Report - oaxyteek.net/-122347IQDV/15hfR

Report Overview

Submitted URL
oaxyteek.net/-122347IQDV/15hfR
IP
104.21.90.149
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-23 21:32:09
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
oaxyteek.net	unknown	2022-07-20T11:12:31Z	2023-03-29T14:13:27Z	2.4 kB	16 kB	172.67.157.221
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
opeanresultanc.com	unknown	2023-03-10T02:27:30Z	2023-03-25T04:47:22Z	1.2 kB	2.6 kB	108.157.214.82
pogothere.xyz	unknown	2022-09-04T21:11:25Z	2023-03-29T14:13:39Z	1.2 kB	106 kB	172.64.106.19
narepuewrwq.info	unknown	2023-03-13T22:07:08Z	2023-03-25T03:30:50Z	1.2 kB	2.0 kB	172.67.148.35
tanceteventu.com	unknown	2023-03-09T07:36:22Z	2023-03-27T02:00:12Z	1.7 kB	3.3 kB	13.224.189.48
d219kvfj8xp5vh.cloudfront.net	unknown	2023-03-23T05:35:21Z	2023-03-28T16:28:45Z	552 B	909 B	54.230.245.54
adf.ly	49660	2012-05-22T02:13:31Z	2023-03-28T12:56:31Z	360 B	2.8 kB	104.20.67.244
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.0 kB	8.0 kB	95.101.11.115
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-29T10:10:07Z	306 B	34 kB	142.250.74.138
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	2.7 kB	5.6 kB	142.250.74.163
accounts.google.com	81	2016-03-20T13:44:49Z	2023-03-29T09:02:35Z	2.1 kB	19 kB	216.58.207.205
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-29T09:08:31Z	484 B	563 B	209.85.233.154
dc5k8fg5ioc8s.cloudfront.net	unknown	2021-01-11T12:54:35Z	2023-03-28T12:56:52Z	286 B	52 kB	54.230.245.39
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	52.43.157.124
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	54 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
d1a3jb5hjny5s4.cloudfront.net	unknown	2021-05-29T18:33:12Z	2023-03-28T12:56:52Z	840 B	36 kB	54.230.245.152
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	377 B	42 kB	142.250.74.72
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-29T06:01:47Z	2.0 kB	19 kB	142.250.74.174
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-29T05:15:25Z	672 B	442 B	216.239.34.36
cdn.oaxyteek.net	unknown	2023-01-23T17:54:50Z	2023-03-28T12:56:31Z	5.7 kB	153 kB	104.21.90.149
ishedtotigai.info	unknown	2023-03-13T10:42:32Z	2023-03-26T09:58:55Z	823 B	2.1 kB	104.21.11.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-29T11:45:01Z	341 B	798 B	192.229.221.95
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	1.0 kB	9.9 kB	157.240.200.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-23	medium	narepuewrwq.info	Sinkholed
2023-03-23	medium	narepuewrwq.info	Sinkholed
2023-03-23	medium	narepuewrwq.info	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	oaxyteek.net/-122347IQDV/15hfR	1.7 kB	2023-03-29	2023-03-29
Pretty URL oaxyteek.net/-122347IQDV/15hfR IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash 42b71646efac7653cf89387489fcd9f5 02786ad619d64a05c54703f912e9b1ed7055ff6b 96e89fb57ac1660ae13962e3234ef9b510a709a2f23ea814253592e84e4ea5a1 Loading...

	cdn.oaxyteek.net/static/js/amvn.js	254 kB	2023-03-29	2023-03-29
Pretty URL cdn.oaxyteek.net/static/js/amvn.js IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:57 Times Seen2 Hash e90c35743d6b49c74207443d1f7fcc72 1b247f23912a21482db6fbb5226e25061b0683c5 db5fcc07e61afc9a74fbb37fb404587d35b6741872fbdc968ca50ea60848ec67 Loading...

	oaxyteek.net/js/display.js	16 kB	2023-03-07	2023-07-09
Pretty URL oaxyteek.net/js/display.js IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2023-07-09 10:24:48 Times Seen188 Hash 31c9f8c6a12dfa956f8bd76d130c7d0b cbb32bfcd93a2f76f2bc66ec651ac27824082dab 4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259 Loading...

	oaxyteek.net/-122347IQDV/15hfR	665 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-122347IQDV/15hfR IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash aa14b51e4361d4da1792ad6b290f3b5f 904ea9c2a81485ca2eae1d3497313c47f2eb4a8c c5ec1ec9adb40a3e9f8af6630eb9f3f19f7e7e9f4c23d68fb906282b4c833112 Loading...

	www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c	240 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash 168db6be075599d226381bedfd76320e 879535c1bb3177aacb1fd4eb2d25d444263be37a 839f01e993ac980c78121c793af914725e9c0a9163158cb220d794994acdd37d Loading...

	www.google-analytics.com/ga.js	46 kB	2023-03-07	2024-07-23
Pretty URL www.google-analytics.com/ga.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-07-23 12:03:45 Times Seen3512 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	d219kvfj8xp5vh.cloudfront.net/vOW5rRjlaAQUgBk0HD3sPCVpYcA0fBBgpV0lTOCpMAAQefkABVyl1SwBIHzxdBF5NKlhXCVZgXFcNVncfWAoJew0fGhspUgQIDidWXRQaIl9RSB4nBFQBES9VVQ9OdH8MQFtjCwlGHC9XXQEcNRwLXgUyHAteWnYXCUtYBBwLXhwvVw9aTnV7HFxbPg8NS1-gEHAteGTAcCi9adgwXXkJjCwkJDiVSVktZAAsJX1t2CAlfTnQJXwcZI19WFk50fwheXmgJHxtWdw	726 B	2023-03-29	2023-03-29
Pretty URL d219kvfj8xp5vh.cloudfront.net/vOW5rRjlaAQUgBk0HD3sPCVpYcA0fBBgpV0lTOCpMAAQefkABVyl1SwBIHzxdBF5NKlhXCVZgXFcNVncfWAoJew0fGhspUgQIDidWXRQaIl9RSB4nBFQBES9VVQ9OdH8MQFtjCwlGHC9XXQEcNRwLXgUyHAteWnYXCUtYBBwLXhwvVw9aTnV7HFxbPg8NS1-gEHAteGTAcCi9adgwXXkJjCwkJDiVSVktZAAsJX1t2CAlfTnQJXwcZI19WFk50fwheXmgJHxtWdw IP 54.230.245.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash 4ca80caf03952c2614ba2c9bd53b6b50 26a16aeac479161be5cdcdfb299512187d4bcce5 e29cf0c77d4b0627715dad7e9b60046ac3cdf5ff7097aee807818d06b740313d Loading...

	oaxyteek.net/-122347IQDV/15hfR	551 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-122347IQDV/15hfR IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash 103e92d5ca4c353a7dcdc13362c2fe33 bbb91319966840711530f6c9efb68e279f199fe5 5a0b18bc519fbbe151ecab7b393685ee314b75379d50579bfe931d020349b2a1 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js	94 kB	2023-03-07	2024-07-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-07-27 01:28:24 Times Seen11902 Hash ddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Loading...

	oaxyteek.net/-122347IQDV/15hfR	519 B	2023-03-29	2023-03-29
Pretty URL oaxyteek.net/-122347IQDV/15hfR IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash f0a8751ece8da725dac52df2e10e6843 41c7736be96b9aa9609e49f4114c080367c6b65f 9a3395ac6a8a34742fd00a837a6b88860b640913f8000ba8ab16525adf1dd428 Loading...

	cdn.oaxyteek.net/static/js/main.js?v=2022052901	2.0 kB	2023-03-07	2023-05-14
Pretty URL cdn.oaxyteek.net/static/js/main.js?v=2022052901 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen104 Hash 9dccb8ccd8da2bae23d4a71b2f3d884b e375888187278462254e305c498959eb2745c49e 29d8741f9be753192c4ad99e21b22089a10952a10c2092dcfa1532edf58c3f68 Loading...

	oaxyteek.net/funcript1679607127827.php?pub=27158007&v=EN1yOoDjAIwkNVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjycc13N9DGVZjuMlT2IVxoOADCcMxuNUjzULzhNxjGYb0pMpj3Ab4NMJzikOziZQjnkb2lZdmWUYwyZVj2Rci1IJny0ez=	0 B	2023-03-07	2024-07-27
Pretty URL oaxyteek.net/funcript1679607127827.php?pub=27158007&v=EN1yOoDjAIwkNVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjycc13N9DGVZjuMlT2IVxoOADCcMxuNUjzULzhNxjGYb0pMpj3Ab4NMJzikOziZQjnkb2lZdmWUYwyZVj2Rci1IJny0ez= IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 04:08:36 Times Seen41184742 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.oaxyteek.net/static/js/view118_bidshow.js	11 kB	2023-03-07	2023-05-14
Pretty URL cdn.oaxyteek.net/static/js/view118_bidshow.js IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen122 Hash 7bd8a9fa85fffef9db565180d148b73e 487360f168864d7b56d45ce03e8962e9eb2d6c6e 38fea38c82addf11b3a9a703649451db83bb5af7645594afe9025ae84bd70311 Loading...

	oaxyteek.net/-122347IQDV/15hfR	606 B	2023-03-29	2023-03-29
Pretty URL oaxyteek.net/-122347IQDV/15hfR IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash 0a32d957e894987f87a636091a990c7f 3fa1247846c14f029e4f409d2b090941c7f74244 fb3f5fb8a8117ef7ecd2af5fdc49e087e0c4e3545894101c07416072e2c3fc17 Loading...

	oaxyteek.net/-122347IQDV/15hfR	143 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-122347IQDV/15hfR IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash e4d2d45eb91b8f26c33f3ea334ae617d 6506b7ae7ba8c41c2e0148a69098fd7333bd294a 56aaee9dedf8c077bd5c9dd25dc214f2c09e4b715f81904e7c361122c5825487 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ	108 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash e149eab63920ee78414426c943360328 25060e6ea3c56ed4b458f1a6f2d809a589525796 33438d32d4d9217f49ceba485431ca3e3339fe0d5ffea6fef842b553bce56b32 Loading...

	tanceteventu.com/T3VhV2EuFwI6Xi5IA3EUPRlcclMJUFMRBX1EWDwXKR9ZLxF6Awl5AiMaFDMHPRoPI08hEBVyUwkDLgBUPScLOwAOJDQwIyRFKRNSPCUiAREWFiBnBw03Bic3fxk1GCI/OCAWMCoTChYjGQwNZjI4NygfGzcRIxFUAT4NPzkMIzswOQkWLwEPLBM2Fg4FEBZnBwgdEic0KCQoEwgrIjkFMC48DW4zHDdVOSMJJCMSMnYjNwZYABEpbyweMxU9IjgZJh8idi05BiQsOzMgLRcSNC4pDgEEAA8WLSICFRY3IyAtFx0WITc4TAADDxlCKREZLSUGby8cREwwJAc0FTImGzQCFAh2FAUwFhctCh0LDAIKHSUmIzIBCjsvIBYSBS1QI1MMNA0xNSEkKw8WLC8oZlgYMwpiUSkCCTI5IhIrHxk7IgUgRyUGDjkRciYNIlglAFkuWXY3UiVY	3.0 kB	2023-03-29	2023-03-29
Pretty URL tanceteventu.com/T3VhV2EuFwI6Xi5IA3EUPRlcclMJUFMRBX1EWDwXKR9ZLxF6Awl5AiMaFDMHPRoPI08hEBVyUwkDLgBUPScLOwAOJDQwIyRFKRNSPCUiAREWFiBnBw03Bic3fxk1GCI/OCAWMCoTChYjGQwNZjI4NygfGzcRIxFUAT4NPzkMIzswOQkWLwEPLBM2Fg4FEBZnBwgdEic0KCQoEwgrIjkFMC48DW4zHDdVOSMJJCMSMnYjNwZYABEpbyweMxU9IjgZJh8idi05BiQsOzMgLRcSNC4pDgEEAA8WLSICFRY3IyAtFx0WITc4TAADDxlCKREZLSUGby8cREwwJAc0FTImGzQCFAh2FAUwFhctCh0LDAIKHSUmIzIBCjsvIBYSBS1QI1MMNA0xNSEkKw8WLC8oZlgYMwpiUSkCCTI5IhIrHxk7IgUgRyUGDjkRciYNIlglAFkuWXY3UiVY IP 13.224.189.48 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash 0d7882c6a46fd4d34139e421e8194d4c 1ee47345fd5c00e6ce4894d774ba67b72de21e76 61f8dd0d7c5a145a99b0fac7060acf298b865e94f85bc0df15fdc905a7092ad0 Loading...

	opeanresultanc.com/SlVmQ3crNwUuSCtoBGUCODlbZkUMcFQFE3s0VSkVfz0MLQ5/JlJtFCY6EycRODoIN1kkMBJmRQwnP3A9DQYMCjYCBgEwMxg2BAoZKRMzcwN4MxERMQ0RMy8vCBs2CCUAEDBzOjAFASAcHBEvNCEmYCUaNBABIhEhfTcgIDkPDRJ0MQscMQk/KRI0Ei54HzAvEgksNzovIhAFDw5/DSMVJjAeEXs4AgERKS8tbTIaRCJlMC8PeDcRASMdPyMpLws2Ag4jIQ0zFj4lBQ4nJRs7AnU/DBs+JyYtDTMWPjIcVzshGDgodhQPDycnHQMQMHITexYkJyUbP0sSTwxkJzkTeTouFyIAIwQ0NR4TNQ4HHQQeGxMLIicWRwRnAyQ5HgRUDUMLMjMhOQlsMwc2Oj8DCyUZBAgNHAs+MwsSeSZAKQQlOxZ+GBIjUnICPmAh	3.0 kB	2023-03-29	2023-03-29
Pretty URL opeanresultanc.com/SlVmQ3crNwUuSCtoBGUCODlbZkUMcFQFE3s0VSkVfz0MLQ5/JlJtFCY6EycRODoIN1kkMBJmRQwnP3A9DQYMCjYCBgEwMxg2BAoZKRMzcwN4MxERMQ0RMy8vCBs2CCUAEDBzOjAFASAcHBEvNCEmYCUaNBABIhEhfTcgIDkPDRJ0MQscMQk/KRI0Ei54HzAvEgksNzovIhAFDw5/DSMVJjAeEXs4AgERKS8tbTIaRCJlMC8PeDcRASMdPyMpLws2Ag4jIQ0zFj4lBQ4nJRs7AnU/DBs+JyYtDTMWPjIcVzshGDgodhQPDycnHQMQMHITexYkJyUbP0sSTwxkJzkTeTouFyIAIwQ0NR4TNQ4HHQQeGxMLIicWRwRnAyQ5HgRUDUMLMjMhOQlsMwc2Oj8DCyUZBAgNHAs+MwsSeSZAKQQlOxZ+GBIjUnICPmAh IP 108.157.214.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash 5979439979d164c55459f8851d9d3313 5e53f538e22b25ebed562672af724c418ef5d062 c6862f3f8d71817817ff0af2bfaff71a382597a0a359786b71a9043db9090cc9 Loading...

	d1a3jb5hjny5s4.cloudfront.net/rY3JGSjIAHSgsDRcbIncFU0t2fwRFGDUlXBNPKRJEV0MzPgckVDIwVl5CYCZTDRV7bFcNEXt7FAIWJHcGRQY2JVleCyQyXhEcLy5XEVQzKw8OHTwjXg8TY3h0Vlx2bwBTWjEjXAcdMTkXUUIoPhdRQnd6HFNXdQgXUUIxI1xVRmN5cEZAdjIEV1d1CBdRQj-Q8F1Azd3oHTUJvbwBTFSMpWQxXdAwAU0N2egNTQ2N4AgUbNC9UDApjeHRSQnNkAkUHe3s	589 B	2023-03-29	2023-03-29
Pretty URL d1a3jb5hjny5s4.cloudfront.net/rY3JGSjIAHSgsDRcbIncFU0t2fwRFGDUlXBNPKRJEV0MzPgckVDIwVl5CYCZTDRV7bFcNEXt7FAIWJHcGRQY2JVleCyQyXhEcLy5XEVQzKw8OHTwjXg8TY3h0Vlx2bwBTWjEjXAcdMTkXUUIoPhdRQnd6HFNXdQgXUUIxI1xVRmN5cEZAdjIEV1d1CBdRQj-Q8F1Azd3oHTUJvbwBTFSMpWQxXdAwAU0N2egNTQ2N4AgUbNC9UDApjeHRSQnNkAkUHe3s IP 54.230.245.152 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash e386935516e2e22327aca16a3ed183f7 48885e83e310c0a5e27d6c37b724cbd1449a0ffe 577058631342f8a99c9c966bf0c79d9b79d0db33533131ce138df4ea21205b16 Loading...

	dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473	185 kB	2023-03-29	2023-03-29
Pretty URL dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 IP 54.230.245.39 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:07:47 Last Seen2023-03-29 21:08:57 Times Seen5 Hash 1297ea28538a3dfe4c83d15077f3d301 aa7473c5116db4adb5324e7a9f0a5a7707312e43 9c41a182399a14f17fe502b92fc2bd72b2d4455f6676a8436dc4dff9e733059a Loading...

	oaxyteek.net/-122347IQDV/15hfR	341 B	2023-03-10	2023-05-14
Pretty URL oaxyteek.net/-122347IQDV/15hfR IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:49:27 Last Seen2023-05-14 09:10:31 Times Seen85 Hash 85fc9111b0ef7e154a67d8191eeb2ab8 cc2fc4aab1abffb44c72cd144f8435ce74531659 c62af88944f869e1f462cb666048f6e430c684e1ef43882e4486b95790e8ec62 Loading...

	d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056	104 kB	2023-03-29	2023-03-29
Pretty URL d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056 IP 54.230.245.152 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:57 Times Seen2 Hash 82069fe6f082641697c182b11ca95652 e438caa5277bf27edd99ebe0b158627ebd924d27 b083a84f25cad514efc8132eb9678fac11eb63e6913fa93cada7c36af85e9c4d Loading...

		Size	First Seen	Last Seen
	#1 Write - c5639dd33c003902bcb9563f1e09337d	82 B	2023-03-07	2023-05-14
Pretty Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen67 Hash c5639dd33c003902bcb9563f1e09337d 3d8a9f2173ae1e9e9cd21be7eb9cd6999befb486 ede59fa13aaed1cae74b3d5451084369b1c25b6fbc3c2b467f7ed1bbd2ad8206 Loading...

	#2 Write - 381e13df9d4e16084604d736461aeb86	4.4 kB	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 21:08:28 Last Seen2023-03-29 21:08:28 Times Seen1 Hash 381e13df9d4e16084604d736461aeb86 04521d99e5f0f595f4a1f23edc9b5c00ad804ebd 4f0883fe1705146904eec28d00bb7b955df44e76cf092d0864abe992a90440e8 Loading...

HTTP Transactions (77)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10937
Expires: Fri, 24 Mar 2023 00:34:15 GMT
Date: Thu, 23 Mar 2023 21:31:58 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
210a2a42cfc4f4aced144f5de9babcc6
ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db
59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4356
Expires: Thu, 23 Mar 2023 22:44:34 GMT
Date: Thu, 23 Mar 2023 21:31:58 GMT
Connection: keep-alive

oaxyteek.net/-122347IQDV/15hfR

172.67.157.221

200 OK

5.7 kB

URL HTTP/1.1
oaxyteek.net/-122347IQDV/15hfR
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (552), with CRLF, LF line terminators
Size
5.7 kB (5689 bytes)
Hash
a1650937254f7362e817891b3cc4461a
0077e2c8150d3adcdf960791b53f6e263918a438
deb73266e96ab7d644f341a2900695fd74dcad28aaa11b66bff2ead5533592b5

HTTP Headers

GET /-122347IQDV/15hfR HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=23s6seqvhll0r7ckteb4p59i36; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Fri, 24-Mar-2023 21:31:58 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Fri, 24-Mar-2023 21:31:58 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp3=1532635802; expires=Fri, 24-Mar-2023 21:31:58 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 23 Mar 2023 21:31:58 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9rtLt3GCfoUoONhs1YZFk1Gjrud0DtkJtFryHc1KCzh8FsSUWz7h7XpOEcUEC1JzijwFp1IyR%2BoEwEDU5SrAlveaTxwyFzZyq4ydKxisP%2BVmKMhxtTvh4IlylhueJc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac9c8c8390d0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 21:15:07 GMT
content-type: application/json
age: 1011
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2936
Expires: Thu, 23 Mar 2023 22:20:54 GMT
Date: Thu, 23 Mar 2023 21:31:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: im0sEXPGY/Xw1hdEcrca+NT7i9Mgk64FqtfhJ3ZXSVLHKjth5cIfXASzWPc0Jc5DEUzgte1EDkc=
x-amz-request-id: HM5E3E4EB4G6V6RM
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 21:00:06 GMT
age: 1912
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 21:31:58 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn.oaxyteek.net/static/css/adfly_7.css

104.21.90.149

200 OK

875 B

URL HTTP/1.1
cdn.oaxyteek.net/static/css/adfly_7.css
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2735), with no line terminators
Size
875 B (875 bytes)
Hash
f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a

HTTP Headers

GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-6a5aa4acec833b9;gz"
expires: Thu, 30 Mar 2023 21:01:52 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1806
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDpBVNqhJYOoEenOO6VE22u9EFYfm2RPHwiy1YYGs8sb8UDbGQpwyWGZ%2B0CwnAZhs6HqmL5%2ByaalhXYam9%2BcSKHhXKhVwF9BbQ0ew8XZiIZ%2BXl15op6FvSHooUsnvtG4pOHU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac9c8cb68cf0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/js/view118_bidshow.js

104.21.90.149

200 OK

4.0 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/js/view118_bidshow.js
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10991), with no line terminators
Size
4.0 kB (4024 bytes)
Hash
966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9

HTTP Headers

GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:54 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-5c74f9ea89cd6c48;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkqX6FjgGe51Uy2EBcgDqXaXptZ0c%2Fos8Q5I%2BiILcYZYtKXbHf7n1eLp6o0n6PUQNBcnD82F9HSNO%2ByVLepb8htY0GTFl%2FKsi25jaYm%2Fh03hhdVLgaF9mleepEwHA9nK6a4s"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac9c8cb6e0db4ee-OSL
alt-svc: h2=":443"; ma=60

ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

142.250.74.138

200 OK

33 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
33 kB (33333 bytes)
Hash
18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0

HTTP Headers

GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 21 Mar 2023 10:37:20 GMT
Expires: Wed, 20 Mar 2024 10:37:20 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 212078

cdn.oaxyteek.net/static/js/amvn.js

104.21.90.149

200 OK

82 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/js/amvn.js
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (15948)
Size
82 kB (82252 bytes)
Hash
196d16a3ff719d663d3197602099f376
ee1a3e238f94a2675a5345813a5862293c6b1a07
5d13f5e3064a24e108970ce4d6bc78c1a8d5b5bdb5430ec4c4fef68a435b0ca2

HTTP Headers

GET /static/js/amvn.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: application/x-javascript
Content-Length: 82252
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:52 GMT
last-modified: Thu, 23 Mar 2023 12:20:02 GMT
etag: "3df0c-641c43f2-7f3dbfff7fea7a09;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1806
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Le9WbDUIKDRiScn%2Fpi%2FnM1XVqJdCatrlRtvySW9GgCnW%2BdKlA59DsZFGrYXxOIJoPsEhFp041Qsne%2Bq8ES3ssLhdZk51ybd75dPzYswN8NC%2BvcR0xjoN92R3WesEqVw8KwS3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac9c8cb6c131c12-OSL
alt-svc: h2=":443"; ma=60

d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056

54.230.245.152

200 OK

34 kB

URL HTTP/1.1
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP
54.230.245.152:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (15481)
Size
34 kB (34349 bytes)
Hash
5a74639b54d3ae75d6351d2565060add
88e5246186d6cebb8356d895d03e7eba346a666a
3dc2e2183d41a6a7f95a5921d11013598fbf2b178ea50c038cd65d8175f9aa7b

HTTP Headers

GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Content-Length: 34349
Connection: keep-alive
Date: Thu, 23 Mar 2023 21:31:58 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F7BNLIuT3NBssdckouBAxWMohnDOTOZsAB0lucVH8nz10yD_OTvsjw==

cdn.oaxyteek.net/static/image/logo_fb2.png

104.21.90.149

200 OK

6.3 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/logo_fb2.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Size
6.3 kB (6283 bytes)
Hash
84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3

HTTP Headers

GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:54 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-50f7a0a7015a0140;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BF%2BPxCxx8MZhu1CocPC1vZ%2FO7AVvZTX7qLt5FaH8ArxiDSKYhkv%2Ff%2FY94EdFV%2Fa1vGQL4%2Bn6EkUphs2Ut2z9P8TEmeye15G%2BM11iq2tdRg2eGmNAHHQsWK9dGFkPPHrIJm5l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8ccd866b4ee-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/delete2.png

104.21.90.149

200 OK

577 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/delete2.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
577 B (577 bytes)
Hash
3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43

HTTP Headers

GET /static/image/delete2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:54 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-a0c39838649de106;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op7ABIkcP32hXpLnqoilSbpe72IcyjU41tXE7mSXzvy40le2wS7UCaQ9obRyzXQ6Q64p1fPH4%2BuUldcUUFndAYclCRS%2BOfHF2HhqkCQlaguCsRHAJLBhECoPZeX9cAdVsqZ%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8ccdd721c12-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/spinner.gif

104.21.90.149

200 OK

36 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/spinner.gif
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 39 x 39\012- data
Size
36 kB (35453 bytes)
Hash
2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157

HTTP Headers

GET /static/image/spinner.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:54 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-abbbac75116acc85;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EACgikp1wM7Nb3zrx2VW%2FbaE1WCyiMYO3Bo0oZqx7wSfxmbQxjETZ72PoxwjUKBcVP9%2FJLV%2FkU7hgVLCK4B1WjG1po0a2T%2FCPN6wdDnewCMGUolYrFammfvxgpu5zHTcs%2Fo5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8ccda2b0afa-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/skip_ad/en_tran.png

104.21.90.149

200 OK

5.1 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/skip_ad/en_tran.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5076 bytes)
Hash
a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29

HTTP Headers

GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:54 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-d082b40bd28384ce;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5jXgEzGMRs2i%2Bzvoc2ItY6GZDpIXOweX%2BzMzJFc0Mg5QEUqvk8ytSkfMrQMmUQxGr20IrwkCfVdX4DdFbfJUJ3IvXc7k%2FhCuzP7gnd92PCVkbPDGRyGrsZWJAR7KRogA1qo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8ccdc6c1c02-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/ahl6532.gif

104.21.90.149

200 OK

3.2 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/ahl6532.gif
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 166 x 58\012- data
Size
3.2 kB (3229 bytes)
Hash
48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15

HTTP Headers

GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:54 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-b4353aef5660bc5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1804
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyTH%2Ff98Eus3fnd0mL3YUjCJGkPmdzqttf%2FarVtv%2FCYma0OwslrUjiuBKbd9aoY%2FNYxokxUE5p2M%2BD9aGyHtboRZX8VjXWPR3apK4ilCqxvrJVMJc%2B2yHbOlPgbbiLZOIlyO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8cce87bb4ee-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/js/main.js?v=2022052901

104.21.90.149

200 OK

705 B

URL HTTP/1.1
cdn.oaxyteek.net/static/js/main.js?v=2022052901
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
705 B (705 bytes)
Hash
5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d

HTTP Headers

GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:31:58 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-5a0b6a8c1f70ff01;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmsYey%2Bxh%2BMTYxHvrlUBDRbY%2BMBgHIUqAZlpPI2WUg9tkOH79EVd7IgjCH9YlS2FGFBfPTfCKtrGjAnXuiaiQZdHkYNMONG6g9kM885N1kw0EAl8OfhRl3hvI7UJSldo6lyB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac9c8cb6b060b61-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

oaxyteek.net/js/display.js

172.67.157.221

200 OK

5.8 kB

URL HTTP/1.1
oaxyteek.net/js/display.js
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15999)
Size
5.8 kB (5775 bytes)
Hash
e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27

HTTP Headers

GET /js/display.js HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: FLYSESSID=23s6seqvhll0r7ckteb4p59i36; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:02:05 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-1a029ed62bba2563;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1793
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IniR2i8VEjkGDZqzcKFj2VA5lWH%2FvEqqdOAKUvO5guUlH5CQgQouvDzhVDyv4Ml4aGlKOXP7T%2FNlS2t5YOyyNjTMHDrHLxA55614myC3YOH7k6fQcf1CpUemfUsFTRY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac9c8cd1eae0b3d-OSL
alt-svc: h2=":443"; ma=60

narepuewrwq.info/popunder.gif

172.67.148.35

301 Moved Permanently

0 B

URL HTTP/1.1
narepuewrwq.info/popunder.gif
IP
172.67.148.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: narepuewrwq.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 21:31:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 22:31:58 GMT
Location: https://narepuewrwq.info/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzdgKREnHGATeapV%2BzEaZCrJJ8B02fISXqW5ZMvpkls8n52MGrI9Oaz%2Fs4YThvAye67EFhYmPRLNmFl8d6obr0qS%2FZKOJeYSW8RwWJWBXHobJuZuSKIeLDtOKg1FLyqokjmb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8cd4e1db4ed-OSL
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2206)
Size
42 kB (41714 bytes)
Hash
b10beea81e8f3a822d11417d8f110b76
bfd1f3712bb407989cb56aa0a57ee6d3bb5d125a
9de899c85aab0df625c28caa956dfffb2de0710d45ae7290f9e3b221a36182ad

HTTP Headers

GET /gtm.js?id=GTM-5NL9VFJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 21:31:58 GMT
expires: Thu, 23 Mar 2023 21:31:58 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Mar 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.oaxyteek.net/static/image/d_bottom_bg2.png

104.21.90.149

200 OK

2.8 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/d_bottom_bg2.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Size
2.8 kB (2829 bytes)
Hash
765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a

HTTP Headers

GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:57 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-47ec8d363413ae2c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1801
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCdlQioB7WXKh6nA%2Bqzm8r9PHHGrvnvxQNftdznhqv7B4JGyY8N7E%2FhYjAy4hvCq7PbOLmcIjz6%2FG9yW9a3WFi%2BuapyJvUrrKxWhq%2BWUrk1IkeVraWkOwQIa2bYqpePzJrtL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8cd9aea0afa-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/d_top_bg.png

104.21.90.149

200 OK

156 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/d_top_bg.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
156 B (156 bytes)
Hash
106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

HTTP Headers

GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:58 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:01:57 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-6bfb178d8ae4aca5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1801
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrGLdSRtYvvVakyVgP%2FAd2eb%2BHLJe72NQCO%2B9%2FmetfQGWdlxrdjOHaidCM0RHPpYs56sLst9CWzCM4EhKaal8ZP7chJZf6RGc%2FWxbc98ahcPOaWSxnm%2FyPdbAAdx9Gc574oK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8cd9e2c1c12-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

narepuewrwq.info/NXVhVWYaSgImW2IgDQAHBUwRMzF7EQcSCgMvDWxfVBsnODNbEkchD1FIVmVfBUBXcxZcEVxnXxMGFTQSQAZcZEBcGwc6WxMDXGRIBVtXZUgGUxRoVxMBETQBCERHJRJBGVxkUAJMV2VRBEdWYl8M

172.67.148.35

204 No Content

0 B

URL HTTP/2
narepuewrwq.info/NXVhVWYaSgImW2IgDQAHBUwRMzF7EQcSCgMvDWxfVBsnODNbEkchD1FIVmVfBUBXcxZcEVxnXxMGFTQSQAZcZEBcGwc6WxMDXGRIBVtXZUgGUxRoVxMBETQBCERHJRJBGVxkUAJMV2VRBEdWYl8M
IP
172.67.148.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /NXVhVWYaSgImW2IgDQAHBUwRMzF7EQcSCgMvDWxfVBsnODNbEkchD1FIVmVfBUBXcxZcEVxnXxMGFTQSQAZcZEBcGwc6WxMDXGRIBVtXZUgGUxRoVxMBETQBCERHJRJBGVxkUAJMV2VRBEdWYl8M HTTP/1.1
Host: narepuewrwq.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 23 Mar 2023 21:31:59 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DV4C0cPGcmNSFxzuManWzXsMkrYYFMxSsK4lkJAw7HEsIj2H3Tt5Oj3x%2FO0OJoJ0PvaLknu5Ix3LVFQ%2BRh4xShlQVvASIYe8Df1Wn36EytnZ6vpmDSEhhp8jhy0rn7FLxR5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac9c8cd6c70b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1

104.21.90.149

200 OK

156 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
156 B (156 bytes)
Hash
106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

HTTP Headers

GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:59 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 30 Mar 2023 21:31:59 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-95f251b8bd8ef212;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57I9sR98HRhKf%2FKJUGTPPZWchPByZdTnDbDPQvyX16RaKkddXGW8DApa0yERtr2fYLw8N6cDr9m9QVcHBuNeUrmQHvEwZJ8Mame3Qgn5Xy1PN3sEHUjmhEVt6ea%2BFqs6dl7M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8ccde5b0b3d-OSL
alt-svc: h2=":443"; ma=60

tanceteventu.com/T3VhV2EuFwI6Xi5IA3EUPRlcclMJUFMRBX1EWDwXKR9ZLxF6Awl5AiMaFDMHPRoPI08hEBVyUwkDLgBUPScLOwAOJDQwIyRFKRNSPCUiAREWFiBnBw03Bic3fxk1GCI/OCAWMCoTChYjGQwNZjI4NygfGzcRIxFUAT4NPzkMIzswOQkWLwEPLBM2Fg4FEBZnBwgdEic0KCQoEwgrIjkFMC48DW4zHDdVOSMJJCMSMnYjNwZYABEpbyweMxU9IjgZJh8idi05BiQsOzMgLRcSNC4pDgEEAA8WLSICFRY3IyAtFx0WITc4TAADDxlCKREZLSUGby8cREwwJAc0FTImGzQCFAh2FAUwFhctCh0LDAIKHSUmIzIBCjsvIBYSBS1QI1MMNA0xNSEkKw8WLC8oZlgYMwpiUSkCCTI5IhIrHxk7IgUgRyUGDjkRciYNIlglAFkuWXY3UiVY

13.224.189.48

200 OK

1.2 kB

URL HTTP/1.1
tanceteventu.com/T3VhV2EuFwI6Xi5IA3EUPRlcclMJUFMRBX1EWDwXKR9ZLxF6Awl5AiMaFDMHPRoPI08hEBVyUwkDLgBUPScLOwAOJDQwIyRFKRNSPCUiAREWFiBnBw03Bic3fxk1GCI/OCAWMCoTChYjGQwNZjI4NygfGzcRIxFUAT4NPzkMIzswOQkWLwEPLBM2Fg4FEBZnBwgdEic0KCQoEwgrIjkFMC48DW4zHDdVOSMJJCMSMnYjNwZYABEpbyweMxU9IjgZJh8idi05BiQsOzMgLRcSNC4pDgEEAA8WLSICFRY3IyAtFx0WITc4TAADDxlCKREZLSUGby8cREwwJAc0FTImGzQCFAh2FAUwFhctCh0LDAIKHSUmIzIBCjsvIBYSBS1QI1MMNA0xNSEkKw8WLC8oZlgYMwpiUSkCCTI5IhIrHxk7IgUgRyUGDjkRciYNIlglAFkuWXY3UiVY
IP
13.224.189.48:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Size
1.2 kB (1196 bytes)
Hash
0140541306e1fd57006156cde1cb51ea
796369ca3478e2a5f35f9b17bb1eeb4dec214707
ccb8ca221382f66985abbead33d3da88406d3499b596770a96cf0fb3001aaa4a

HTTP Headers

GET /T3VhV2EuFwI6Xi5IA3EUPRlcclMJUFMRBX1EWDwXKR9ZLxF6Awl5AiMaFDMHPRoPI08hEBVyUwkDLgBUPScLOwAOJDQwIyRFKRNSPCUiAREWFiBnBw03Bic3fxk1GCI/OCAWMCoTChYjGQwNZjI4NygfGzcRIxFUAT4NPzkMIzswOQkWLwEPLBM2Fg4FEBZnBwgdEic0KCQoEwgrIjkFMC48DW4zHDdVOSMJJCMSMnYjNwZYABEpbyweMxU9IjgZJh8idi05BiQsOzMgLRcSNC4pDgEEAA8WLSICFRY3IyAtFx0WITc4TAADDxlCKREZLSUGby8cREwwJAc0FTImGzQCFAh2FAUwFhctCh0LDAIKHSUmIzIBCjsvIBYSBS1QI1MMNA0xNSEkKw8WLC8oZlgYMwpiUSkCCTI5IhIrHxk7IgUgRyUGDjkRciYNIlglAFkuWXY3UiVY HTTP/1.1
Host: tanceteventu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1196
Connection: keep-alive
Date: Thu, 23 Mar 2023 21:31:59 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
X-Cache: Miss from cloudfront
Via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: lXWbg-8Ol6htOWnoyd2u9JDPQv5uEGSbPEoRXkdIIuIHSfFMxGtSvw==

oaxyteek.net/2market_bidshow.php?user_id=27158007&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww88.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D27158007%26pci%3D7198873021%26t%3D1679607118%26dest%3Dhttps%253A%252F%252Fggify.com%252F&url_id=7198873021&t=5c25a6efe8887aa52d55ea87f72cedd1&w=4cbd76a1c99f51a014d5d208b6f718c0

172.67.157.221

200 OK

82 B

URL HTTP/1.1
oaxyteek.net/2market_bidshow.php?user_id=27158007&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww88.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D27158007%26pci%3D7198873021%26t%3D1679607118%26dest%3Dhttps%253A%252F%252Fggify.com%252F&url_id=7198873021&t=5c25a6efe8887aa52d55ea87f72cedd1&w=4cbd76a1c99f51a014d5d208b6f718c0
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
82 B (82 bytes)
Hash
d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c

HTTP Headers

GET /2market_bidshow.php?user_id=27158007&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww88.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D27158007%26pci%3D7198873021%26t%3D1679607118%26dest%3Dhttps%253A%252F%252Fggify.com%252F&url_id=7198873021&t=5c25a6efe8887aa52d55ea87f72cedd1&w=4cbd76a1c99f51a014d5d208b6f718c0 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: FLYSESSID=23s6seqvhll0r7ckteb4p59i36; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:59 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gUKHWuoS5XWu9zSZrvwuHvivdTa4W%2FoAPxt0j3ikg3Csmg8565Rfc4Lp5CfIUiReT2y%2FArUEhJlU5p0bsEx7r2L2IsZOgsO5Gbx3n2EAg%2FGjlQn2a9TyXHXzMgR16Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ac9c8cd8f160b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 21:17:23 GMT
age: 876
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ishedtotigai.info/OG5VN3MXUTZETmtebGIRVDhwBTFeOQdtKnBXZ25CDQc2BANSOThuVUwHMQpFCFpmAUceHjxTTglIJkMSTBsmCkIeBztRHAVIIwpCFl1hGUAKQGcRBgVfc0MDWQloBlVIGiFbTglYYg5FCFlkBUQAXWw

104.21.11.226

204 No Content

0 B

URL HTTP/2
ishedtotigai.info/OG5VN3MXUTZETmtebGIRVDhwBTFeOQdtKnBXZ25CDQc2BANSOThuVUwHMQpFCFpmAUceHjxTTglIJkMSTBsmCkIeBztRHAVIIwpCFl1hGUAKQGcRBgVfc0MDWQloBlVIGiFbTglYYg5FCFlkBUQAXWw
IP
104.21.11.226:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /OG5VN3MXUTZETmtebGIRVDhwBTFeOQdtKnBXZ25CDQc2BANSOThuVUwHMQpFCFpmAUceHjxTTglIJkMSTBsmCkIeBztRHAVIIwpCFl1hGUAKQGcRBgVfc0MDWQloBlVIGiFbTglYYg5FCFlkBUQAXWw HTTP/1.1
Host: ishedtotigai.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 23 Mar 2023 21:31:59 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=an4DFvN3iYPAxsGe%2F7DThbxkPvctZRKiKuDMYZyqjd1NvQ%2Fza8zvECaAVHzS8YvIWlD%2Fv6HZ6xawQbskfCwQDRCDuEKMpOk1EDhpu24Eog8wFe4XglVjcPkxE2DqaKC6Zq1jVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac9c8cdae22b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tanceteventu.com/utx?cb=GJ0fxr7Wlj6g&top=oaxyteek.net&tid=604364

13.224.189.48

204 No Content

0 B

URL HTTP/2
tanceteventu.com/utx?cb=GJ0fxr7Wlj6g&top=oaxyteek.net&tid=604364
IP
13.224.189.48:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=GJ0fxr7Wlj6g&top=oaxyteek.net&tid=604364 HTTP/1.1
Host: tanceteventu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 23 Mar 2023 21:31:59 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Mar 2023 21:32:59 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: lbt4Ct0sHUuF3dXoIaU6uMCh9cgeL7NE5PS5JCxyxbZiK1EyVuZ_hw==
X-Firefox-Spdy: h2

opeanresultanc.com/SlVmQ3crNwUuSCtoBGUCODlbZkUMcFQFE3s0VSkVfz0MLQ5/JlJtFCY6EycRODoIN1kkMBJmRQwnP3A9DQYMCjYCBgEwMxg2BAoZKRMzcwN4MxERMQ0RMy8vCBs2CCUAEDBzOjAFASAcHBEvNCEmYCUaNBABIhEhfTcgIDkPDRJ0MQscMQk/KRI0Ei54HzAvEgksNzovIhAFDw5/DSMVJjAeEXs4AgERKS8tbTIaRCJlMC8PeDcRASMdPyMpLws2Ag4jIQ0zFj4lBQ4nJRs7AnU/DBs+JyYtDTMWPjIcVzshGDgodhQPDycnHQMQMHITexYkJyUbP0sSTwxkJzkTeTouFyIAIwQ0NR4TNQ4HHQQeGxMLIicWRwRnAyQ5HgRUDUMLMjMhOQlsMwc2Oj8DCyUZBAgNHAs+MwsSeSZAKQQlOxZ+GBIjUnICPmAh

108.157.214.82

200 OK

1.2 kB

URL HTTP/1.1
opeanresultanc.com/SlVmQ3crNwUuSCtoBGUCODlbZkUMcFQFE3s0VSkVfz0MLQ5/JlJtFCY6EycRODoIN1kkMBJmRQwnP3A9DQYMCjYCBgEwMxg2BAoZKRMzcwN4MxERMQ0RMy8vCBs2CCUAEDBzOjAFASAcHBEvNCEmYCUaNBABIhEhfTcgIDkPDRJ0MQscMQk/KRI0Ei54HzAvEgksNzovIhAFDw5/DSMVJjAeEXs4AgERKS8tbTIaRCJlMC8PeDcRASMdPyMpLws2Ag4jIQ0zFj4lBQ4nJRs7AnU/DBs+JyYtDTMWPjIcVzshGDgodhQPDycnHQMQMHITexYkJyUbP0sSTwxkJzkTeTouFyIAIwQ0NR4TNQ4HHQQeGxMLIicWRwRnAyQ5HgRUDUMLMjMhOQlsMwc2Oj8DCyUZBAgNHAs+MwsSeSZAKQQlOxZ+GBIjUnICPmAh
IP
108.157.214.82:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3035), with no line terminators
Size
1.2 kB (1186 bytes)
Hash
8a56720c1b938b61154f83610f2cf8b4
3b86b82da84d9ac224a1b2116f79212f8652d6da
5ed8846c4754376cd2254650ae67d0718dbca7e256ba896dd3d7fdbf0384ceae

HTTP Headers

GET /SlVmQ3crNwUuSCtoBGUCODlbZkUMcFQFE3s0VSkVfz0MLQ5/JlJtFCY6EycRODoIN1kkMBJmRQwnP3A9DQYMCjYCBgEwMxg2BAoZKRMzcwN4MxERMQ0RMy8vCBs2CCUAEDBzOjAFASAcHBEvNCEmYCUaNBABIhEhfTcgIDkPDRJ0MQscMQk/KRI0Ei54HzAvEgksNzovIhAFDw5/DSMVJjAeEXs4AgERKS8tbTIaRCJlMC8PeDcRASMdPyMpLws2Ag4jIQ0zFj4lBQ4nJRs7AnU/DBs+JyYtDTMWPjIcVzshGDgodhQPDycnHQMQMHITexYkJyUbP0sSTwxkJzkTeTouFyIAIwQ0NR4TNQ4HHQQeGxMLIicWRwRnAyQ5HgRUDUMLMjMhOQlsMwc2Oj8DCyUZBAgNHAs+MwsSeSZAKQQlOxZ+GBIjUnICPmAh HTTP/1.1
Host: opeanresultanc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1186
Connection: keep-alive
Date: Thu, 23 Mar 2023 21:31:59 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
X-Cache: Miss from cloudfront
Via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: l2dbWpv-MUXdvY4NQ-vc-tOEDIG7uXUHW6Bq1NMdo6tsyXUYo6vWvQ==

tanceteventu.com/utx?cb=Ll123kCeJRh6&top=oaxyteek.net&tid=709056

13.224.189.48

204 No Content

0 B

URL HTTP/2
tanceteventu.com/utx?cb=Ll123kCeJRh6&top=oaxyteek.net&tid=709056
IP
13.224.189.48:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=Ll123kCeJRh6&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: tanceteventu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 23 Mar 2023 21:31:59 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Mar 2023 21:32:59 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: pLDjdyGyvVvMWuq2jJW2a42WTKd3rFuSdBtejtC5jCcizJul9xN50Q==
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12107
Expires: Fri, 24 Mar 2023 00:53:46 GMT
Date: Thu, 23 Mar 2023 21:31:59 GMT
Connection: keep-alive

oaxyteek.net/funcript1679607127827.php?pub=27158007&v=EN1yOoDjAIwkNVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjycc13N9DGVZjuMlT2IVxoOADCcMxuNUjzULzhNxjGYb0pMpj3Ab4NMJzikOziZQjnkb2lZdmWUYwyZVj2Rci1IJny0ez=

172.67.157.221

200 OK

767 B

URL HTTP/2
oaxyteek.net/funcript1679607127827.php?pub=27158007&v=EN1yOoDjAIwkNVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjycc13N9DGVZjuMlT2IVxoOADCcMxuNUjzULzhNxjGYb0pMpj3Ab4NMJzikOziZQjnkb2lZdmWUYwyZVj2Rci1IJny0ez=
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
767 B (767 bytes)
Hash
19dc05b35bafc28455bdf1a4470afcc9
016d774578960fc5284fce159b0c0c4a016ac43c
8008570f5b7618bc82a3096a93927ee1e8084d1a2f116b60f7d07d8beb35eac4

HTTP Headers

GET /funcript1679607127827.php?pub=27158007&v=EN1yOoDjAIwkNVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjycc13N9DGVZjuMlT2IVxoOADCcMxuNUjzULzhNxjGYb0pMpj3Ab4NMJzikOziZQjnkb2lZdmWUYwyZVj2Rci1IJny0ez= HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 21:31:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xMmcmDrjGmKlnp%2BjckVaqDKRhVuUHkIwO%2FYyYzCrelSsETaRizJ%2BQIgow%2Fdtxs4oOkWceOvAn875o7p15xYfnLic2204s6BqrrGFwhIn%2BafA8H2dFKU0eY4s4H8IyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac9c8cd6c6fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/ga.js

142.250.74.174

200 OK

17 kB

URL HTTP/1.1
www.google-analytics.com/ga.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 23 Mar 2023 20:05:11 GMT
Expires: Thu, 23 Mar 2023 22:05:11 GMT
Cache-Control: public, max-age=7200
Age: 5208
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f2ae2af74a14f13b8e7cf2edaa12176a
181dd8fac61ebd4c194cc01f46246f5d8e814802
553247799d8fd8b439f5f54a124bec3b04b95b94499d51a03b4eb01c6164913b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f2ae2af74a14f13b8e7cf2edaa12176a
181dd8fac61ebd4c194cc01f46246f5d8e814802
553247799d8fd8b439f5f54a124bec3b04b95b94499d51a03b4eb01c6164913b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=202930277&utmhn=oaxyteek.net&utme=8(User)9(27158007)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1863079232&utmr=-&utmp=%2F-122347IQDV%2F15hfR&utmht=1679607128280&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1703061529.1679607128.1679607128.1679607128.1%3B%2B__utmz%3D198071217.1679607128.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1901040480&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~

142.250.74.174

302 Found

369 B

URL HTTP/1.1
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=202930277&utmhn=oaxyteek.net&utme=8(User)9(27158007)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1863079232&utmr=-&utmp=%2F-122347IQDV%2F15hfR&utmht=1679607128280&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1703061529.1679607128.1679607128.1679607128.1%3B%2B__utmz%3D198071217.1679607128.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1901040480&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
369 B (369 bytes)
Hash
051a2674d8706cac48e9d1046e8a6224
1c0cddbdf321f1ff1b88f7463138f6496b2484c6
65cd4a96f84e70a7873b53db3418f416953023fe2baf669a4cc07a71efb1c196

HTTP Headers

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=202930277&utmhn=oaxyteek.net&utme=8(User)9(27158007)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1863079232&utmr=-&utmp=%2F-122347IQDV%2F15hfR&utmht=1679607128280&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1703061529.1679607128.1679607128.1679607128.1%3B%2B__utmz%3D198071217.1679607128.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1901040480&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1703061529.1679607128&jid=1901040480&_v=5.7.2&z=202930277
Access-Control-Allow-Origin: *
Date: Thu, 23 Mar 2023 21:31:59 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 369

d1a3jb5hjny5s4.cloudfront.net/rY3JGSjIAHSgsDRcbIncFU0t2fwRFGDUlXBNPKRJEV0MzPgckVDIwVl5CYCZTDRV7bFcNEXt7FAIWJHcGRQY2JVleCyQyXhEcLy5XEVQzKw8OHTwjXg8TY3h0Vlx2bwBTWjEjXAcdMTkXUUIoPhdRQnd6HFNXdQgXUUIxI1xVRmN5cEZAdjIEV1d1CBdRQj-Q8F1Azd3oHTUJvbwBTFSMpWQxXdAwAU0N2egNTQ2N4AgUbNC9UDApjeHRSQnNkAkUHe3s

54.230.245.152

200 OK

451 B

URL HTTP/1.1
d1a3jb5hjny5s4.cloudfront.net/rY3JGSjIAHSgsDRcbIncFU0t2fwRFGDUlXBNPKRJEV0MzPgckVDIwVl5CYCZTDRV7bFcNEXt7FAIWJHcGRQY2JVleCyQyXhEcLy5XEVQzKw8OHTwjXg8TY3h0Vlx2bwBTWjEjXAcdMTkXUUIoPhdRQnd6HFNXdQgXUUIxI1xVRmN5cEZAdjIEV1d1CBdRQj-Q8F1Azd3oHTUJvbwBTFSMpWQxXdAwAU0N2egNTQ2N4AgUbNC9UDApjeHRSQnNkAkUHe3s
IP
54.230.245.152:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (589), with no line terminators
Size
451 B (451 bytes)
Hash
3b4d7b40509fb3ec247dbe7a9e1597c1
1cce61f39afa1009a01cfeb27d2b9ece0f556de8
550caee1d7efdf505819f01573a8e57ce0267fae2d0af0b1fc6763508d21bff3

HTTP Headers

GET /rY3JGSjIAHSgsDRcbIncFU0t2fwRFGDUlXBNPKRJEV0MzPgckVDIwVl5CYCZTDRV7bFcNEXt7FAIWJHcGRQY2JVleCyQyXhEcLy5XEVQzKw8OHTwjXg8TY3h0Vlx2bwBTWjEjXAcdMTkXUUIoPhdRQnd6HFNXdQgXUUIxI1xVRmN5cEZAdjIEV1d1CBdRQj-Q8F1Azd3oHTUJvbwBTFSMpWQxXdAwAU0N2egNTQ2N4AgUbNC9UDApjeHRSQnNkAkUHe3s HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://opeanresultanc.com/

HTTP/1.1 200 OK
Content-Length: 451
Connection: keep-alive
Date: Thu, 23 Mar 2023 21:31:59 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sui0GqrdlTldhVKzLdnsFp5zLcZlKRk08XLUbqYwnL-woGFdflCzMw==

d219kvfj8xp5vh.cloudfront.net/vOW5rRjlaAQUgBk0HD3sPCVpYcA0fBBgpV0lTOCpMAAQefkABVyl1SwBIHzxdBF5NKlhXCVZgXFcNVncfWAoJew0fGhspUgQIDidWXRQaIl9RSB4nBFQBES9VVQ9OdH8MQFtjCwlGHC9XXQEcNRwLXgUyHAteWnYXCUtYBBwLXhwvVw9aTnV7HFxbPg8NS1-gEHAteGTAcCi9adgwXXkJjCwkJDiVSVktZAAsJX1t2CAlfTnQJXwcZI19WFk50fwheXmgJHxtWdw

54.230.245.54

200 OK

524 B

URL HTTP/1.1
d219kvfj8xp5vh.cloudfront.net/vOW5rRjlaAQUgBk0HD3sPCVpYcA0fBBgpV0lTOCpMAAQefkABVyl1SwBIHzxdBF5NKlhXCVZgXFcNVncfWAoJew0fGhspUgQIDidWXRQaIl9RSB4nBFQBES9VVQ9OdH8MQFtjCwlGHC9XXQEcNRwLXgUyHAteWnYXCUtYBBwLXhwvVw9aTnV7HFxbPg8NS1-gEHAteGTAcCi9adgwXXkJjCwkJDiVSVktZAAsJX1t2CAlfTnQJXwcZI19WFk50fwheXmgJHxtWdw
IP
54.230.245.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (726), with no line terminators
Size
524 B (524 bytes)
Hash
8332d8da2696c6ed1e255e266838d303
ffc8feecf2a23d5ede6ff8d8b08a8cbce3109390
bc6109d3f0e77e1876cd1fdb59ce2cdaac1a146d29972f62572cf88384c18e89

HTTP Headers

GET /vOW5rRjlaAQUgBk0HD3sPCVpYcA0fBBgpV0lTOCpMAAQefkABVyl1SwBIHzxdBF5NKlhXCVZgXFcNVncfWAoJew0fGhspUgQIDidWXRQaIl9RSB4nBFQBES9VVQ9OdH8MQFtjCwlGHC9XXQEcNRwLXgUyHAteWnYXCUtYBBwLXhwvVw9aTnV7HFxbPg8NS1-gEHAteGTAcCi9adgwXXkJjCwkJDiVSVktZAAsJX1t2CAlfTnQJXwcZI19WFk50fwheXmgJHxtWdw HTTP/1.1
Host: d219kvfj8xp5vh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tanceteventu.com/

HTTP/1.1 200 OK
Content-Length: 524
Connection: keep-alive
Date: Thu, 23 Mar 2023 21:31:59 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0I0UVp2ohlalIM8H1iFqnEEmq_p8nSFi7AiEYDP3lWMch1FVZTsFpg==

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 806
Cache-Control: max-age=163117
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:59 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 18:50:36 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adf.ly/static/other/main.html

104.20.67.244

200 OK

2.4 kB

URL HTTP/1.1
adf.ly/static/other/main.html
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Size
2.4 kB (2397 bytes)
Hash
b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e

HTTP Headers

GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 23 Mar 2023 21:31:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-8936a98b6e2a0431;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ac9c8cfb9b9b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.oaxyteek.net/static/image/apple-touch-icon.png

104.21.90.149

403 Forbidden

436 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/apple-touch-icon.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
436 B (436 bytes)
Hash
b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a

HTTP Headers

GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-122347IQDV/15hfR
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1679607128.1.0.1679607128.0.0.0; _ga=GA1.1.1703061529.1679607128

HTTP/1.1 403 Forbidden
Date: Thu, 23 Mar 2023 21:31:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JJoSkJ4TscwLkDPCOlMZCqALmtzGJvKv5XPvH%2BrBqHUop1xjhIiAJLTaqAK4NFWDhUtnn9dw998UX0wGyFmReftjrrU5z2wYKS1eEK2mzVAzIR4QEw0I82QHR6g57EJRte%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8cfc8711c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

opeanresultanc.com/utx?cb=eU4JUfWBBeiJ&top=oaxyteek.net&tid=709056

108.157.214.82

204 No Content

0 B

URL HTTP/2
opeanresultanc.com/utx?cb=eU4JUfWBBeiJ&top=oaxyteek.net&tid=709056
IP
108.157.214.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=eU4JUfWBBeiJ&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: opeanresultanc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 23 Mar 2023 21:31:59 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 23 Mar 2023 21:32:59 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 9b9a19a17f71baf11790ad734100cb88.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: JZGpEmZrJtWkKywHEEd7CIJp4o24bVRNT7Go7aFvtPhf1SAag7TZaw==
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.106.19

200 OK

104 kB

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.106.19:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
104 kB (103977 bytes)
Hash
11c8227d1e6c9b16107b274daa5ebc67
bcd52b49083603b36e4a75b3ba13e10ec988ca1b
ce220d10de97dceae7b8f5073d9399d8952d798816e130fd4402935e3b1c6843

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 23 Mar 2023 21:31:59 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1149
last-modified: Thu, 23 Mar 2023 21:12:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfYZIyFIajeP98bflVtp6zyTdyaoju74nHB3SKmNMzI94VT6L6rdyjm2wMgX7sVVWfHG3wgJ6ywgtrpnfLLIX%2FrMViZn5jiEskQHxvYAbBDaSSZLlyprFW7mXGmXQzTD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac9c8ce7e94775c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7RLiwcEA0SzrR_U6112FyBul0q_Q8SaOtr3pHHL8rS7nnzBh6IThmeGYF4KvdcLfQ5UGdKLeg

216.58.207.205

302 Found

396 B

URL HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7RLiwcEA0SzrR_U6112FyBul0q_Q8SaOtr3pHHL8rS7nnzBh6IThmeGYF4KvdcLfQ5UGdKLeg
IP
216.58.207.205:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Size
396 B (396 bytes)
Hash
583345b3ccfbe025ebbea3e7e3b71b30
5be4e63a58671444bd82683447b485f36ccdff28
38d43aa608f7c1b9339c9a9c88e570087650aa4f6edf22b38404dfb699175a57

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7RLiwcEA0SzrR_U6112FyBul0q_Q8SaOtr3pHHL8rS7nnzBh6IThmeGYF4KvdcLfQ5UGdKLeg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Mar 2023 21:31:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1342726145%3A1679607119474480&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7QB_vONDnAB5ljpyISmOMsDVLbLNHe6QjrK4j7inwn6fiw3tMFXTMACoscmafweMUkUKy_ZdQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-stducD3zwlEGR4_LSsxmaA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:t8I7GA63W3s449QqXoPwBWF2eEm53w:_tGLVGsPdOuByaID;Path=/;Expires=Sat, 22-Mar-2025 21:31:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1703061529.1679607128&jid=1901040480&_v=5.7.2&z=202930277

209.85.233.154

200 OK

35 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1703061529.1679607128&jid=1901040480&_v=5.7.2&z=202930277
IP
209.85.233.154:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1703061529.1679607128&jid=1901040480&_v=5.7.2&z=202930277 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Mar 2023 21:31:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

500 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
500 B (500 bytes)
Hash
c803c98c4914a3173d5f43ee63354995
df8b59e75d83a7df85a8bd772e9aa464c184802d
14b57425bee30099640f9eb94613606145c8a16c24ab86a571569fdd2f336322

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TnPriHFGYdR5aOPtdKZcimwlWZMRbZHjUedv7vT4BF9jZ092GmvnGQcrhbWXgEctH2QhYtNA

216.58.207.205

302 Found

397 B

URL HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TnPriHFGYdR5aOPtdKZcimwlWZMRbZHjUedv7vT4BF9jZ092GmvnGQcrhbWXgEctH2QhYtNA
IP
216.58.207.205:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Size
397 B (397 bytes)
Hash
555b9845997320e88c5145143be61df4
cd15e73f5dc6dde374f454fde8ff0e02eb8d460a
9d079c7cd299d5021b7d4c1deb54aff09b32ce96a663db8ada36f21e37232652

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TnPriHFGYdR5aOPtdKZcimwlWZMRbZHjUedv7vT4BF9jZ092GmvnGQcrhbWXgEctH2QhYtNA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Mar 2023 21:31:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-553564695%3A1679607119530060&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Q9PPWv9Zqb7CcSPBEwlLaRJILTgfENU2L3qGCjx_kZCFMTpq1XwId5S191LxskvJcmnLGE4Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-H1HADyIwMeTOKyutZcRoiw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:B70SQjNPhEIP2N1TMhIYRq8A7ZpXpA:SHFahQsGtBCNd4JZ;Path=/;Expires=Sat, 22-Mar-2025 21:31:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 21:31:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.43.157.124

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.157.124:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uCVNroHGNyKyK7WS9ja5vw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sHp9DChZKtzQKUkEqrJI2Evbfe8=

ishedtotigai.info/popunder.gif

104.21.11.226

301 Moved Permanently

809 B

URL HTTP/1.1
ishedtotigai.info/popunder.gif
IP
104.21.11.226:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, max compression\012- data
Size
809 B (809 bytes)
Hash
76eadce5ebea763a08014b39c08e1b33
89bda5d8035b7511d1528bc8f918a31371e5918c
0f162227f9b22e27806b9ba5c2fb2af07b84b99c6e2e1c04aaeed4b4b6a157d6

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: ishedtotigai.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 21:31:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 22:31:59 GMT
Location: https://ishedtotigai.info/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dK6QO2WFJL5JxEFUMnu4QZq%2Bg5npq8WFGqDH%2BsmVuQjCwZEh9SHdu5xWKqNMKXQUF8DX5PTp46ufxn0EM3ZUaCi6StoaOKPxjaE0eotED4McY2fM%2FZKVaXQSi%2FIzgdVzNFOkg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac9c8d19ebdb50b-OSL
alt-svc: h2=":443"; ma=60

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

216.58.207.205

302 Found

6.7 kB

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
216.58.207.205:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
6.7 kB (6714 bytes)
Hash
3826a19343df5748432df388b06064fa
5f4345ecc4166c54b752b16bdbdb8f959ad5dbc3
bfd8b548721faa8020e6fc6a32da7155b6af0d7b063f1ad0f52f7b9a431d2ccb

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Mar 2023 21:31:59 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TnPriHFGYdR5aOPtdKZcimwlWZMRbZHjUedv7vT4BF9jZ092GmvnGQcrhbWXgEctH2QhYtNA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-egAPb3YOCUgb6mkeuD5-hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:dbtmXdi-4-QIZyw938I0uUM-TXt36g:zxnpYh1m8LR8KGRb; Expires=Sat, 22-Mar-2025 21:31:59 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473

54.230.245.39

200 OK

52 kB

URL HTTP/1.1
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (15955)
Size
52 kB (51544 bytes)
Hash
f04cc13293014fa37b8daf1993ed4c7d
dc29c5caa08850c5a7640caddb7175bfe4576af7
3546c4d579c61bdf34926e84dda583df1772f8e755788259dc192730f21881a2

HTTP Headers

GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/

HTTP/1.1 200 OK
Content-Length: 51544
Connection: keep-alive
Date: Thu, 23 Mar 2023 21:31:59 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Hf8oVOpsLJAUUDdo7BpVxk9odWIGMTwq8-8XHLvVYmvj7ZJntcZDKw==

www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

157.240.200.35

200 OK

7.5 kB

URL HTTP/2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type
data
Size
7.5 kB (7472 bytes)
Hash
150b6a5fa3e3bc11202da8bc37a6bcd1
faa64663e805ce29208bf0a297596a00a5d0cab6
21af2d92d2008fbbe9db16f4240784b764cd583e00228c9165808f704b758f42

HTTP Headers

GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: kBAqbQ6Q91SMp4tR0TDbfLlN2pS2xuC802BU5wxwWADZUDSyyX66k44R9OydVOrugX3MbarDOaCIjpQnPUANbg==
date: Thu, 23 Mar 2023 21:31:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

216.58.207.205

302 Found

4.1 kB

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
216.58.207.205:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
4.1 kB (4121 bytes)
Hash
f34e1e13d9810a6b20bc763b88ac2764
4da535f42e11765c002ccc3d46c3f1a66ed72a40
15273f9b2a63dd98d434b931c7066095f31801e1ad4290480b0508c56a18f0ad

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 23 Mar 2023 21:31:59 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7RLiwcEA0SzrR_U6112FyBul0q_Q8SaOtr3pHHL8rS7nnzBh6IThmeGYF4KvdcLfQ5UGdKLeg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-dhn5_vIKr6e7cZ9XgfWyXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:UPjIugmRweBhQCDCt61zPS2wST5NTw:QfZbCTslI7Nwtx3K; Expires=Sat, 22-Mar-2025 21:31:59 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152

157.240.200.35

301 Moved Permanently

0 B

URL HTTP/1.1
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 23 Mar 2023 21:31:59 GMT
Connection: keep-alive
Content-Length: 0

region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je33m0&_p=1863079232&cid=1703061529.1679607128&ul=en-us&sr=1280x1024&_s=1&sid=1679607128&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-122347IQDV%2F15hfR&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je33m0&_p=1863079232&cid=1703061529.1679607128&ul=en-us&sr=1280x1024&_s=1&sid=1679607128&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-122347IQDV%2F15hfR&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GT41R23D5L&gtm=45je33m0&_p=1863079232&cid=1703061529.1679607128&ul=en-us&sr=1280x1024&_s=1&sid=1679607128&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-122347IQDV%2F15hfR&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://oaxyteek.net
date: Thu, 23 Mar 2023 21:31:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17380
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 21:32:00 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17380
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 21:32:00 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17380
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 21:32:00 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17380
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 21:32:00 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17380
Expires: Fri, 24 Mar 2023 02:21:40 GMT
Date: Thu, 23 Mar 2023 21:32:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4912 bytes)
Hash
f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:44 GMT
age: 85456
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10480 bytes)
Hash
6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:59:52 GMT
age: 84728
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5556 bytes)
Hash
c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 05:35:55 GMT
age: 57365
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6692 bytes)
Hash
c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:54:24 GMT
age: 49056
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
9.5 kB (9488 bytes)
Hash
0caa1d75536c5700e721c506a2de57d0
8a7ca02e80ed3d24c0d112a2d3520a30b46b5efe
6119937e0f1a5909e7a034e1f1d85684e214f1132c70737acd849f9cc162ec34

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pvFey5NWlIqIXlHLMYSUiylATCU1ZxodOb6imsPCxrJDRscwky8dVQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:48:27 GMT
age: 85413
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10407 bytes)
Hash
2062cf7a271d4ac7a04c0a746d443e07
3343851f2128c5f1fe4302c2aa53e8ce1fb661ac
e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqJhGnXIAMF1yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: lKww3e9Hvk0r0LPn7u6pu6Fx9V8RThNVxQEdyWVFAQdOun-53X-tLw==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:49:35 GMT
age: 85345
etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=130278380&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(27158007)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1863079232&utmr=-&utmp=%2F-122347IQDV%2F15hfR&utmht=1679607132831&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1703061529.1679607128.1679607128.1679607128.1%3B%2B__utmz%3D198071217.1679607128.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~

142.250.74.174

200 OK

35 B

URL HTTP/1.1
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=130278380&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(27158007)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1863079232&utmr=-&utmp=%2F-122347IQDV%2F15hfR&utmht=1679607132831&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1703061529.1679607128.1679607128.1679607128.1%3B%2B__utmz%3D198071217.1679607128.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=130278380&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(27158007)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1863079232&utmr=-&utmp=%2F-122347IQDV%2F15hfR&utmht=1679607132831&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1703061529.1679607128.1679607128.1679607128.1%3B%2B__utmz%3D198071217.1679607128.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Thu, 23 Mar 2023 18:05:17 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 12406
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif

narepuewrwq.info/popunder.gif

172.67.148.35

200 OK

0 B

URL HTTP/2
narepuewrwq.info/popunder.gif
IP
172.67.148.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: narepuewrwq.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 23 Mar 2023 21:31:59 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 3936
last-modified: Thu, 23 Mar 2023 20:26:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBtm9VItCSGfV%2FSTrwtOZe1t%2BQ1Nqhxk7XeIiZvcXxak%2FC1gC%2BPMeVd7Cr0qUvVs9EulpOpK4dYrnmX3k7cy2qyqk8I%2B0Hdhf7FEQZizednR7KakYsTbnq8duTldWv9v0t4r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac9c8ce4dd6b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.106.19

200 OK

0 B

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.106.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 23 Mar 2023 21:31:59 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1149
last-modified: Thu, 23 Mar 2023 21:12:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXshbcLkOtg2MYljClQ8H5hyKQW0rDJ8WFqrkIQ0kki6pZyKbKweHUW8H0X%2FySJVqWOszCLmIKtX%2FRabohbc2R6jJMd3a4DJhMK8tZ8OG%2FAvQjLx7skBzDq8xBrX%2B6Jv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac9c8ce5e5c775c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/

172.64.106.19

200 OK

0 B

URL HTTP/2
pogothere.xyz/
IP
172.64.106.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Mar 2023 21:31:59 GMT
content-type: text/plain
set-cookie: csu=1499474708895481@1@1679607119; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXBblJzN62uPpTAFt1SVe2NepfjIZXUstQNr5IjTpcmxO0DUtwClr%2BkEG4F47L23RO2ZSotQdlM4%2Fws%2BP48wQg9Z%2B8dfWMiL0Ok1hGwX2sYk2ChKGklBf57oYYCxzzT6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac9c8ce6e7c775c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML