j.gs/Foij
104.21.5.11301 Moved Permanently 1 B IP 104.21.5.11:0
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /Foij HTTP/1.1
Host: j.gs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Sep 2022 06:18:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=dvh33rnphng6ij7c4aku5cshkt; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: adfly
strict-transport-security: max-age=0
location: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fgAyj8%2F01xGbXWNtOYHd1ES3qdx9QquO1kAxsGB1nluQJaMpmHwvqEhiIMw9a1ZLoSZtV23MGYa4Yx%2ByWEkwJAi98g6u7eAQOm5mmyPyFMxH2p58hr1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744420d2cb5cb517-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10383
Expires: Fri, 02 Sep 2022 09:11:28 GMT
Date: Fri, 02 Sep 2022 06:18:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7P0FWLZHhWiwY5DNUtCnAop0SNgBMwWo_R2GgHkUmEMSSbcp6H8JDA==
age: 18188
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 05:41:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5vIiE6Hq-RtcT6FS711draxIQiiQeSn80v69rpO0wR4ARW6OdSKjpQ==
Age: 2204
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 06:18:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
104.21.0.99200 OK 5.2 kB URL HTTP/1.1 neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
IP 104.21.0.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (334), with CRLF, LF line terminators
Hash 7262c4e0034a99a986d11583f420a466
044ead31a81d2b57edf8379492b5d8e239df8367
621c3a4363bc4bd30036b031c94715ca7d17ecddbaec159306103fdd8d5db998
GET /-12FWKV/Foij?rndad=1532635802-1662099505 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=9okj4eqbmnbbc45tcrks0ae7pi; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Sat, 03-Sep-2022 06:18:25 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Sat, 03-Sep-2022 06:18:25 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp3=1532635802; expires=Sat, 03-Sep-2022 06:18:25 GMT; Max-Age=86400; path=/; domain=.neexulro.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 02 Sep 2022 06:18:25 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fvbdTU3imzzivCY4K9W6s7%2FuKeSvA4gJUHnx6fv%2BpGtXyiVtUOEScisUrkXeagKd2%2FAVwY%2FjIsAn4ULvRPikGr%2FUTBR%2B%2F9aQ8LoqWtEOCy8Fl5g6wB3QprztZZiPmk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744420d50956fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/amvn.js
104.21.0.99200 OK 84 kB URL HTTP/1.1 cdn.neexulro.net/static/js/amvn.js
IP 104.21.0.99:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash a00a959f9ea3d56be6a5f4e6b1cf9eaa
4eae23509aa7ce0dbc9549b3423e8dcf3fded5d1
161b2532a2be9be7b82aedff76b9ca16e342b2eb4beb90bbd0dc93f706aa55ca
GET /static/js/amvn.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:25 GMT
Content-Type: application/x-javascript
Content-Length: 84147
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:12 GMT
last-modified: Fri, 02 Sep 2022 00:20:02 GMT
etag: "3f0d5-63114c32-2a53b791071e7651;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 972
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0jcUIZ1k%2BBcTbfyrDnwT6UDW7x4u4MmxlxVjHCgpqdhky7JUM97VeYyffOaI%2FEJglu6AJTtqKO40aavmAZo3S%2BD60Q0g%2FH0oc6s%2FhbUdJweTFOF0LI8kMuzc94m%2FxRWQOIk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744420d78b25fac8-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/view118_bidshow.js
104.21.0.99200 OK 4.0 kB URL HTTP/1.1 cdn.neexulro.net/static/js/view118_bidshow.js
IP 104.21.0.99:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:25 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:13 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-3bacd69da000f03;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 972
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH%2Bu%2FtDaVLu3s97uyEkDk4pbqgnqaM1KYzTLMLDbDR20BXP6d5X2u69DAiF2t3eaK87iBlDGU3TzcmnlQo%2F01ADO%2BciwcNrKHD%2FqHmKcTxmBGpE0TgKfhGWdu%2BrWXDUjrBYP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744420d78f7eb4fd-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/css/adfly_7.css
104.21.0.99200 OK 875 B URL HTTP/1.1 cdn.neexulro.net/static/css/adfly_7.css
IP 104.21.0.99:0
File type ASCII text, with very long lines (2735), with no line terminators
Hash f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a
GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:25 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-b79b494dafd99b83;gz"
expires: Fri, 09 Sep 2022 06:01:52 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 993
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGWU5ET4PxAH01xpE8R2y2s0CPwI%2Bm6oJaUpmXL0N4pzql4MClNNQSHYE88oMAbSgEmeU2aQvG%2BIZGCY%2BbJxb7KRAuICNFZzlbwvAnKXQkIHuHz2PvvCc9qmNnLQyYmKbJQR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744420d77b420b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
54.230.245.125200 OK 36 kB URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP 54.230.245.125:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash 408b815c9315cd77d7d77cb38e6ef96a
00a98a72b561b14d832082fda9a440d74cfad7c6
ebcc2a1bdb79fe9e63742ff00a572baed6f90a7ceb2556bfef1c239a4c9bdd67
GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Content-Length: 36027
Connection: keep-alive
Date: Fri, 02 Sep 2022 06:18:26 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YHWFcnxsXLAWi3bdIYMEXTJXiivzXjgtN3-CsAAcxsSHc9Yz4zLPxA==
cdn.neexulro.net/static/image/logo_fb2.png
104.21.0.99200 OK 6.3 kB URL HTTP/1.1 cdn.neexulro.net/static/image/logo_fb2.png
IP 104.21.0.99:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-48354ceeda0c07b3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 973
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n88ioKxb7WdI3ot7RJoluwtuDf2YbEzZsmTZVrRQXXqD0HKxQSdhP88JohQf0RYBF8ABjLaCExDkGkgsKXcIO47IrMezoudTz96HAtcwtxDhN4v9ROMFSfY85PGKgmZn5zgZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420d8cbd8fac8-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/skip_ad/en_tran.png
104.21.0.99200 OK 5.1 kB URL HTTP/1.1 cdn.neexulro.net/static/image/skip_ad/en_tran.png
IP 104.21.0.99:0
File type PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29
GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:15 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-eb24f435e560d3dd;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 971
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYU3IvsavOPHGDSYRpdN81xtraRJvow4Kty3uoaleaSN9c0m2eL%2BbkaGOJYSuYcDUlRcGvh56wd7Zv6IazgrxoqLJ1GfmvBjKKQHlmNM4pGg2qcsGfdPG0qrWMkR%2ByPsN4LO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420d8cc8b0b41-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/delete2.png
104.21.0.99200 OK 577 B URL HTTP/1.1 cdn.neexulro.net/static/image/delete2.png
IP 104.21.0.99:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 972
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvqzJ7tN2l1wrHt%2FmLnh9AJH%2BcVtg%2F79POOi%2F8R%2FhCwZCTP6tB3OkeaZVsS6w%2Be11qIuEZpcTlwQAI8GSWbX6ibEZUW62iqFpX8z0dF5vGNL6nAZ5zJDR0AvFXdWgsQp1ydE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420d8dbe4fac8-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/ahl6532.gif
104.21.0.99200 OK 3.2 kB URL HTTP/1.1 cdn.neexulro.net/static/image/ahl6532.gif
IP 104.21.0.99:0
File type GIF image data, version 89a, 166 x 58\012- data
Hash 48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 972
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OMYoe3%2BIkDtB6d3sAWAkZBWZMTRiZfD82sgKy0LwR6pul%2FsdNdk6sY3hwDs5qHagOaTOmhwnSwPC%2FFL%2F72Mb%2BhYvgqmgDR8wUJ0cxnw8Tkc%2Bp96ghta6e2j6CtAIsJPe12%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420d8cad41c02-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/main.js?v=2022052901
104.21.0.99200 OK 705 B URL HTTP/1.1 cdn.neexulro.net/static/js/main.js?v=2022052901
IP 104.21.0.99:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: application/x-javascript
Content-Length: 705
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:18:25 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-8cbcca2019146215;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaD4eTnm6GCrVzdVA5uZ1dkTUxO21FGkKTPX1JH2XefvJKYhnxKj9WJmBbuCjcxatFCfEbbMUDJKceQvI%2BoQzKUSM2LlgAvfMyo32YlnzzVAgfOplUPU2ItImkpaQW%2BYJYPx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744420d78d511c12-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 02 Sep 2022 05:38:16 GMT
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 06:08:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6upQ0df-aK5wlfxIQwfrLItumsPgaR2kkxxqMBgxWYp0_Z4dBxkBTA==
Age: 2410
neexulro.net/js/display.js
104.21.0.99200 OK 5.8 kB URL HTTP/1.1 neexulro.net/js/display.js
IP 104.21.0.99:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: FLYSESSID=9okj4eqbmnbbc45tcrks0ae7pi; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:13 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 973
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj%2B1jXbqJ9prBzoospI21bzR%2Bz7x96InW3xDnrF7JZt8t5dnxjwZ2WbMc2F1d1VptTlsax9fmTDTqigU51193VzHc0Cti4gjZYtGwqsaCbvRPuZXn9ANTUIrbKW1tYs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744420d91c13fac8-OSL
alt-svc: h2=":443"; ma=60
ployeesihigh.one/popunder.gif
172.67.132.192200 OK 58 B URL HTTP/1.1 ployeesihigh.one/popunder.gif
IP 172.67.132.192:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79c15b369d32d2f0f17c116f541b6df3
3039289d4d1f5bc7385a81621deb2614423b769b
e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
GET /popunder.gif HTTP/1.1
Host: ployeesihigh.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 46632
Last-Modified: Thu, 01 Sep 2022 17:21:14 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0eLali%2FHc9g1PMoFjj83JuzplNsIwmTYx7EX3FDWxRZxdF6LA6O8%2FYj9oEZG8EzVNpgpYxaGVhOGDPNFV5xna0YxH3rc%2FRDYMQJ6UmiinuWlRwBmDwloe8HLLjt906i48yY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420d93aa2b4f9-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a43bb15e77a7c9ce208f7f716c11124d
9a580b9cc6e589a315801aa03ff7dcf1db8f9c9f
5fa54bf13c98acb031720e1642ea7f9c17966a6acfbb3e2b4a12e0ccd200b411
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5FA54BF13C98ACB031720E1642EA7F9C17966A6ACFBB3E2B4A12E0CCD200B411"
Last-Modified: Thu, 01 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13859
Expires: Fri, 02 Sep 2022 10:09:25 GMT
Date: Fri, 02 Sep 2022 06:18:26 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f735655a7f8cf817a3a44c98849ca9c0
f6eba782ae00d2adcfd36340530587b85eafec7f
fecf965cb8e96c1edeac10a0623896ece30b9001253588ac2e474f47c36eea50
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FECF965CB8E96C1EDEAC10A0623896ECE30B9001253588AC2E474F47C36EEA50"
Last-Modified: Wed, 31 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3638
Expires: Fri, 02 Sep 2022 07:19:04 GMT
Date: Fri, 02 Sep 2022 06:18:26 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/d_top_bg.png
104.21.0.99200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/d_top_bg.png
IP 104.21.0.99:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:14 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-4968c22d9bbfac4c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 972
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSpRWnETg99fDfCHbRbN3%2FHrTsBFCZLg16tNgpGL%2BZN3Z8%2BMq0p7CEirc2UBUrkKDKt7nFU%2Bk0lbiJGrG1BtrNwoIuaQ%2Fnpjb70NR%2FZVDyEqQbpfcyJ97mpVs6%2BhVngYB0Pd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420d9ac79fac8-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/d_bottom_bg2.png
104.21.0.99200 OK 2.8 kB URL HTTP/1.1 cdn.neexulro.net/static/image/d_bottom_bg2.png
IP 104.21.0.99:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:02:14 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-e40381177193f2ef;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 972
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuLr%2BIcS8lmI%2BLJuWtHjrzBcMSgrzaxp6%2FfaIH9olXtXROgg1d7B1vNlsYFceHmsTRsuwZqdij%2BtFfllNOvybM1Rv4yumk7Fmv5jBfWQF%2BIdsBEeERsKJvi7CVcQTT7zFYh9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420d9adb01c0a-OSL
alt-svc: h2=":443"; ma=60
ployeesihigh.one/cTNHa0heDCQYdShmcl0qJgISDQ0BUB8tEkJndloSJF0rKBA3WGEfIRUOcFtxQQZxTTgYV3pZcVdAMwo8BEB6Wm4YXSEEdVdFelpmQR1yUmZBFTJWeVdHNwovTAJhGzwFX3pafkcBd1JxRANyWnlD
172.67.132.192204 No Content 0 B URL HTTP/2 ployeesihigh.one/cTNHa0heDCQYdShmcl0qJgISDQ0BUB8tEkJndloSJF0rKBA3WGEfIRUOcFtxQQZxTTgYV3pZcVdAMwo8BEB6Wm4YXSEEdVdFelpmQR1yUmZBFTJWeVdHNwovTAJhGzwFX3pafkcBd1JxRANyWnlD
IP 172.67.132.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cTNHa0heDCQYdShmcl0qJgISDQ0BUB8tEkJndloSJF0rKBA3WGEfIRUOcFtxQQZxTTgYV3pZcVdAMwo8BEB6Wm4YXSEEdVdFelpmQR1yUmZBFTJWeVdHNwovTAJhGzwFX3pafkcBd1JxRANyWnlD HTTP/1.1
Host: ployeesihigh.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 06:18:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IL1dNQx3gwqZyVxF16sTD2CzJc53L%2BMvvko0pPL4cECN0FVZzHhP0JbHmsX4X17xxFSCE64ySZVZWTRpZdit6xE65axttsVWS3%2BRcmbsZozQj59LO79ibgQQzv2LRw7c0HxL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744420d96c86b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3178
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:18:26 GMT
Last-Modified: Fri, 02 Sep 2022 05:25:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
athyimmesa.shop/SENLMlUpIShfail+KRQgOi92F2cOZnl0MXslel9lezEpUGN+JDIcNiQsPlYzOiwlRnsmJj8XZw4KGWcmMhQcVTgCBXsXZw4VMXc8HnEZVzEQewpQZDApAmcUegEhZGctJHNREBozIHsBAXEJXCJtcQ1mPw07HQAHERoyVgYGNHIGNx4aeHFmIHUNZjIFCXhrHS47PAMfDisgczwvLh1IJisOMmgXARZ/RR4vd3twL3AqE0gAAhoDXmQqBhEDNy8FO2MReXUKXC0qAXkGFykSGkEfHRojZg0sdBgAEy0EJQIdLgU4ejcvBTt1PwY2CnA9GiB5ZxErBnoBMHluGgoWMXcgdDg7Ni8BJgsiHVplLTQBCgImFj9lPDsNAksHBCUNXRErJB0BAg8ObgAXDC4sFD87LCVCaAEVP2YEHzsRQRgHJQ
54.230.111.12200 OK 1.2 kB URL HTTP/1.1 athyimmesa.shop/SENLMlUpIShfail+KRQgOi92F2cOZnl0MXslel9lezEpUGN+JDIcNiQsPlYzOiwlRnsmJj8XZw4KGWcmMhQcVTgCBXsXZw4VMXc8HnEZVzEQewpQZDApAmcUegEhZGctJHNREBozIHsBAXEJXCJtcQ1mPw07HQAHERoyVgYGNHIGNx4aeHFmIHUNZjIFCXhrHS47PAMfDisgczwvLh1IJisOMmgXARZ/RR4vd3twL3AqE0gAAhoDXmQqBhEDNy8FO2MReXUKXC0qAXkGFykSGkEfHRojZg0sdBgAEy0EJQIdLgU4ejcvBTt1PwY2CnA9GiB5ZxErBnoBMHluGgoWMXcgdDg7Ni8BJgsiHVplLTQBCgImFj9lPDsNAksHBCUNXRErJB0BAg8ObgAXDC4sFD87LCVCaAEVP2YEHzsRQRgHJQ
IP 54.230.111.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 8c69c8f40286b511a34462063f6116e1
90365cceb7d080a312352a73978bbecebff683e1
2346d0f863fb00349b5ffa385cdb927150d2485a6c1ead3a9153b69cc04de924
GET /SENLMlUpIShfail+KRQgOi92F2cOZnl0MXslel9lezEpUGN+JDIcNiQsPlYzOiwlRnsmJj8XZw4KGWcmMhQcVTgCBXsXZw4VMXc8HnEZVzEQewpQZDApAmcUegEhZGctJHNREBozIHsBAXEJXCJtcQ1mPw07HQAHERoyVgYGNHIGNx4aeHFmIHUNZjIFCXhrHS47PAMfDisgczwvLh1IJisOMmgXARZ/RR4vd3twL3AqE0gAAhoDXmQqBhEDNy8FO2MReXUKXC0qAXkGFykSGkEfHRojZg0sdBgAEy0EJQIdLgU4ejcvBTt1PwY2CnA9GiB5ZxErBnoBMHluGgoWMXcgdDg7Ni8BJgsiHVplLTQBCgImFj9lPDsNAksHBCUNXRErJB0BAg8ObgAXDC4sFD87LCVCaAEVP2YEHzsRQRgHJQ HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1171
Connection: keep-alive
Date: Fri, 02 Sep 2022 06:18:26 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DFVQeyoOrcZL9wsMZWWwyS3tIOZ_Bgf3Ly5yV-Zsj32axUeD2q6ckw==
ployeesihigh.one/UHFTeUJ/TjAKfwo5NyEQYDcHLXBlQTAvFBQrPS81BTQJHiZjFnUNKzRMZUl2Y0dnXzI5FW5IZCMFMg03I0xiXys+FzxEZCZMYldxZF9hQWxgVyZEc3YFIxglbUB1CTYkHW5IdGZDY0B7ZUFmSHRo
172.67.132.192204 No Content 0 B URL HTTP/2 ployeesihigh.one/UHFTeUJ/TjAKfwo5NyEQYDcHLXBlQTAvFBQrPS81BTQJHiZjFnUNKzRMZUl2Y0dnXzI5FW5IZCMFMg03I0xiXys+FzxEZCZMYldxZF9hQWxgVyZEc3YFIxglbUB1CTYkHW5IdGZDY0B7ZUFmSHRo
IP 172.67.132.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UHFTeUJ/TjAKfwo5NyEQYDcHLXBlQTAvFBQrPS81BTQJHiZjFnUNKzRMZUl2Y0dnXzI5FW5IZCMFMg03I0xiXys+FzxEZCZMYldxZF9hQWxgVyZEc3YFIxglbUB1CTYkHW5IdGZDY0B7ZUFmSHRo HTTP/1.1
Host: ployeesihigh.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 06:18:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhW%2F0Dsw9zQROIJMLZHnRNsy8ELc67HmmqaM3jbgmSUFG%2Fkl3JcBhS8f4a272uYD7Kew1UsjpH6JOJz8ZWfqD77cH%2FNJVRrDfH5B9n7oX44wCkYHd9U3yFz%2FTpR%2BeL9M1Aqi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744420d99cd8b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
athyimmesa.shop/utx?cb=fd4WrdvucWMu&top=neexulro.net&tid=604364
54.230.111.12204 No Content 0 B URL HTTP/2 athyimmesa.shop/utx?cb=fd4WrdvucWMu&top=neexulro.net&tid=604364
IP 54.230.111.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=fd4WrdvucWMu&top=neexulro.net&tid=604364 HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 06:18:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 02 Sep 2022 06:19:26 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pJUuZ062W-cE41qGkCbFXgFRjlT-g6M0OxRS-nmTHCObtih02F6ZDw==
X-Firefox-Spdy: h2
athyimmesa.shop/utx?cb=qSaAHYI9YgK9&top=neexulro.net&tid=709056
54.230.111.12204 No Content 0 B URL HTTP/2 athyimmesa.shop/utx?cb=qSaAHYI9YgK9&top=neexulro.net&tid=709056
IP 54.230.111.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=qSaAHYI9YgK9&top=neexulro.net&tid=709056 HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 06:18:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 02 Sep 2022 06:19:26 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uuqrFIcnZL7V9BoEsxOAui8inbkS0uXR8t4bg5Poa7U7aY27Wg6kYg==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a43bb15e77a7c9ce208f7f716c11124d
9a580b9cc6e589a315801aa03ff7dcf1db8f9c9f
5fa54bf13c98acb031720e1642ea7f9c17966a6acfbb3e2b4a12e0ccd200b411
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5FA54BF13C98ACB031720E1642EA7F9C17966A6ACFBB3E2B4A12E0CCD200B411"
Last-Modified: Thu, 01 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13859
Expires: Fri, 02 Sep 2022 10:09:25 GMT
Date: Fri, 02 Sep 2022 06:18:26 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
104.21.0.99200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
IP 104.21.0.99:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:18:26 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-616091c58406c4e2;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXt6v8a0psydAn%2FEX3HOXsMaH6HOoIyLPq03qiFNGOpIgmw64aW0bPzmBhYd277vGh%2BvgLvn48EEtGw8J94ZblFX9ywSFJai74og%2BxwCcKjzZ3Snb7BEtRbHkp4Gf2jom%2FSk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420d8c962b4fd-OSL
alt-svc: h2=":443"; ma=60
athyimmesa.shop/Ynh4eXADGhsUTwNFGl8FEBRFXEIkXUo/FFMZSxMSVxASFwlXC0xXEw4XDR0WEBcWDV4MHQxcQiQgLCE2NClIHgUqEgsVFBgTITQoV11KPxY3EBQdHlcKPwApETISSD0tEBxPOwU5ITsHKF1KOzUaE0s2JAkfIS4lWjYALx8BSkwRNSYLEx0nES03ADJTHj4aQCgBCA4iOjVLNjMrGRk9IVs2OigaLSsbEDgLPhQpIxo1NzoHGzI6SUUrFUlcQiQ2SjsEBz8QPSo1Cw8fNSAPGzgADSlKLAYrKzU8PDUiTh8hDgwcKxRVKiA7ByEVED0qNj1dSzIDPTEsFQxNEigoTwAVHB5SLzU6MQgxFCseICAIQCElLgIcKFM5GzE2VjMAHh4oEUwQMzo6AD0eMDAdSj4XNz0BG0QSCxYeEkUXLUIFCTU9OlEaNA0BFilM
54.230.111.12200 OK 1.2 kB URL HTTP/1.1 athyimmesa.shop/Ynh4eXADGhsUTwNFGl8FEBRFXEIkXUo/FFMZSxMSVxASFwlXC0xXEw4XDR0WEBcWDV4MHQxcQiQgLCE2NClIHgUqEgsVFBgTITQoV11KPxY3EBQdHlcKPwApETISSD0tEBxPOwU5ITsHKF1KOzUaE0s2JAkfIS4lWjYALx8BSkwRNSYLEx0nES03ADJTHj4aQCgBCA4iOjVLNjMrGRk9IVs2OigaLSsbEDgLPhQpIxo1NzoHGzI6SUUrFUlcQiQ2SjsEBz8QPSo1Cw8fNSAPGzgADSlKLAYrKzU8PDUiTh8hDgwcKxRVKiA7ByEVED0qNj1dSzIDPTEsFQxNEigoTwAVHB5SLzU6MQgxFCseICAIQCElLgIcKFM5GzE2VjMAHh4oEUwQMzo6AD0eMDAdSj4XNz0BG0QSCxYeEkUXLUIFCTU9OlEaNA0BFilM
IP 54.230.111.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators
Hash 3c155feb15afb97e063070ef0a8ff90b
7ca5ad4c795e956a5bc933756db31356a651ac28
60e009476ec656f376c29b09ccaf34212a7f6a13e787442f2c2be1fa98bdc5d3
GET /Ynh4eXADGhsUTwNFGl8FEBRFXEIkXUo/FFMZSxMSVxASFwlXC0xXEw4XDR0WEBcWDV4MHQxcQiQgLCE2NClIHgUqEgsVFBgTITQoV11KPxY3EBQdHlcKPwApETISSD0tEBxPOwU5ITsHKF1KOzUaE0s2JAkfIS4lWjYALx8BSkwRNSYLEx0nES03ADJTHj4aQCgBCA4iOjVLNjMrGRk9IVs2OigaLSsbEDgLPhQpIxo1NzoHGzI6SUUrFUlcQiQ2SjsEBz8QPSo1Cw8fNSAPGzgADSlKLAYrKzU8PDUiTh8hDgwcKxRVKiA7ByEVED0qNj1dSzIDPTEsFQxNEigoTwAVHB5SLzU6MQgxFCseICAIQCElLgIcKFM5GzE2VjMAHh4oEUwQMzo6AD0eMDAdSj4XNz0BG0QSCxYeEkUXLUIFCTU9OlEaNA0BFilM HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1181
Connection: keep-alive
Date: Fri, 02 Sep 2022 06:18:26 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4rKa_Vo6HPGp1mp6D_yYJfILrIuDi0ii6bUSbyHLesn_j6MUa_eSDw==
neexulro.net/2market_bidshow.php?user_id=17595415&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fneexulro.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlLzQzNnV4M3Y2MjJsajJ1ZC9TdGFyZGV3K1ZhbGxleSt2MS41LjQrRnJlZStGdWxsK1BjK0Rwd25sb2FkLnJhci9maWxl%2F6d4b1105f2175004f21593337f567b57&url_id=6940789777&t=6d4b1105f2175004f21593337f567b57&w=7ac27f61dc3c889da726f658646a46ca
104.21.0.99200 OK 83 B URL HTTP/1.1 neexulro.net/2market_bidshow.php?user_id=17595415&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fneexulro.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlLzQzNnV4M3Y2MjJsajJ1ZC9TdGFyZGV3K1ZhbGxleSt2MS41LjQrRnJlZStGdWxsK1BjK0Rwd25sb2FkLnJhci9maWxl%2F6d4b1105f2175004f21593337f567b57&url_id=6940789777&t=6d4b1105f2175004f21593337f567b57&w=7ac27f61dc3c889da726f658646a46ca
IP 104.21.0.99:0
File type JSON data\012- , ASCII text
Hash 9151cd23c84cf82003359072efd47fed
ee98ed47a6fde9e6d07f480b55bbcb1405e86952
e363567d07937e045d19202b583d1a3455693156b62563102c90894c86ac3b96
GET /2market_bidshow.php?user_id=17595415&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fneexulro.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlLzQzNnV4M3Y2MjJsajJ1ZC9TdGFyZGV3K1ZhbGxleSt2MS41LjQrRnJlZStGdWxsK1BjK0Rwd25sb2FkLnJhci9maWxl%2F6d4b1105f2175004f21593337f567b57&url_id=6940789777&t=6d4b1105f2175004f21593337f567b57&w=7ac27f61dc3c889da726f658646a46ca HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: FLYSESSID=9okj4eqbmnbbc45tcrks0ae7pi; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UHx06%2F9FjV9dZtlso5K08U549dEuN8XnCBO0A64737aw8P0gTtW31VKrPtqqcHg0I%2Fp7Jx9aL5x2sffnlN9G2ujRp09%2FKAmL7NsAiAYWSVCoD6atX7RFwDOMA3wCTY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744420d9ac76fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f735655a7f8cf817a3a44c98849ca9c0
f6eba782ae00d2adcfd36340530587b85eafec7f
fecf965cb8e96c1edeac10a0623896ece30b9001253588ac2e474f47c36eea50
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FECF965CB8E96C1EDEAC10A0623896ECE30B9001253588AC2E474F47C36EEA50"
Last-Modified: Wed, 31 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3638
Expires: Fri, 02 Sep 2022 07:19:04 GMT
Date: Fri, 02 Sep 2022 06:18:26 GMT
Connection: keep-alive
d3f1m03rbb66gy.cloudfront.net/IRUszWWgmJF0/VzEiV2RedX8Ab1xjIUA2BjV2eg8cERpkITI2Bnw/TjExV2RYYydSNw94bVY3C3h6FTgMJ3YHfxw1JFhkAigmVzscMyZBIU4wKg40Bz8iXzUJYHl1bEZ1bgFpQD16AnxbB24BaQQsJUYhTXd7S2FeGn0HfFsHbgFpGjNuABhRc2UDcE13e1-Q8Cy4kFmsud3sCaVh0ewJ8WnUtWisNIyRLfFoDcgV3WGM+Dmg
143.204.42.125200 OK 521 B URL HTTP/1.1 d3f1m03rbb66gy.cloudfront.net/IRUszWWgmJF0/VzEiV2RedX8Ab1xjIUA2BjV2eg8cERpkITI2Bnw/TjExV2RYYydSNw94bVY3C3h6FTgMJ3YHfxw1JFhkAigmVzscMyZBIU4wKg40Bz8iXzUJYHl1bEZ1bgFpQD16AnxbB24BaQQsJUYhTXd7S2FeGn0HfFsHbgFpGjNuABhRc2UDcE13e1-Q8Cy4kFmsud3sCaVh0ewJ8WnUtWisNIyRLfFoDcgV3WGM+Dmg
IP 143.204.42.125:0
File type ASCII text, with very long lines (716), with no line terminators
Hash ef310a43c4982853069e6e626bcfe40c
3d9c9d75b2b618b8bb34c69b7a6ec8a55efd7efd
1a1dafbd229f19a67518ab35caa8f35da50d12719b6f54c342380b0927b8165e
GET /IRUszWWgmJF0/VzEiV2RedX8Ab1xjIUA2BjV2eg8cERpkITI2Bnw/TjExV2RYYydSNw94bVY3C3h6FTgMJ3YHfxw1JFhkAigmVzscMyZBIU4wKg40Bz8iXzUJYHl1bEZ1bgFpQD16AnxbB24BaQQsJUYhTXd7S2FeGn0HfFsHbgFpGjNuABhRc2UDcE13e1-Q8Cy4kFmsud3sCaVh0ewJ8WnUtWisNIyRLfFoDcgV3WGM+Dmg HTTP/1.1
Host: d3f1m03rbb66gy.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://athyimmesa.shop/
HTTP/1.1 200 OK
Content-Length: 521
Connection: keep-alive
Date: Fri, 02 Sep 2022 06:18:26 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jfsrOdN4bjlq0Pae4DiRaF1FmKZCvuWFdhk3y4fA7CqfmEVxJ60qHQ==
cdn.neexulro.net/static/image/favicon.ico
104.21.0.99200 OK 766 B URL HTTP/1.1 cdn.neexulro.net/static/image/favicon.ico
IP 104.21.0.99:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a
GET /static/image/favicon.ico HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 06:04:42 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-15b72dd35dac079e;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 824
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwVv9FpgBm2WJpBGfSI0cvwvpNYhutPp%2Breb05kPFv3oz0foouPbwli%2Bw9qtnzQXUckMj%2FduECpRPhzJmel5eyKquPeJcyZFJlXMpHzd206ZayDXHsG%2BInSLtugj3SUYP6XN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420db9f831c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
d1a3jb5hjny5s4.cloudfront.net/XTXFVQ0guHjsldzkYMX5/fUhldn5rGyYsJj1MOhd6KgAYBwJ+Exk3OTkgYWU8NxVoc24hEDskdWsUOyB1fFc0JypwRXM3OCIaaDQ9NBQjOSciHiFlPSxMOCwyJB05Im1/N2BteGhDZWswfEBwcApoQ2UvISMELWZ6fQltdRd7RXBwCmhDZTE+aEIUen5jQX-xmen0WMCAjIlRnBXp9QGVzeX1AcHF4KxgnJi4iCXBxDnRHe3NuOExk
54.230.245.125200 OK 456 B URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/XTXFVQ0guHjsldzkYMX5/fUhldn5rGyYsJj1MOhd6KgAYBwJ+Exk3OTkgYWU8NxVoc24hEDskdWsUOyB1fFc0JypwRXM3OCIaaDQ9NBQjOSciHiFlPSxMOCwyJB05Im1/N2BteGhDZWswfEBwcApoQ2UvISMELWZ6fQltdRd7RXBwCmhDZTE+aEIUen5jQX-xmen0WMCAjIlRnBXp9QGVzeX1AcHF4KxgnJi4iCXBxDnRHe3NuOExk
IP 54.230.245.125:0
File type ASCII text, with very long lines (604), with no line terminators
Hash 5b6130f2bb44e198e5309ffe69e8288d
a08320da15a189ff970586cb8be07db82fdc6f0e
e609f80b87a231c14fbed6695b62cd5dcbb221e92e79ef36a801d9347f82a57a
GET /XTXFVQ0guHjsldzkYMX5/fUhldn5rGyYsJj1MOhd6KgAYBwJ+Exk3OTkgYWU8NxVoc24hEDskdWsUOyB1fFc0JypwRXM3OCIaaDQ9NBQjOSciHiFlPSxMOCwyJB05Im1/N2BteGhDZWswfEBwcApoQ2UvISMELWZ6fQltdRd7RXBwCmhDZTE+aEIUen5jQX-xmen0WMCAjIlRnBXp9QGVzeX1AcHF4KxgnJi4iCXBxDnRHe3NuOExk HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://athyimmesa.shop/
HTTP/1.1 200 OK
Content-Length: 456
Connection: keep-alive
Date: Fri, 02 Sep 2022 06:18:26 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5pf0udt6WGO02jbx75tBtvELm03mtl1Svxva_NpRA629GBuzIAcEXw==
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Fri, 02 Sep 2022 05:04:40 GMT
Expires: Fri, 02 Sep 2022 07:04:40 GMT
Cache-Control: public, max-age=7200
Age: 4426
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f4f9dc502e2ff07dd351da7bbc20e323
739b6c8334472846232b84b99989be93dc1582d4
0852238945d340493f33e498b75a893d24681f2687fdc05349476faccf426efd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2543
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:18:26 GMT
Last-Modified: Fri, 02 Sep 2022 05:36:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0baf5d701366d0b1a47ea77ea18ad9
5ab565240dc1236e8c5fe1feccd68537b282fdf5
2af2d87becf2dda7c35e067d03e5adaca50e8f07af1acadc0c8452bbc828b354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0baf5d701366d0b1a47ea77ea18ad9
5ab565240dc1236e8c5fe1feccd68537b282fdf5
2af2d87becf2dda7c35e067d03e5adaca50e8f07af1acadc0c8452bbc828b354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1639526891&utmhn=neexulro.net&utme=8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1782403724&utmr=-&utmp=%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&utmht=1662099505589&utmac=UA-6469700-9&utmcc=__utma%3D218196230.554607568.1662099506.1662099506.1662099506.1%3B%2B__utmz%3D218196230.1662099506.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1991343231&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174302 Found 369 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1639526891&utmhn=neexulro.net&utme=8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1782403724&utmr=-&utmp=%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&utmht=1662099505589&utmac=UA-6469700-9&utmcc=__utma%3D218196230.554607568.1662099506.1662099506.1662099506.1%3B%2B__utmz%3D218196230.1662099506.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1991343231&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b41c23545258a71967575d1b4c5408e6
9314d2438f19a6f6078a0b10b28320e66abded18
afd63f1e394957ac09a2b816468d8021daeaba9c8df4d297da95e897ae29b637
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1639526891&utmhn=neexulro.net&utme=8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1782403724&utmr=-&utmp=%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&utmht=1662099505589&utmac=UA-6469700-9&utmcc=__utma%3D218196230.554607568.1662099506.1662099506.1662099506.1%3B%2B__utmz%3D218196230.1662099506.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1991343231&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=554607568.1662099506&jid=1991343231&_v=5.7.2&z=1639526891
Access-Control-Allow-Origin: *
Date: Fri, 02 Sep 2022 06:18:26 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 369
athyimmesa.shop/utx?cb=ONmfz61tSrRd&top=neexulro.net&tid=709056
54.230.111.12204 No Content 0 B URL HTTP/2 athyimmesa.shop/utx?cb=ONmfz61tSrRd&top=neexulro.net&tid=709056
IP 54.230.111.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=ONmfz61tSrRd&top=neexulro.net&tid=709056 HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Sep 2022 06:18:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 02 Sep 2022 06:19:26 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OWdN7pKMi5HMv8eL3RpIBjo_wWYNf-sA_N-eRnl-CDf09JIIw_0RKA==
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.203.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.203.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Nu/4ygjmBLuCJUSzjiVARA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kkt9tgJFl6o9denyVcKtdBIK8DI=
athyimmesa.shop/multi?cs=a1VVRUdeZ2V0dlxsYHVzWGJtdHM&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.59.0&sts=0&prn=0&emb=0&tid=709056&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ot6N=1662099505243&crc=1
54.230.111.12200 OK 1.5 kB URL HTTP/2 athyimmesa.shop/multi?cs=a1VVRUdeZ2V0dlxsYHVzWGJtdHM&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.59.0&sts=0&prn=0&emb=0&tid=709056&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ot6N=1662099505243&crc=1
IP 54.230.111.12:0
File type ASCII text, with very long lines (3218), with no line terminators
Hash b8813dd0baf3a80ebaf95ef9ac7de0a2
b296122a2094f2bfa8109984f116349661d4a19e
9f3e5c34ff646e6d950852a4240fd037e2fb6d148bec4ca5a17f0b826252dc8c
GET /multi?cs=a1VVRUdeZ2V0dlxsYHVzWGJtdHM&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.59.0&sts=0&prn=0&emb=0&tid=709056&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ot6N=1662099505243&crc=1 HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1519
date: Fri, 02 Sep 2022 06:18:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=7a73bccb-68b0-44e1-9e86-f700db4f09c2
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qR7Pvjjhop6kwuBizmUFpoPkcMbhxx1zS4ZsJf61j1rU1-Dl1asSzQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 391 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash dda386e026898538dfa426e2408fe2cf
9bdcecb6c39e600727617fc44baabbb5fa52e70d
ac46e568292b4dfb251c6cdfd66914dc7434d88011cedc17f38b0ff13198c831
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Sep 2022 06:18:26 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S621337808%3A1662099506597347&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU-NiEUCBItj1g6mrqCnLj9Os-zusH3D30bdN1nNbguoWgDF25PeTlvbUajgi-NUWEAaOKgfQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-uP_5-BBJ2Uh9qv-cr6h_iA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:ZHpDdc5QJA9L-MBLklz2WzC_hvTLyg:clew6HqpZga7w5ke;Path=/;Expires=Sun, 01-Sep-2024 06:18:26 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
neexulro.net/funcript1662099505150.php?pub=17595415&v=wNixdQiTIN65MUizwNixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWNakMNBDyBOhxNEDDMW2oNAjCVMkuYUzzFLmhZxjGQb5pNpT3Qb2NZJjiFOkiNQznIbylZdmWEY0yZVj2ccx1IJny0eS=
104.21.0.99200 OK 403 B URL HTTP/2 neexulro.net/funcript1662099505150.php?pub=17595415&v=wNixdQiTIN65MUizwNixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWNakMNBDyBOhxNEDDMW2oNAjCVMkuYUzzFLmhZxjGQb5pNpT3Qb2NZJjiFOkiNQznIbylZdmWEY0yZVj2ccx1IJny0eS=
IP 104.21.0.99:0
File type very short file (no magic)
Hash 251d9a00cfc4c95d9482a7e05ea88a59
53d1bca18d76d14a67b01530bec7fb143cbcfbb0
61c82cfd9373d9825f3b8a86eb761a9dfa6ef79a5cd642c117b37b4e5e2a3d39
GET /funcript1662099505150.php?pub=17595415&v=wNixdQiTIN65MUizwNixYo2jsIikOVnnRIysdIWCUMsuIYnTBOhvdgC3Ib6mNVDmIcspIZmEJIpxbAmTRMFwbAGTVMtwZIWz5L0vItj2oYilcd2EtIppcAFj9Li2dkTjJO02dJGH9Iu7IQijwNifaZGDFOz4aBCCIe61I5jWNakMNBDyBOhxNEDDMW2oNAjCVMkuYUzzFLmhZxjGQb5pNpT3Qb2NZJjiFOkiNQznIbylZdmWEY0yZVj2ccx1IJny0eS= HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:18:26 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0gjqT81Y%2FGDjeFTB8TpDlZRDgWC6o9O9XN4763y01O%2FCak5sSCs8SgDhep8aTw2of0mH6MaBv1QV3zUjeAwlkmvEzi5OusvfpRWpW1eroFQUTWA5IyAtU%2FTeuao0Ew%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744420d99d21b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5750c2d8ad348838b41b96ebb27b0b81
86526a56637555a0463df607b7b5cf565a439f27
5cbde2bd32be846c5afb1fce35b0f7de0c4aeec9de4213ddd118467ea70c3e62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=554607568.1662099506&jid=1991343231&_v=5.7.2&z=1639526891
64.233.163.155200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=554607568.1662099506&jid=1991343231&_v=5.7.2&z=1639526891
IP 64.233.163.155:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=554607568.1662099506&jid=1991343231&_v=5.7.2&z=1639526891 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Sep 2022 06:18:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f4f9dc502e2ff07dd351da7bbc20e323
739b6c8334472846232b84b99989be93dc1582d4
0852238945d340493f33e498b75a893d24681f2687fdc05349476faccf426efd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2543
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:18:26 GMT
Last-Modified: Fri, 02 Sep 2022 05:36:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 06:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.neexulro.net/static/image/apple-touch-icon.png
104.21.0.99403 Forbidden 436 B URL HTTP/1.1 cdn.neexulro.net/static/image/apple-touch-icon.png
IP 104.21.0.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a
GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-12FWKV/Foij?rndad=1532635802-1662099505
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 403 Forbidden
Date: Fri, 02 Sep 2022 06:18:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kM%2FwhhfpNvwjlddxNX%2BbwibvnbXtI7oLe%2FDA2TtQBvxfqYUKUQV7Sm9xVC0Mq7%2FRMAwiyh0e4EG%2FJwh%2FqCu7qHtR22fIIy0biYIwtG1uY4MXZu35MEc3OiHviG3%2BOwWrxMax"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744420db9de2fac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
freychang.fun/asd100.bin
172.67.218.221200 OK 103 kB IP 172.67.218.221:0
Size 103 kB (102903 bytes)
Hash 36ce4ac6b07bc9d444386c3f80af4f7b
bbb1c8bd0f673aa4fb5307a21c2f78adb2340d59
d2e5aae54fe259d4b66c933839446bb5b0a0e326132e96ebf92fe4649ed499dd
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:18:26 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 800
last-modified: Fri, 02 Sep 2022 06:05:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdXOA9gYly7cXKopaYHudU5rXlLimHWR9LV4O61RHJ4%2BAUjHDsyHV3K5mGM9NWSUaX6jdKHhQCEItFpfeoDSD3nROBz1FIgn50nkfs%2F87LDpe2mSHjVkQSYxX8WTfFx%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 744420da0c9d0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freychang.fun/
172.67.218.221200 OK 531 B IP 172.67.218.221:0
File type ASCII text, with no line terminators
Hash 7f0d9091b7316f460a99a2c9437d6a98
1b2414a10007d45a6357d2c1b80872dd8e1996fa
616cb89b19d47fb985355022b454d2c4441bfdbbb0ecf73190012102594b89c1
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:18:26 GMT
content-type: text/plain
set-cookie: csu=792475357177260@1@1662099506; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNXGUuACaAJt6uu8FQjaTHyLLFp3%2F3urOzQtlgol7uVtcHLXOnv8gekjLAYQ3SetItPLMNatFXlNq3KV70lZcDtIqNEbqkn1Q6jBDYvP5KT9MiuLDSEt7nRxNYo1p71G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744420da0caf0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cab49f59207f816d98a21cd3fc2c37d1
8a9278f8ff5d149420673649878ca1ee266a0783
aebe0748f049bcb801be83459d4bae66b9c1453de3b0ea7e6a63bea88b6e7a5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3cef8f6-078d-43f5-ba9b-fcc5dc69a7f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13104
x-amzn-requestid: da627f0c-5cde-4a37-878c-dcada8a25f64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_EYoIAMFiYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-10dbcb432e6d1af46cffaefe;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EYnLT-zi94yLohu6F2sovFoJ7UPSlEwh8CTMXR3d9aqGb00jm1f8oQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:32:41 GMT
age: 27946
etag: "8a9278f8ff5d149420673649878ca1ee266a0783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1594505ac80a2d787d918c39c8ddc7d1
9df71dbf1cfc4501fe364875aec931b1d4cf966b
eadc0f6f8ffb5337db910ddc8e73040a9d000c8af3f61ff57e901e5a45f9d9c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46f649a4-e4bd-4029-a6eb-fb8b7b66d943.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3283
x-amzn-requestid: 8567846c-e747-40ce-9129-72714bb0ef33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMBqF5CIAMFnzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126d7-2726b25630a7935048414ad9;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nX9drLFEO1J-Kb2E5t2qrr3pkpyxlL5KTqvKLKhycFLeYUV0ns7UcA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:10:09 GMT
age: 29298
etag: "9df71dbf1cfc4501fe364875aec931b1d4cf966b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
freychang.fun/asd100.bin
172.67.218.221200 OK 111 kB IP 172.67.218.221:0
Size 111 kB (111440 bytes)
Hash 8f39a9701202b436fed40c8eceada59a
2d132d5e064787da62c38bc968cf1de9beefd9b9
bf3acffe6d4ac23c1a1387653b9dfbc1ab627374128413564bd9721386d1ef3f
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:18:26 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 800
last-modified: Fri, 02 Sep 2022 06:05:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip04GdtwD8JhcHwEPdcd6PeE2H%2Fyjyx1eLBgxWkAhCOHugu6uDHQUuxWU%2FEdwYfY6Vp9AOWh0%2F8G1lCfIZRqKs0GrrY%2BEWGumZcjkHTYodOsZsiIhEH3BR81wpibtBPd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 744420da0ca10b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b01e38b12bffb2f525351913eaa246cb
b7f8c0db9e2ddc795726b77b8f8f21037611fca8
e06e127b8ab197f09cc1b4a18d643908aef03898e86a80ca5f901865bfdbd5fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7174
x-amzn-requestid: 6b46447e-a28e-4ae8-978e-6729da4aff62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_FraoAMFQIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-67d9e46104e9215a6f13c224;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2i14aRjpjm1-vRDgZ_8YpQl8Qhur_k3O69OG7XlQhwumXksEGXiKZQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:32:42 GMT
etag: "b7f8c0db9e2ddc795726b77b8f8f21037611fca8"
content-type: image/jpeg
age: 27945
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I3pDTq3EeJJtzJFsAFaym7cV5nCrwFailDRzgA3QkAFOYj3xV43v2w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
age: 31261
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:31:42 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 28005
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1950200077&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1782403724&utmr=-&utmp=%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&utmht=1662099510156&utmac=UA-6469700-9&utmcc=__utma%3D218196230.554607568.1662099506.1662099506.1662099506.1%3B%2B__utmz%3D218196230.1662099506.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1950200077&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1782403724&utmr=-&utmp=%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&utmht=1662099510156&utmac=UA-6469700-9&utmcc=__utma%3D218196230.554607568.1662099506.1662099506.1662099506.1%3B%2B__utmz%3D218196230.1662099506.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=1950200077&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(Domain)9(u.bb)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1782403724&utmr=-&utmp=%2F-12FWKV%2FFoij%3Frndad%3D1532635802-1662099505&utmht=1662099510156&utmac=UA-6469700-9&utmcc=__utma%3D218196230.554607568.1662099506.1662099506.1662099506.1%3B%2B__utmz%3D218196230.1662099506.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Fri, 02 Sep 2022 04:41:33 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 5818
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
adf.ly/static/other/main.html
104.20.67.244200 OK 2.4 kB URL HTTP/1.1 adf.ly/static/other/main.html
IP 104.20.67.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Hash 7ccafd1b21ae5889f14ca843af9779f5
3520d19c12d157e1ce0abe8b209f8dbf17832046
50b6f33e082517da7bcfa098b81d76a7e776d09b95f9599d28a5f967f8851088
GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 06:18:31 GMT
Content-Type: text/html
Content-Length: 2384
Connection: keep-alive
last-modified: Tue, 10 Nov 2020 09:44:07 GMT
etag: "1dcc-5faa60e7-978e80d4d048c129;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 744420fbffb51c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
54.230.245.26200 OK 50 kB URL HTTP/1.1 dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP 54.230.245.26:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Hash 14408cafb037ff9cf4b586308a306c53
80e1595abe334492227420856be8b29cad5968a6
1b85fbfd15689252f562e73b6c8f47da37031b462444b9c9599a4d12bf937136
GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
HTTP/1.1 200 OK
Content-Length: 49651
Connection: keep-alive
Date: Fri, 02 Sep 2022 06:18:32 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mGaL-ChsDUxR8UuUVAXQ08P4Cdd8_-r6skm_bOzD5TRewhPBy_5r5w==
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
31.13.72.36200 OK 0 B URL HTTP/1.1 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: 6zpvbpPtBXATr2/OmHK7IK4yI5dvxAZXUCkFsxvJVf34TawudeOO1aGtqsXVmMnVLIie+rREXXbn7GSSN9o2bA==
Date: Fri, 02 Sep 2022 06:18:32 GMT
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 3j2BuLyuDw5ahj4aGApyb6NU0hI0TnnMKhx0PqSfBkReDo+zfd8LjELT8ic9xA9iFcRu0lyOuo2Xo+mGWzuYUw==
date: Fri, 02 Sep 2022 06:18:26 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S621337808%3A1662099506597347&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU-NiEUCBItj1g6mrqCnLj9Os-zusH3D30bdN1nNbguoWgDF25PeTlvbUajgi-NUWEAaOKgfQ
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S621337808%3A1662099506597347&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU-NiEUCBItj1g6mrqCnLj9Os-zusH3D30bdN1nNbguoWgDF25PeTlvbUajgi-NUWEAaOKgfQ
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S621337808%3A1662099506597347&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU-NiEUCBItj1g6mrqCnLj9Os-zusH3D30bdN1nNbguoWgDF25PeTlvbUajgi-NUWEAaOKgfQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Sep 2022 06:18:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-Ea9cZ1XcdZkaCc_FJpt6XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=oxE3c1Vd4_ymv_3ysrv7srwi3jIwFksmGpbyHEDW_WTeE0NUvgcDCgR9fLnSaV9wAIlR2EQBrICdMwzDtbVnkgAiEgcF917UtM9qcDfhuiaeP-tsUEkn4Z8tU5EtPPksKoXwAPrTjgzFh0xazHVQ5GgZzKx4ntmGe8u5oxhDsf4; expires=Sat, 04-Mar-2023 06:18:26 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S923606146%3A1662099506610712&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXZNSSCOySCC1QI-EN9v9PPxzpG_JXjxdBvVJrnd1-fGpIDYjt4Ga8cUmuo9RB8wtDhlLVfag
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S923606146%3A1662099506610712&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXZNSSCOySCC1QI-EN9v9PPxzpG_JXjxdBvVJrnd1-fGpIDYjt4Ga8cUmuo9RB8wtDhlLVfag
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S923606146%3A1662099506610712&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXZNSSCOySCC1QI-EN9v9PPxzpG_JXjxdBvVJrnd1-fGpIDYjt4Ga8cUmuo9RB8wtDhlLVfag HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Sep 2022 06:18:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-eLDcjhopunB4QIW_fW0IAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=gpSomYuAS1ol06p3rQ3BWitAMfZg8FMxQVMhE2_LVpnu7INne14LzENTiwyHpDuP9YPm2LHWTVT_v_iMnFASbAPeQLTcJt-FIv8ESEvn8xoEudUkMtKqJhj-s2quhzwVT6oErNUnZ7qUAWu2l4vPJfNM0c74MYG1wld4vEViwco; expires=Sat, 04-Mar-2023 06:18:26 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.170200 OK 0 B URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.170:0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Sep 2022 14:26:16 GMT
Expires: Fri, 01 Sep 2023 14:26:16 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 57129
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
104.20.67.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP 104.20.67.244:0
GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:18:31 GMT
content-type: text/css
cache-control: public, max-age=604800
cf-bgj: minify
cf-polished: origSize=25476
etag: W/"6384-5faa60e6-146b605ff663c20a;gz"
expires: Fri, 09 Sep 2022 06:04:36 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 835
server: cloudflare
cf-ray: 744420fd09b6b4fa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/core_default.css
104.20.67.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/core_default.css
IP 104.20.67.244:0
GET /static/css/core_default.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:18:31 GMT
content-type: text/css
cache-control: public, max-age=604800
cf-bgj: minify
cf-polished: origSize=41418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
etag: W/"a1ca-5faa60e6-2c23b06cf995267b;gz"
expires: Fri, 09 Sep 2022 06:04:36 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 835
server: cloudflare
cf-ray: 744420fd19b9b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.adf.ly/static/css/jquery.loadmask.css
104.20.67.244200 OK 0 B URL HTTP/2 cdn.adf.ly/static/css/jquery.loadmask.css
IP 104.20.67.244:0
GET /static/css/jquery.loadmask.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 06:18:31 GMT
content-type: text/css
cache-control: public, max-age=604800
cf-bgj: minify
cf-polished: origSize=850
etag: W/"352-5faa60e6-1e6e5a511edb3cd1;gz"
expires: Fri, 09 Sep 2022 06:04:36 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 835
server: cloudflare
cf-ray: 744420fd19c7b4fa-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2