ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash b1f65a0380152ed39bc45d4942698ea2
77e679c94d1479f3df377624acc494cdeab57bb1
7740c8dd1e4f0821e5c244ba33b896067be902d2ab45cefc9f56c8a2555df81a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Jun 2023 03:04:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Jun 2023 17:19:56 GMT
Expires: Sun, 11 Jun 2023 17:19:55 GMT
Etag: "77e679c94d1479f3df377624acc494cdeab57bb1"
Cache-Control: max-age=484152,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d2d6e34081ab4ff-OSL
datatechonert.com/log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763
37.48.68.71 12 B URL datatechonert.com/log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1674
Origin: https://cdntechone.com
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 06 Jun 2023 03:04:53 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v
34.192.29.125302 Found 0 B URL User Request GET HTTP/1.1 sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v
IP 34.192.29.125:443
Certificate IssuerLet's Encrypt
Subjectsweetbird.net
Fingerprint3E:E0:45:F6:85:42:86:58:D1:24:31:89:EA:EC:D1:70:D6:68:D1:F6
ValidityFri, 07 Apr 2023 02:08:41 GMT - Thu, 06 Jul 2023 02:08:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=97xwtzyoopcwl3bwxl6v HTTP/1.1
Host: sweetbird.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.2
Date: Tue, 06 Jun 2023 03:04:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=7v4pb4sy3y; expires=Wed, 07-Jun-2023 03:04:53 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=7v4pb4sy3y-7v4pb4sy3y-3zbl-0-m70-oj7v-oj8r-385bca; expires=Wed, 07-Jun-2023 03:04:53 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://6.lands.ninja?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Strict-Transport-Security: max-age=31536000
6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
52.3.131.13200 OK 7.0 kB URL User Request GET HTTP/2 6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
IP 52.3.131.13:443
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6123)
Hash 6dba10eaa7d891abc4076f2d55b81bf4
947e81d5a95fbf94eb534175ae786b762655465f
878f02475c307854cc5ffd7e212b09f67f26e22c4446bb1e556f712f96de6ba1
GET /?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdntechone.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 20 Feb 2023 18:23:51 GMT
etag: "34b3-5f525c3cadbc0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7042
content-type: text/html
date: Tue, 06 Jun 2023 03:04:53 GMT
server: Apache
X-Firefox-Spdy: h2
6.lands.ninja/img/man.png
52.3.131.13200 OK 11 kB URL GET HTTP/2 6.lands.ninja/img/man.png
IP 52.3.131.13:443
Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /img/man.png HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 17:54:25 GMT
etag: "295f-5e69bc9e37640"
accept-ranges: bytes
content-length: 10591
content-type: image/png
date: Tue, 06 Jun 2023 03:04:54 GMT
server: Apache
X-Firefox-Spdy: h2
6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33
52.3.131.13200 OK 5.1 kB URL GET HTTP/2 6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33
IP 52.3.131.13:443
Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type ASCII text, with very long lines (14442), with no line terminators
Hash d9399ffec754a2bdbbf4bfd2b785be4d
e67963687ee1a80f7f2500d8223d601d145a97cc
a5d43d7214a29ae16f5bbefc716c73d76760cdd93d30e8170fc842bdf3be2734
GET /rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33 HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Feb 2023 13:57:14 GMT
etag: "386a-5f5aedb2fa280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5108
content-type: text/javascript
date: Tue, 06 Jun 2023 03:04:54 GMT
server: Apache
X-Firefox-Spdy: h2
6.lands.ninja/img/logo.png
52.3.131.13200 OK 1.1 kB URL GET HTTP/2 6.lands.ninja/img/logo.png
IP 52.3.131.13:443
Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /img/logo.png HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 17:54:24 GMT
etag: "425-5e69bc9d43400"
accept-ranges: bytes
content-length: 1061
content-type: image/png
date: Tue, 06 Jun 2023 03:04:54 GMT
server: Apache
X-Firefox-Spdy: h2
6.lands.ninja/img/bot.png
52.3.131.13200 OK 11 kB URL GET HTTP/2 6.lands.ninja/img/bot.png
IP 52.3.131.13:443
Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type PNG image data, 260 x 260, 8-bit colormap, non-interlaced\012- data
Hash ca1f4de0ad1d4fad72d299a6411e6959
c9f6d409f09264a34ee8bac4265233c56c280d1a
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
GET /img/bot.png HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 17:54:24 GMT
etag: "2b23-5e69bc9d43400"
accept-ranges: bytes
content-length: 11043
content-type: image/png
date: Tue, 06 Jun 2023 03:04:54 GMT
server: Apache
X-Firefox-Spdy: h2
us.wenga.xyz/pb/st
38.100.129.135200 OK 34 B IP 38.100.129.135:443
Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject*.wenga.xyz
Fingerprint96:D4:49:AC:4D:4B:8E:B0:1A:16:E6:92:EC:4F:92:42:70:65:3B:CB
ValiditySun, 28 May 2023 23:08:36 GMT - Sat, 26 Aug 2023 23:08:35 GMT
File type ASCII text, with no line terminators
Hash 027d3b7eb224476eeeef5fb4603d52ad
d8413242296f1eee3a3c40ff6e28f2211ac778da
6f9d4356870080ec8ace58f54cc9b6d006577cf9d192f5075d715db16a3f767a
GET /pb/st HTTP/1.1
Host: us.wenga.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.lands.ninja/
Origin: https://6.lands.ninja
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.15.8.3
date: Tue, 06 Jun 2023 03:04:55 GMT
content-type: text/html;charset=UTF-8
content-length: 34
access-control-allow-origin: https://6.lands.ninja
access-control-allow-credentials: true
X-Firefox-Spdy: h2
us.wenga.xyz/pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://us.wenga.xyz/pb/st
38.100.129.135200 OK 0 B URL GET HTTP/2 us.wenga.xyz/pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://us.wenga.xyz/pb/st
IP 38.100.129.135:443
Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject*.wenga.xyz
Fingerprint96:D4:49:AC:4D:4B:8E:B0:1A:16:E6:92:EC:4F:92:42:70:65:3B:CB
ValiditySun, 28 May 2023 23:08:36 GMT - Sat, 26 Aug 2023 23:08:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://us.wenga.xyz/pb/st HTTP/1.1
Host: us.wenga.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.15.8.3
date: Tue, 06 Jun 2023 03:04:55 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2