649aa5d1bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/js/view118_bidshow.js
172.67.157.221200 OK 4.0 kB URL HTTP/1.1 cdn.oaxyteek.net/static/js/view118_bidshow.js
IP 172.67.157.221:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:55 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-3bacd69da000f03;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAcX%2F9ElpEcIPKQxUdxjac5fyLfEm4T%2FLKsz24lbVx8Z0A1ZijD9IvZUc8Q%2BKOoHYGNB9ByGb4d6IUgwIEJOrubpGIHrq7JRkIbz6tvyEkzCzGg51E28hpD8K2f9li0tByoV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af649ab78b4f3-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.oaxyteek.net/static/js/main.js?v=2022052901
172.67.157.221200 OK 705 B URL HTTP/1.1 cdn.oaxyteek.net/static/js/main.js?v=2022052901
IP 172.67.157.221:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:28:56 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-5a0b6a8c1f70ff01;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iB8wNaj1Nt1bbZBjAwj0rk%2F0DMi2lAnf3XuBz3Ydh4950IY84M0SHjtFvuviwin%2FU5g68eN5dmOG6F71PMNF6R3ozfGM35njGltTVLiCAMegcFh9ceBT%2F%2FypFNIcJlyK6q1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af649ad4d1c02-OSL
alt-svc: h2=":443"; ma=60
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
54.230.245.112200 OK 36 kB URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP 54.230.245.112:0
File type Unicode text, UTF-8 text, with very long lines (15481)
Hash 5838e65c8018a9bdd42293f159c25c06
c0ebf62942d32236077cf1a34796c1174ee2eb6a
9301aed065e0b501178b8618c587c8594e22ee83b9f69f54be12f373eab2b51d
GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Content-Length: 36015
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QrIElT1kT---eRx1okFsivTsDlYtM1OmrwACt7E_LhXgJFx7rBpd1A==
cdn.oaxyteek.net/static/image/ahl6532.gif
172.67.157.221200 OK 3.2 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/ahl6532.gif
IP 172.67.157.221:0
File type GIF image data, version 89a, 166 x 58\012- data
Hash 48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FAsnhUe8PVTu8vmz31cX4r6Oe87qC%2FM6d2QI3vWBG3aBdsLjlbrYq1TY0BbwzSuZW8h5cnaB3LhJpL7m6xFTtNq2mf3SCfFetZHZ2sldO0oLaHSytoffKGTJxn4pVZEQAC4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abb0d1bfe-OSL
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/spinner.gif
172.67.157.221200 OK 36 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/spinner.gif
IP 172.67.157.221:0
File type GIF image data, version 89a, 39 x 39\012- data
Hash 2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
GET /static/image/spinner.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-3361a662be6e6961;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAua%2F3reUjFbeNETP%2FFBp2ABrkhfw5Ag1qJ9WTMwNt6y4HqDzDzqTV1Pvt99vC2jN%2FfKppKnYUEiW2tBq%2FTxqfjDbQ17rhDDra9EEnlTewZ%2Bj%2BdwGEauYAqmK%2BQxCHv0jNhi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abbb01c0e-OSL
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/logo_fb2.png
172.67.157.221200 OK 6.3 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/logo_fb2.png
IP 172.67.157.221:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-48354ceeda0c07b3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HmBnupofi218Tz5CiRvs12aV2OnLs6MyBy6B%2Bi1Faen%2BGFqlKiOMuf6dDu7p2%2Bf713hWGJ9j5edBYThaPDk4X4LQI8q4NY%2BuLp9xt2bnkVh9Qbec9tNn4952zW%2FNh9thXhn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abe4b1c02-OSL
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/skip_ad/en_tran.png
172.67.157.221200 OK 5.1 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/skip_ad/en_tran.png
IP 172.67.157.221:0
File type PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29
GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:14 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-d082b40bd28384ce;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNoGXWTqHfwZ%2Bn2goEklYWyI1tH9jsaQadaYHLF7KbW79EBBb4CeQr54EfImkHBgljM3OHjCyqUA9u4f5Hfl8mR3BnbrMN5v4LJVhk1yjC3dCxa9PPOv%2FEOCKftJBqu0KMRr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abda8b4eb-OSL
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/delete2.png
172.67.157.221200 OK 577 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/delete2.png
IP 172.67.157.221:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWNSfUjHPFvKbFeDSODCd9HTJiHzaX2UDAMczFmOE63hWXrBX6DxpknEWuCWC6dnM8GX8QVo2EqNiqyTbHGuoXP%2BtHysJwOwuvf7IfpbAkrPj6XivZs0xwwFPlZCSLlacuh%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abcf5b4f3-OSL
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
142.250.74.40200 OK 41 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash e36c8016d8dbb7af8d0881e48029eac5
9d47bf505e9ced6f3f5de71b5156581a85db0907
10ad89884a1bf0a39ca2e8ba3a094c082ff2357112a7eddf7e5af8740d3d10de
GET /gtm.js?id=GTM-5NL9VFJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 10:28:56 GMT
expires: Sun, 05 Feb 2023 10:28:56 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oaxyteek.net/js/display.js
172.67.157.221200 OK 5.8 kB URL HTTP/1.1 oaxyteek.net/js/display.js
IP 172.67.157.221:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: FLYSESSID=middsp47s29dqknvlq6v06ht6b; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:11 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1605
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmBZFldme4h%2B%2BmlVWXpB8i%2BIEqOmnNXQ9zTa0KNunAuCD88WIvsBGjCpIvfVOnLo3Cd0CLP3rtxRgnARqEK%2FRg8vsAm2tdoHRxdiz9yrbLtBHtn6%2BpkifhDbegBBJdc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af64b19f70afe-OSL
alt-svc: h2=":443"; ma=60
yneationsliee.xyz/popunder.gif
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 yneationsliee.xyz/popunder.gif
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 10:28:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 11:28:56 GMT
Location: https://yneationsliee.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qniisJgmfTePAswKIEhYr2koU9l9J4LXnwmTdO6l9ltwN68o018BDZvevKJR7Su5cRn7vSc2KlB1GTYLWY7Jn67gtAkajY1ARB58OJweiQmHd9U06I1KgPZXk7nH29lCn8bw%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64b4dcab4f3-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP 142.250.74.131:0
Hash f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21
POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.oaxyteek.net/static/image/d_top_bg.png
172.67.157.221200 OK 156 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/d_top_bg.png
IP 172.67.157.221:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-4968c22d9bbfac4c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ob6ZDVbE3awaYOi%2FQl6XgSVGjjhuWZU8CohYRgWG6MUtX9NPMxwOctODkuhmfH4zrorlx%2Fu1pC95PXIfc%2BexhKQTQA6iAzC5DBUwHK7hRHr6kN3egHQ0umcPdghlP88VB2Jw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64bcc8f1c0e-OSL
alt-svc: h2=":443"; ma=60
cdn.oaxyteek.net/static/image/d_bottom_bg2.png
172.67.157.221200 OK 2.8 kB URL HTTP/1.1 cdn.oaxyteek.net/static/image/d_bottom_bg2.png
IP 172.67.157.221:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-e40381177193f2ef;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiVzg6b%2F8tlQRqz849iUOqmW%2Bxr1xK1UZWLshof1Om7awc%2FKS%2Bl5zXMk%2FgRUHMtrNlvV3TUX0SYvojh9dwnRdzvtV%2FC4ddLgiif6ZoDeS2gR0ksgajitTmtgIjf1Rjff52hU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64bdca11c0e-OSL
alt-svc: h2=":443"; ma=60
yneationsliee.xyz/ZFRlcDBLawYDDQUDLzZ+M203JV41GTImRDMwEiJpMRIVQ3EIM0MEWQBpUkAJVGFTVkANMFhCCUInERFEESdYQRYNOgMfDUIiWEEeVHpTQB5VchBNAUIgFRFXWWVDAEQQOFhBBlNhUEkCXWNQSQlS
188.114.97.1204 No Content 0 B URL HTTP/2 yneationsliee.xyz/ZFRlcDBLawYDDQUDLzZ+M203JV41GTImRDMwEiJpMRIVQ3EIM0MEWQBpUkAJVGFTVkANMFhCCUInERFEESdYQRYNOgMfDUIiWEEeVHpTQB5VchBNAUIgFRFXWWVDAEQQOFhBBlNhUEkCXWNQSQlS
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZFRlcDBLawYDDQUDLzZ+M203JV41GTImRDMwEiJpMRIVQ3EIM0MEWQBpUkAJVGFTVkANMFhCCUInERFEESdYQRYNOgMfDUIiWEEeVHpTQB5VchBNAUIgFRFXWWVDAEQQOFhBBlNhUEkCXWNQSQlS HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98moxzrcThgQv5muMChyUS0p2wzY0BtqefXECtmgxM6F6rvDy5Xkg8q720YfHSGK2w%2BzxfwEjaPHjEx4Fq8knBidOoWYk3Rd33ago5XE7EHA2AIq0gV4Sy%2BscA3aJxeWmkntWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64b8dd20afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP 142.250.74.131:0
Hash f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21
POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verysilenit.com/alVpV3gLNwo6RwtoC3ENGDlUckoscFsRHAVjW2JOEm0IMk9fewo7Fx8xDyUXBCFHOR0ecFsREAgCGQ4cPRgmFSwzATEVEy4FLD8uMgNcJSlbMSUWOxk0LQVJMhJZGg0iMiRuKD4TCgA6Lzg/A0hPZy82PicNLyBNBgc8AjopLzAEIAEmORkQMDAxEg9fEDgRKTI7XRU9HRwrDSkJHiowPR8XDjQeKBYFAz4NLTEZKgUPKxYhWhMsDR4mElg1LVo9MDY+WgArFilSEgEGHT5nGRE8ODk5NhM8BjECKgUALxYOPmcZET4rBCw1EywSMT4QUwdYGi4yEkQvKT8WUAcZAQA7EEhTJycRMg4NWg0+OT4BDhkoHC4THy9mPBE9GAIuPz0/ZFg1GS8HLg9JBXBbFTAoECATPAkbOztAGTQ8AS87ZBlySigUL2IbTD8aOBYaaCphNRk8DB8qW2cgBE46AFk
65.9.44.85200 OK 1.2 kB URL HTTP/1.1 verysilenit.com/alVpV3gLNwo6RwtoC3ENGDlUckoscFsRHAVjW2JOEm0IMk9fewo7Fx8xDyUXBCFHOR0ecFsREAgCGQ4cPRgmFSwzATEVEy4FLD8uMgNcJSlbMSUWOxk0LQVJMhJZGg0iMiRuKD4TCgA6Lzg/A0hPZy82PicNLyBNBgc8AjopLzAEIAEmORkQMDAxEg9fEDgRKTI7XRU9HRwrDSkJHiowPR8XDjQeKBYFAz4NLTEZKgUPKxYhWhMsDR4mElg1LVo9MDY+WgArFilSEgEGHT5nGRE8ODk5NhM8BjECKgUALxYOPmcZET4rBCw1EywSMT4QUwdYGi4yEkQvKT8WUAcZAQA7EEhTJycRMg4NWg0+OT4BDhkoHC4THy9mPBE9GAIuPz0/ZFg1GS8HLg9JBXBbFTAoECATPAkbOztAGTQ8AS87ZBlySigUL2IbTD8aOBYaaCphNRk8DB8qW2cgBE46AFk
IP 65.9.44.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Hash dd46e50129fba8e7c560abf68ede4bec
3b83933bc9b357d9ed8c23a998101c16a7f99c57
70fd9f4d80bc8ad24a86ad293941b32bd6aab847284f85adfe18727426006735
GET /alVpV3gLNwo6RwtoC3ENGDlUckoscFsRHAVjW2JOEm0IMk9fewo7Fx8xDyUXBCFHOR0ecFsREAgCGQ4cPRgmFSwzATEVEy4FLD8uMgNcJSlbMSUWOxk0LQVJMhJZGg0iMiRuKD4TCgA6Lzg/A0hPZy82PicNLyBNBgc8AjopLzAEIAEmORkQMDAxEg9fEDgRKTI7XRU9HRwrDSkJHiowPR8XDjQeKBYFAz4NLTEZKgUPKxYhWhMsDR4mElg1LVo9MDY+WgArFilSEgEGHT5nGRE8ODk5NhM8BjECKgUALxYOPmcZET4rBCw1EywSMT4QUwdYGi4yEkQvKT8WUAcZAQA7EEhTJycRMg4NWg0+OT4BDhkoHC4THy9mPBE9GAIuPz0/ZFg1GS8HLg9JBXBbFTAoECATPAkbOztAGTQ8AS87ZBlySigUL2IbTD8aOBYaaCphNRk8DB8qW2cgBE46AFk HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1197
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 7f7d86a250c539fe4431535882cf4e4e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: kBNd-kW5q8_h8gZOBtbZYwY7mWeTqPM3R-xjcyta9y9ZhjvUnOf2PA==
yneationsliee.xyz/popunder.gif
188.114.97.1200 OK 380 B URL HTTP/2 yneationsliee.xyz/popunder.gif
IP 188.114.97.1:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 33e405a5c41d430df6e6de708b489a3e
9910db819e80641ff508559c92b09a3def53b3c7
c2bb4ffc70fec095af17ce5c17a881b0a4dfcf574b69233618462562be72cb79
GET /popunder.gif HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 46780
last-modified: Sat, 04 Feb 2023 21:29:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHC8iOd5hgzA%2B2AQowUxNXnkP%2Be1Ak%2FzpfT0%2FYbeHuHSQzEjDV7mwoTMhvCU0Z5IZ0ogh9lOxPzFRhKYFDNWFfbblImtkdbUqsRrE3mBIHs5AMlU9i3hnJ3toJ%2BUpS0RVKuT6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af64c0e2a0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7df4a9b8a8a54916b1ee5c697706ab93
08d87799f1e91b2e0c72f5fbca75ef5b7f79e97b
af104ae974297c4c0eefe2c9c16a2b2ab17c2950b972c98bb94a3df625dccd9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF104AE974297C4C0EEFE2C9C16A2B2AB17C2950B972C98BB94A3DF625DCCD9A"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Sun, 05 Feb 2023 14:53:54 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7df4a9b8a8a54916b1ee5c697706ab93
08d87799f1e91b2e0c72f5fbca75ef5b7f79e97b
af104ae974297c4c0eefe2c9c16a2b2ab17c2950b972c98bb94a3df625dccd9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF104AE974297C4C0EEFE2C9C16A2B2AB17C2950B972C98BB94A3DF625DCCD9A"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Sun, 05 Feb 2023 14:53:54 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive
cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1
172.67.157.221200 OK 156 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1
IP 172.67.157.221:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:28:56 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-95f251b8bd8ef212;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeHBZVlDvzQ%2FtuKcYhvcWeFMqjcxkSsM7LosA%2BbEYwKSjSvLZT8hER4wynjp9%2FTwYdJTEDiWNlx7pU5mw%2FeP83kiR%2B2QDoQV8Hy5LC579HasmZlll96lvtZ3KsQD5LLNEXrU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64acdefb4f4-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7df4a9b8a8a54916b1ee5c697706ab93
08d87799f1e91b2e0c72f5fbca75ef5b7f79e97b
af104ae974297c4c0eefe2c9c16a2b2ab17c2950b972c98bb94a3df625dccd9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF104AE974297C4C0EEFE2C9C16A2B2AB17C2950B972C98BB94A3DF625DCCD9A"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Sun, 05 Feb 2023 14:53:54 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive
verysilenit.com/utx?cb=lnHtvvw1gLgI&top=oaxyteek.net&tid=604364
65.9.44.85204 No Content 0 B URL HTTP/2 verysilenit.com/utx?cb=lnHtvvw1gLgI&top=oaxyteek.net&tid=604364
IP 65.9.44.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=lnHtvvw1gLgI&top=oaxyteek.net&tid=604364 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 10:29:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: addXj14mOvcCuRqsdqZKI15b0VCYeOLT30FwFhWvzkWHYJy63WLFgQ==
X-Firefox-Spdy: h2
oaxyteek.net/2market_bidshow.php?user_id=77879&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww77.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D77879%26pci%3D3111797%26t%3D1675592935%26dest%3Dhttp%253A%252F%252Fwww.google.com&url_id=3111797&t=8cc8917c8a5566e1731e423feca34bd5&w=7cdaf108c4108200f643acfbfb1e7de5
172.67.157.221200 OK 82 B URL HTTP/1.1 oaxyteek.net/2market_bidshow.php?user_id=77879&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww77.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D77879%26pci%3D3111797%26t%3D1675592935%26dest%3Dhttp%253A%252F%252Fwww.google.com&url_id=3111797&t=8cc8917c8a5566e1731e423feca34bd5&w=7cdaf108c4108200f643acfbfb1e7de5
IP 172.67.157.221:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c
GET /2market_bidshow.php?user_id=77879&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww77.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D77879%26pci%3D3111797%26t%3D1675592935%26dest%3Dhttp%253A%252F%252Fwww.google.com&url_id=3111797&t=8cc8917c8a5566e1731e423feca34bd5&w=7cdaf108c4108200f643acfbfb1e7de5 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: FLYSESSID=middsp47s29dqknvlq6v06ht6b; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXQZ8T9niMmMra5aFmABXZba4zKr66beMmSlEqTmqNLPmm7d4u9VEEaGWF%2FD77QMvBxrsngG9q2ATnFDnwkILcfSazU4pADBb3568dzw31%2F1TTvNwF0guWT%2BHYiZVeE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af64b8a610afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
verysilenit.com/utx?cb=jFUGStF4snQw&top=oaxyteek.net&tid=709056
65.9.44.85204 No Content 0 B URL HTTP/2 verysilenit.com/utx?cb=jFUGStF4snQw&top=oaxyteek.net&tid=709056
IP 65.9.44.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=jFUGStF4snQw&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 10:29:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: vqbfN0F-m6iSrcTkbmOfa1VX8jidFLC0lv3jajv66i9GKbmZqU9Hmw==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 10:07:20 GMT
age: 1296
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP 142.250.74.131:0
Hash ba089de09b6322a93026f30cc52007ae
ef94a35787b5f8056d9efc71e9d78a916a2cc717
cbc7d42a2075bc5ec876b265d36b77e5eb59796b93f2b91a8a4c504c64df5aff
POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verysilenit.com/TVMxY2YsMVIOWSxuU0UTPz8MRlQLdgMlAnwyAgkEeDtbDR94IAVNBSE8RAcAPzxfF0gjNkVGVAsrfAhXfgVpITQEO1oZMn0KWiZUJRtwDTQFCnQ6MwckYFUuJhlGLB8cEmgEUhoaWilSDwIBGiUlAgQnMgsdcA4VLx1zVjAuFXQULiEVRjEIAAFnCl8GCmc5IR0BVkZUDwdkBBALB1YpNTQ4Zy8kfQZ+ITwiG2dTVQU5WgAzfzt3JlYYMFc1LCMCcwxQBTlCNj4ZPHQAIwQQeBQoOgJWKV4fYEUiIH5nAAAjBBB+C1J6AVY5CR8RVTUnBWNhOlYcC1cJSxskYAQvaGF3Ij4PF1JQHgUKd1clFxV7DTcLBl4lInk1d1BeNQkBIiIrBlUINwwdXjExGARmGV4eHklaLSwWZDc3HBkFNDEbBGNQJAp1WxAJIyMMLxc9A3ICEX8ZeRkBNw
65.9.44.11200 OK 1.2 kB URL HTTP/1.1 verysilenit.com/TVMxY2YsMVIOWSxuU0UTPz8MRlQLdgMlAnwyAgkEeDtbDR94IAVNBSE8RAcAPzxfF0gjNkVGVAsrfAhXfgVpITQEO1oZMn0KWiZUJRtwDTQFCnQ6MwckYFUuJhlGLB8cEmgEUhoaWilSDwIBGiUlAgQnMgsdcA4VLx1zVjAuFXQULiEVRjEIAAFnCl8GCmc5IR0BVkZUDwdkBBALB1YpNTQ4Zy8kfQZ+ITwiG2dTVQU5WgAzfzt3JlYYMFc1LCMCcwxQBTlCNj4ZPHQAIwQQeBQoOgJWKV4fYEUiIH5nAAAjBBB+C1J6AVY5CR8RVTUnBWNhOlYcC1cJSxskYAQvaGF3Ij4PF1JQHgUKd1clFxV7DTcLBl4lInk1d1BeNQkBIiIrBlUINwwdXjExGARmGV4eHklaLSwWZDc3HBkFNDEbBGNQJAp1WxAJIyMMLxc9A3ICEX8ZeRkBNw
IP 65.9.44.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Hash df85743e2369ec369ee03d734f836535
83062eec4e22d2f34dc9f71dcf5e82b7bf1e3b0b
5ba2158632dfa7fdda25ff2cb280e558c70dc4cbdb89ee034b0f4679b89422c1
GET /TVMxY2YsMVIOWSxuU0UTPz8MRlQLdgMlAnwyAgkEeDtbDR94IAVNBSE8RAcAPzxfF0gjNkVGVAsrfAhXfgVpITQEO1oZMn0KWiZUJRtwDTQFCnQ6MwckYFUuJhlGLB8cEmgEUhoaWilSDwIBGiUlAgQnMgsdcA4VLx1zVjAuFXQULiEVRjEIAAFnCl8GCmc5IR0BVkZUDwdkBBALB1YpNTQ4Zy8kfQZ+ITwiG2dTVQU5WgAzfzt3JlYYMFc1LCMCcwxQBTlCNj4ZPHQAIwQQeBQoOgJWKV4fYEUiIH5nAAAjBBB+C1J6AVY5CR8RVTUnBWNhOlYcC1cJSxskYAQvaGF3Ij4PF1JQHgUKd1clFxV7DTcLBl4lInk1d1BeNQkBIiIrBlUINwwdXjExGARmGV4eHklaLSwWZDc3HBkFNDEbBGNQJAp1WxAJIyMMLxc9A3ICEX8ZeRkBNw HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1196
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 f13ebb34b9ca74b5ffe9e85709c21a7c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: rVohsuUXWocOcZaybGyXsbyBXVSXNUtUdNXAz-uKnd2mqBI_r3e5WA==
yneationsliee.xyz/WURZdkN2ezoFfg8oEwURNSwwLwULMzgbDSgSASA3OykPFyAOfH8CKj15b0Z3anJtUDMwIGRHZSowOAI2KnloUCo3IjZLZS95aFhwbWpqR21rYixLcn8wKRckZHV/BjctKGRHdW5xbE9xYHNvRndq
188.114.97.1204 No Content 0 B URL HTTP/2 yneationsliee.xyz/WURZdkN2ezoFfg8oEwURNSwwLwULMzgbDSgSASA3OykPFyAOfH8CKj15b0Z3anJtUDMwIGRHZSowOAI2KnloUCo3IjZLZS95aFhwbWpqR21rYixLcn8wKRckZHV/BjctKGRHdW5xbE9xYHNvRndq
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WURZdkN2ezoFfg8oEwURNSwwLwULMzgbDSgSASA3OykPFyAOfH8CKj15b0Z3anJtUDMwIGRHZSowOAI2KnloUCo3IjZLZS95aFhwbWpqR21rYixLcn8wKRckZHV/BjctKGRHdW5xbE9xYHNvRndq HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8UzCI%2BwtK%2B1heTbTB9l1hLrM%2Ftjrd53VpZmu3NjZP%2Fe%2BHJQIO7UqahoHppkcYTQsq37PCm13UFbgi21Yd3UHTYRFDXOTFQnr9xsAKhrMfQSfqd5hneny49mJHQhpyiXB%2FDZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64c6e6b0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7df4a9b8a8a54916b1ee5c697706ab93
08d87799f1e91b2e0c72f5fbca75ef5b7f79e97b
af104ae974297c4c0eefe2c9c16a2b2ab17c2950b972c98bb94a3df625dccd9a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF104AE974297C4C0EEFE2C9C16A2B2AB17C2950B972C98BB94A3DF625DCCD9A"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Sun, 05 Feb 2023 14:53:54 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP 142.250.74.131:0
Hash f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21
POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6977
Expires: Sun, 05 Feb 2023 12:25:13 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive
do6256x8ae75.cloudfront.net/hbWpYdWMOBTYTXBkDPEhVXV5rQ1dLACsaDR1XG0MuHgM9PTFcWBEmVT0/aFMXFw5lRUUBCzYSXksPNhZeXEw5EQFQXn4BEwIBZQcKCgEuBgcfBClTFgxXNRoZBAY0FEZfLG1bU0hYaF0UBAQ8GhQeT2pFDRlPakVSXURoUFAvT2pFFAQEbkFGXih9R1MVXG-xQUC9PakURG09rNFJdX3ZFSkhYaBIGDgE3UFErWGhEU11baERGX1o+HBEIDDcNRl8saUVWQ1p+AF5c
143.204.42.136200 OK 523 B URL HTTP/1.1 do6256x8ae75.cloudfront.net/hbWpYdWMOBTYTXBkDPEhVXV5rQ1dLACsaDR1XG0MuHgM9PTFcWBEmVT0/aFMXFw5lRUUBCzYSXksPNhZeXEw5EQFQXn4BEwIBZQcKCgEuBgcfBClTFgxXNRoZBAY0FEZfLG1bU0hYaF0UBAQ8GhQeT2pFDRlPakVSXURoUFAvT2pFFAQEbkFGXih9R1MVXG-xQUC9PakURG09rNFJdX3ZFSkhYaBIGDgE3UFErWGhEU11baERGX1o+HBEIDDcNRl8saUVWQ1p+AF5c
IP 143.204.42.136:0
File type ASCII text, with very long lines (712), with no line terminators
Hash d187cfe87e46f82f108eb67f3a83d051
d92cab2ea418e69dbaf27205b41f8cf00b976d3f
988f82afbe0484e3a37ac931aa3b55e0e7c96e779ba4f99f78d469cd44b20892
GET /hbWpYdWMOBTYTXBkDPEhVXV5rQ1dLACsaDR1XG0MuHgM9PTFcWBEmVT0/aFMXFw5lRUUBCzYSXksPNhZeXEw5EQFQXn4BEwIBZQcKCgEuBgcfBClTFgxXNRoZBAY0FEZfLG1bU0hYaF0UBAQ8GhQeT2pFDRlPakVSXURoUFAvT2pFFAQEbkFGXih9R1MVXG-xQUC9PakURG09rNFJdX3ZFSkhYaBIGDgE3UFErWGhEU11baERGX1o+HBEIDDcNRl8saUVWQ1p+AF5c HTTP/1.1
Host: do6256x8ae75.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verysilenit.com/
HTTP/1.1 200 OK
Content-Length: 523
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6lNiD0waYshJE43zBsXeXpGrlkHwTnUnFLbHLIHvYFf8dohx37cqsA==
adf.ly/static/other/main.html
104.20.67.244200 OK 2.4 kB URL HTTP/1.1 adf.ly/static/other/main.html
IP 104.20.67.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Hash b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e
GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-8936a98b6e2a0431;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794af64d18dab4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.oaxyteek.net/static/image/favicon.ico
172.67.157.221200 OK 766 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/favicon.ico
IP 172.67.157.221:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a
GET /static/image/favicon.ico HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1675592976.1.0.1675592976.0.0.0; _ga=GA1.1.1322740405.1675592976
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:14 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1602
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmdqOPKXMNc2TQmbJaIhoogNtYsF%2BTccHNoGuAoKgDiCfL51lQubOD%2BeilhlM6MbhB80adEidq10TkUQP6BpwoRczGGHVnbFP%2B%2FKFCVSdJ9iFcSxb6dA5StODO0wB0wNQiPy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64df9221c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.google-analytics.com/ga.js
142.250.74.110200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 05 Feb 2023 09:08:15 GMT
Expires: Sun, 05 Feb 2023 11:08:15 GMT
Cache-Control: public, max-age=7200
Age: 4841
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
d1a3jb5hjny5s4.cloudfront.net/xMk13VXBRIhkzT0YkE2hHAnRHYEYUJwQ6HkJwOyQAYg4WIkJ4BQ0yChQ5DTFNAmsbNB5VcFEwHlFwRnMRVi9KYVZGPRg+TUgvFTgJSykVLB0UOBZoHV03HjkcU2hFE0UcfVJnQBo6HjsUXToEcEICIwNwQgJ8R3tAF341cEICOh47RgZoRBdVAH0PY0QXfj-VwQgI/AXBDc3xHYF4CZFJnQFUoFD4fF38xZ0ADfUdkQANoRWUWWz8SMx9KaEUTQQJ4WWVWR3BG
54.230.245.112200 OK 444 B URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/xMk13VXBRIhkzT0YkE2hHAnRHYEYUJwQ6HkJwOyQAYg4WIkJ4BQ0yChQ5DTFNAmsbNB5VcFEwHlFwRnMRVi9KYVZGPRg+TUgvFTgJSykVLB0UOBZoHV03HjkcU2hFE0UcfVJnQBo6HjsUXToEcEICIwNwQgJ8R3tAF341cEICOh47RgZoRBdVAH0PY0QXfj-VwQgI/AXBDc3xHYF4CZFJnQFUoFD4fF38xZ0ADfUdkQANoRWUWWz8SMx9KaEUTQQJ4WWVWR3BG
IP 54.230.245.112:0
File type ASCII text, with very long lines (593), with no line terminators
Hash 1940296ed4e3e1c211a879b31296b3fc
a345b6475bd21bdd84a81fea91d1f3a1390d1d7a
87d8e5e8e1fd4f40d65eff1cc313c6d084e3f3e7522c5324b74e36d158a40f75
GET /xMk13VXBRIhkzT0YkE2hHAnRHYEYUJwQ6HkJwOyQAYg4WIkJ4BQ0yChQ5DTFNAmsbNB5VcFEwHlFwRnMRVi9KYVZGPRg+TUgvFTgJSykVLB0UOBZoHV03HjkcU2hFE0UcfVJnQBo6HjsUXToEcEICIwNwQgJ8R3tAF341cEICOh47RgZoRBdVAH0PY0QXfj-VwQgI/AXBDc3xHYF4CZFJnQFUoFD4fF38xZ0ADfUdkQANoRWUWWz8SMx9KaEUTQQJ4WWVWR3BG HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verysilenit.com/
HTTP/1.1 200 OK
Content-Length: 444
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 395mIeUiVKUjDRcDxvJLFxG2w97INvVc1sY-hpZcBysmLgMtYJk_bQ==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d09cd05d951779967af874274fbb4875
119e58de80b389f59c445f045371d49e4414767e
1a3f1b8c4f3a485afca5745a30c8402d66b56434f360e11d7ec2063fc9851908
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d09cd05d951779967af874274fbb4875
119e58de80b389f59c445f045371d49e4414767e
1a3f1b8c4f3a485afca5745a30c8402d66b56434f360e11d7ec2063fc9851908
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b66712e69be6c0a95b275254a0570c6c
53e7c43370118610609ef3260a76daf044323d09
c23269342aeab6987bda2d3ffa96ef2037a47e340572f1b011cedba02ff9867a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Last-Modified: Sun, 05 Feb 2023 08:44:54 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b66712e69be6c0a95b275254a0570c6c
53e7c43370118610609ef3260a76daf044323d09
c23269342aeab6987bda2d3ffa96ef2037a47e340572f1b011cedba02ff9867a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Last-Modified: Sun, 05 Feb 2023 08:44:54 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1689938395&utmhn=oaxyteek.net&utme=8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592976503&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1012044518&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
142.250.74.110302 Found 370 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1689938395&utmhn=oaxyteek.net&utme=8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592976503&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1012044518&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
IP 142.250.74.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 07ff29a511219b62627bdc5fa0435a3b
7c6a5bb012adf051f12130255cee7e1736d0b2d1
c2b6c5322ba040c6ad14baaddd2a6da10b5caf8b9f5b972561a405a2c7b0e1ca
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1689938395&utmhn=oaxyteek.net&utme=8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592976503&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1012044518&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1322740405.1675592976&jid=1012044518&_v=5.7.2&z=1689938395
Access-Control-Allow-Origin: *
Date: Sun, 05 Feb 2023 10:28:56 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 370
oaxyteek.net/funcript1675592976022.php?pub=77879&v=NozjgI3kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc03Z9mGEZxuYlz2IV1oMATCcM5uMUTzgL2hMxTGUb5pNpT3NblNMJTiIOziZQTnIb2lNdWWYY5yZVG2Mc11IJny0e3=
172.67.157.221200 OK 472 B URL HTTP/2 oaxyteek.net/funcript1675592976022.php?pub=77879&v=NozjgI3kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc03Z9mGEZxuYlz2IV1oMATCcM5uMUTzgL2hMxTGUb5pNpT3NblNMJTiIOziZQTnIb2lNdWWYY5yZVG2Mc11IJny0e3=
IP 172.67.157.221:0
Hash 63a634d127b22a2889918f993e7de3cd
3a20f60df65d86c87a6104a915eec5fc31f479a8
55218922df0b654c08d94234f70cf0614828cecc1fc962b86f7d85c9eff0be9f
GET /funcript1675592976022.php?pub=77879&v=NozjgI3kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc03Z9mGEZxuYlz2IV1oMATCcM5uMUTzgL2hMxTGUb5pNpT3NblNMJTiIOziZQTnIb2lNdWWYY5yZVG2Mc11IJny0e3= HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acaSh%2Bk1mJk8ONW81hW5TQB1zNJdD4THohr9ApZk26nxoLqKl3cy%2Bxgp95oQ5hbrZim93HS5QuL0AFzQTZWTVLsZQPRc%2BgEOOvwyd99llwrBaal3TRVW7xwZvqCRSfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64ccd741c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 29e3632f43bf82cc13e8779e35d852bb
8f3c6616365b51166b9b3f2b89763be67137321c
91cb702fc872481fd184fb9ff231d8781e52b138007589df91acbce8dfe61795
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 10:28:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675592936727973&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDdxIuasTnwPRchIcNReBJ9taY4RGyiBWMM9apGJTSj2Tnd0-WIAcCg0psiCLIDnObD---jA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-GEx08ToEFgQZyVpf_-n4Zw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:k9IzPp0r5uOg66aZhfAaY3ZlOKc5Jg:gUGjpBbLtN6xGTVk;Path=/;Expires=Tue, 04-Feb-2025 10:28:56 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
verysilenit.com/utx?cb=hH1cQCiyewG4&top=oaxyteek.net&tid=709056
65.9.44.85204 No Content 0 B URL HTTP/2 verysilenit.com/utx?cb=hH1cQCiyewG4&top=oaxyteek.net&tid=709056
IP 65.9.44.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=hH1cQCiyewG4&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 10:29:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: ovJAvtcqkzNhCXZt4dESSMQ617-AQbmShhs260ZH7lDFOojSMNMZpg==
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
104.20.67.244200 OK 3.8 kB URL HTTP/2 cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP 104.20.67.244:0
Hash 9d4e19a376efea966122769055f549b8
a0a2aad945a151940df25a622556723caed8931d
f742449be310268664dd2166337d4ba278594e5b6d23d66ad0953a303f735f55
GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=25476
cache-control: public, max-age=604800
etag: W/"6384-5faa60e6-2ce8da3c9d76af49;gz"
expires: Sun, 12 Feb 2023 10:01:11 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1665
server: cloudflare
cf-ray: 794af64e8c1eb517-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP 142.250.74.131:0
Hash ba089de09b6322a93026f30cc52007ae
ef94a35787b5f8056d9efc71e9d78a916a2cc717
cbc7d42a2075bc5ec876b265d36b77e5eb59796b93f2b91a8a4c504c64df5aff
POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
verysilenit.com/multi?cs=NXdKT1oNR3t2bAdDeH5tDE94eG0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_7yNi=1675592976188&crc=1
65.9.44.85200 OK 1.5 kB URL HTTP/2 verysilenit.com/multi?cs=NXdKT1oNR3t2bAdDeH5tDE94eG0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_7yNi=1675592976188&crc=1
IP 65.9.44.85:0
File type ASCII text, with very long lines (3258), with no line terminators
Hash 96b4201ef969ed14e4febe4805622ab4
0b4b379de76c7eca33d401d00202909bd24a897d
4938ae28161dfd96345865bd3e28cb2757837c4632ad174117c1804444407a51
GET /multi?cs=NXdKT1oNR3t2bAdDeH5tDE94eG0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_7yNi=1675592976188&crc=1 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1502
date: Sun, 05 Feb 2023 10:28:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=d87e45d6-076b-44fc-9f86-ff37517f71ef
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: or4-X0Xjz8jKL-PxzXJOKsaLO4mkk0GHjPs2eA_dyEokLWWgl3O-Ig==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash 1fce2efe1d191e8bc6fee915067a6d92
f25ef8879f6ce950dbf270c16a6eb4ecbbfec0b3
142afd0125ded01a23eeab352d44fce77cd76298c1902aa87851825e673a9c79
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 10:28:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-939391772%3A1675592936768298&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfpCvs5sEtTNpi3923HH0ouIyMQTwwAWerZsM0EtlAktTBE0nUcejufxrupZ_orKtVuAYJKZw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-uhYKfUtG7MlCkEh4JEy3bQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:Y3339A0m6FD8L5VOUulODnlyQSTdKQ:LpBqKajV-MQFvjZA;Path=/;Expires=Tue, 04-Feb-2025 10:28:56 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.adf.ly/static/css/core_default.css
104.20.67.244200 OK 6.7 kB URL HTTP/2 cdn.adf.ly/static/css/core_default.css
IP 104.20.67.244:0
Hash 7f9be48864a8a4226127643355582632
dc9b4894f40764f6eb7fe98c952dc0a2175192d4
3f96cbe6278a14bd1c4c26c0987f41499557cec1fc9c5daa684ad279d4ee8bbb
GET /static/css/core_default.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=41418
cache-control: public, max-age=604800
etag: W/"a1ca-5faa60e6-43aa68c40fef0c2b;gz"
expires: Sun, 12 Feb 2023 10:01:11 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1665
server: cloudflare
cf-ray: 794af64e7c11b517-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
54.230.245.26200 OK 52 kB URL HTTP/1.1 dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP 54.230.245.26:0
File type Unicode text, UTF-8 text, with very long lines (15955)
Hash 8033292954f84989ee8670b3e0052087
f0954a6b78073a23c6161fc818b6461e5a0b3cb5
096c10fd6ab2a7764ad29bdef63829f0002b0881288b7467c4cfbec53cf03d69
GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
HTTP/1.1 200 OK
Content-Length: 51504
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZsRd3tozfYWgpOsXefO8q4UhcVW6Adb5fMmFSK9v_TZGjgykJ59qkg==
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1322740405.1675592976&jid=1012044518&_v=5.7.2&z=1689938395
64.233.165.157200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1322740405.1675592976&jid=1012044518&_v=5.7.2&z=1689938395
IP 64.233.165.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1322740405.1675592976&jid=1012044518&_v=5.7.2&z=1689938395 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 10:28:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.106.19200 OK 308 B IP 172.64.106.19:0
File type ASCII text, with no line terminators
Hash 214c8cfdbda380a8669fad73a2922543
417cb2482f08938052fa9e6ba2486f9837f37eb9
d0de7480cf5b381c7cdc35344992cb6155a6ca28127b065f77f52a267453a3f3
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/plain
set-cookie: csu=1536910593356455@1@1675592936; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPLO4XrAJQSlRrD%2B7EscdKFokFSEvHH4TIIG2QVXC8GpaJZPpusgpTEGMHwAEn7L4ViDnVKZeic6WJ9VOoOkqsm0LSlbZ1yT%2BaEwAR9kxfudAmIreDSvBj9DucxL0PqM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64d4a95745b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.161.147.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.147.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4asci5hffF38eeD3lmuOXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7j5ystOGjIG6QuXhvrfS72ipG8g=
cdn.oaxyteek.net/static/image/apple-touch-icon.png
172.67.157.221403 Forbidden 436 B URL HTTP/1.1 cdn.oaxyteek.net/static/image/apple-touch-icon.png
IP 172.67.157.221:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a
GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1675592976.1.0.1675592976.0.0.0; _ga=GA1.1.1322740405.1675592976
HTTP/1.1 403 Forbidden
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F%2FfstVQuHxnyokGuDw9Q3aLpTiBSIriZvHDy6fwOj8qR%2FHt%2BQquKMWnr9vrUY4BhmiclaA9YlzsrpUn81pqeCecPsrFKXj6Euwor0ck0bGuu%2F5ssk%2Fb7AnrgjzhibLy9BRq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64dfe701c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 500 B IP 93.184.220.29:0
Hash f0db1d4fceef4bdf38e207ffa157001c
542854171f7f0c883822237f9c8cda0d3abb505b
8cbce294d1f497c59d760317b3128e9f07e29854f7dc3e9f4d17e1396ac852cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4625
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Last-Modified: Sun, 05 Feb 2023 09:11:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
pogothere.xyz/asd100.bin
172.64.106.19200 OK 112 kB IP 172.64.106.19:0
Size 112 kB (111736 bytes)
Hash bd1026c3d7b8b01e2f9a2854db9f1b02
9c62e4bf5671a3a1fc9fcfb63943fe5aabee75d5
68b5e9142be02e9cd13baea92d78aa1894cf1d57cfbd403c9e8fc88b354bd225
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7121
last-modified: Sun, 05 Feb 2023 08:30:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4XsdWkB9rN4vu4psT8RJWAI1VN7vLgRiHEMvoI7fFBSX4mmaZAx4KJnbrt8XM64fNcPaUXzGdHe8b9rHN52ffJ2Cx4Pw9RuK%2BpfoIPOcqSI5PqM9rGkVDNuGPvqEOVp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af64c89bb745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.221.35200 OK 4.5 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.221.35:0
Hash c0f134bcae8446f985d564291a9d6beb
3d935c3984ce7a059096bb4677abd3301a2b5aeb
0d97fccd695d5147d56769a8a92c71cd041a92d0dad8c4c899447f3500798631
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: QOruwroH4epNR/DBm0g9roHIS+9ve/2oSLFDOU9ik47JWU7pvMLTFF5XaLHzpprHQCCHixzx3L1zUSkN88Cf/Q==
date: Sun, 05 Feb 2023 10:28:56 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
157.240.221.35301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive
Content-Length: 0
region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L>m=45je3210&_p=1508426948&cid=1322740405.1675592976&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592976&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L>m=45je3210&_p=1508426948&cid=1322740405.1675592976&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592976&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GT41R23D5L>m=45je3210&_p=1508426948&cid=1322740405.1675592976&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592976&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://oaxyteek.net
date: Sun, 05 Feb 2023 10:28:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7771
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7771
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7771
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:28:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75caf9549ac23c827c10d6baabb84884
e8391e4046acb91cd4a6113974fda1c44dcd3865
a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: e3e457e7-b73a-4b5f-a7bb-9a643cde2760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwAv_GI1oAMFbIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcae66-6793e5e054a709881bb2d191;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 06:49:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6LeXkwyELIc_XykRxsfDIBu7Kda_3OHFDiteX0rKwDt-315catmvKw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 44295
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 44212
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00Sp1Thtp-YIGYmu7qIB6GtKBxOGLgcAse2SusryA8xaBrnWQDD-Hg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 44697
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 70513
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 24530
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 45906
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1225243129&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592981028&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~
142.250.74.110200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1225243129&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592981028&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~
IP 142.250.74.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=1225243129&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592981028&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sat, 04 Feb 2023 21:51:18 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 45463
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
pogothere.xyz/
172.64.106.19200 OK 0 B IP 172.64.106.19:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/plain
set-cookie: csu=240819532168915@1@1675592936; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3KlTb9p7s4XVWFrAWkAinPwe2zHmnovmb82Ru%2BOpOoikXTO8c3pCPNSAYNxo8TbVkSkF%2Bd75EeB46ufMisNosgBL3Jlu2IT2Yrcq0GsX3hnP9NPfY6l14VmrYHxy7C9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64c89b8745b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675592936727973&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDdxIuasTnwPRchIcNReBJ9taY4RGyiBWMM9apGJTSj2Tnd0-WIAcCg0psiCLIDnObD---jA
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675592936727973&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDdxIuasTnwPRchIcNReBJ9taY4RGyiBWMM9apGJTSj2Tnd0-WIAcCg0psiCLIDnObD---jA
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S-1123696107%3A1675592936727973&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDdxIuasTnwPRchIcNReBJ9taY4RGyiBWMM9apGJTSj2Tnd0-WIAcCg0psiCLIDnObD---jA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 10:28:56 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-rfSiodl9ZmVURKCjGuFkZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.106.19200 OK 0 B IP 172.64.106.19:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7121
last-modified: Sun, 05 Feb 2023 08:30:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97aeAmGczGfhwgZaLBa8t5wdIesV48UL%2BDVWInWjEEdC7%2B3MJSJm6fTRSp87jh85XdjH76iGFllI%2FaoivvxUS7ChhcF46DMwSj2b9VIwUpOdyqmKttz8yQMsAjyaYsay"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af64c89c0745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2