Report - download.oxy.st/d/yvPf/2/c8711980fa285d1d428cf84f60663a75

Report Overview

Submitted URL
download.oxy.st/d/yvPf/2/c8711980fa285d1d428cf84f60663a75
IP
185.178.208.137
ASN
#57724 Ddos-guard Ltd
Submitted
2023-02-08 22:12:23
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	7.1 kB	19 kB	95.101.11.115
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	5.1 kB	9.3 kB	93.184.220.29
dnacdn.net	3760	2019-09-02T17:07:45Z	2023-03-13T07:41:37Z	404 B	638 B	178.250.0.157
d2zur9cc2gf1tx.cloudfront.net	unknown	2020-12-01T13:47:11Z	2023-03-13T05:21:11Z	413 B	26 kB	54.230.245.166
gum.criteo.com	381	2015-01-22T11:58:57Z	2023-03-13T07:21:44Z	2.6 kB	8.7 kB	178.250.0.157
lb.eu-1-id5-sync.com	unknown	2022-06-06T14:52:22Z	2023-03-13T05:36:40Z	416 B	371 B	162.19.138.83
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	49 kB	34.120.237.76
ag.gbc.criteo.com	5925	2018-12-17T14:17:41Z	2023-03-13T05:53:12Z	386 B	574 B	185.235.84.79
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	436 B	1.6 kB	104.17.24.14
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	680 B	1.9 kB	104.18.32.68
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	1.1 kB	4.7 kB	104.18.21.226
c.tmyzer.com	26868	2018-02-26T16:04:41Z	2023-03-13T05:20:58Z	397 B	264 B	54.38.64.100
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.7 kB	5.6 kB	142.250.74.163
id5-sync.com	504	2017-01-25T22:02:34Z	2023-03-13T05:10:36Z	1.3 kB	2.1 kB	162.19.138.118
secure.adnxs.com	396	2012-05-22T18:37:37Z	2023-03-13T05:28:06Z	1.2 kB	2.2 kB	37.252.171.53
inklinkor.com	unknown	2022-04-01T13:44:00Z	2023-03-13T06:35:03Z	359 B	1.1 kB	104.21.91.63
s.cpx.to	2014	2014-10-25T15:31:28Z	2023-03-13T06:08:01Z	993 B	2.0 kB	63.32.219.30
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	357 B	1.9 kB	104.18.20.226
match.adsrvr.org	349	2012-05-21T10:27:04Z	2023-03-13T05:21:15Z	416 B	352 B	15.197.193.217
mwzeom.zeotap.com	1406	2017-01-29T20:08:22Z	2023-03-13T05:20:58Z	844 B	568 B	104.22.24.87
offerimage.com	304078	2019-06-10T13:11:53Z	2023-03-13T08:06:22Z	419 B	14 kB	104.22.32.172
rules.quantcount.com	877	2018-06-15T17:43:28Z	2023-03-13T05:20:58Z	380 B	650 B	54.230.111.33
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.81.123.193
p.cpx.to	10368	2015-01-23T02:00:57Z	2023-03-13T07:56:11Z	357 B	2.2 kB	18.203.96.189
ads.adlook.me	43352	2018-11-28T13:50:19Z	2023-03-13T08:33:52Z	488 B	389 B	212.116.120.34
whereres.com	unknown	2022-09-27T19:04:48Z	2023-03-12T21:21:08Z	379 B	9.2 kB	88.208.46.156
tzegilo.com	unknown	2022-01-14T16:27:15Z	2023-03-13T06:33:04Z	357 B	7.6 kB	172.64.104.21
counter.yadro.ru	7275	2014-09-09T20:41:17Z	2023-03-13T07:26:53Z	514 B	665 B	88.212.202.52
ads.themoneytizer.com	28463	2014-05-26T15:46:02Z	2023-03-13T05:20:58Z	1.6 kB	1.7 kB	185.76.9.26
betotodilea.com	52465	2021-08-17T09:55:50Z	2023-03-13T05:31:16Z	4.5 kB	52 kB	139.45.197.237
ced.sascdn.com	6332	2012-05-21T08:46:34Z	2023-03-13T08:46:59Z	367 B	34 kB	95.101.11.123
contextual.media.net	513	2012-05-21T09:20:31Z	2023-03-13T05:53:10Z	1.6 kB	7.1 kB	2.18.172.23
image2.pubmatic.com	873	2012-05-21T15:21:02Z	2023-03-13T05:50:14Z	1.1 kB	343 kB	185.64.189.110
onetag-sys.com	1840	2015-04-08T13:30:19Z	2023-03-13T05:20:58Z	508 B	113 B	51.89.9.254
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	389 B	31 kB	142.250.74.138
secure.quantserve.com	973	2012-05-22T22:26:25Z	2023-03-13T05:20:58Z	365 B	293 B	91.228.74.251
tag.leadplace.fr	28142	2015-07-08T10:10:21Z	2023-03-13T05:20:58Z	888 B	6.1 kB	145.239.193.51
ibrapush.com	unknown	2020-04-18T16:40:35Z	2023-03-13T09:49:24Z	3.1 kB	3.8 kB	139.45.197.250
nanouwho.com	unknown	2022-07-09T22:30:29Z	2023-03-13T05:15:46Z	6.4 kB	4.7 kB	139.45.197.242
csm.fr.eu.criteo.net	6845	2017-01-30T06:18:06Z	2023-03-13T07:05:22Z	547 B	358 B	178.250.0.162
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	337 B	1.4 kB	35.241.9.150
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.5 kB	100 kB	142.250.74.35
adtrack.adleadevent.com	30718	2015-02-02T16:16:49Z	2023-03-13T05:20:59Z	483 B	509 B	108.128.16.246
cdn.adlook.me	108334	2018-11-26T09:56:10Z	2023-03-12T22:29:34Z	1.2 kB	23 kB	92.223.126.57
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	944 B	54.230.245.110
download.oxy.st	unknown	2020-07-14T20:49:57Z	2023-03-13T02:34:24Z	14 kB	380 kB	185.178.208.137
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
lg3.media.net	3558	2017-08-23T13:25:04Z	2023-03-13T09:02:59Z	853 B	336 B	23.38.200.22
mpraven.org	unknown	2022-09-06T16:22:31Z	2023-03-13T01:02:29Z	819 B	593 B	88.208.5.115
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	959 B	1.5 kB	139.45.195.8
pixel.quantserve.com	417	2012-05-21T21:45:06Z	2023-03-13T05:28:27Z	710 B	459 B	91.228.74.251
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	472 B	630 B	142.250.74.106
yastatic.net	72282	2014-03-11T08:15:28Z	2023-03-13T05:16:26Z	946 B	90 kB	178.154.131.217
mediasama.com	166244	2015-11-22T06:12:08Z	2023-03-13T06:52:35Z	6.0 kB	3.9 MB	149.56.38.113
cm.g.doubleclick.net	202	2012-05-22T11:58:28Z	2023-03-13T08:33:33Z	1.0 kB	2.6 kB	216.58.211.2
spl.zeotap.com	1638	2017-01-27T16:44:52Z	2023-03-13T05:20:58Z	397 B	383 B	104.22.24.87

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-08 22:13:07	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-08 22:13:07	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-08 22:13:08	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-08 22:13:08	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	betotodilea.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed
2023-02-08	medium	nanouwho.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (58)

	URL	Size	First Seen	Last Seen
	download.oxy.st/d/yvPf	212 B	2023-03-13	2023-03-13
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash c022d67bbaf05c336c80a0d8a303c5ca 66d4205ff6e51df8a37b38b0d73c489de368d3e8 88040a1d93a285847f6c5eb964cc57010e7460cdd03aad5184dfa37c7bae921d Loading...

	download.oxy.st/slake/asset/js/ajax-subscribe.js	1.4 kB	2023-03-08	2024-04-20
Pretty URL download.oxy.st/slake/asset/js/ajax-subscribe.js IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:10:53 Last Seen2024-04-20 19:02:09 Times Seen19335 Hash b53436c6ec7e681a3edcec13f42ec715 0aa1b02b89e734193d43d6385ebc5939bb666fd0 3b28dd2b4eda9085ee35fb2aae1d706c6d003c2521e4ad62bb2ef2e6969bca83 Loading...

	download.oxy.st/d/yvPf	183 B	2023-03-08	2023-04-01
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:10:53 Last Seen2023-04-01 10:27:01 Times Seen24 Hash dcfcdc72905c80505fc5222e23485031 afc7e2812ad5c3f7eb6954e4f54c6bee6e6f90f6 9518487666010d845d26fe2dd23260f566b305b6b528852a611a798d34d7df12 Loading...

	spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258	62 kB	2023-03-07	2023-03-26
Pretty URL spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258 IP 104.22.24.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:29 Last Seen2023-03-26 09:14:01 Times Seen2 Hash 2274941132e3cabeb06ba10635e091e1 eae64e2336d41f210e684d766bbc90752b67f25a 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f Loading...

	nanouwho.com/27/90f7f588ad5892e2821c323c80d6c1b6	410 kB	2023-03-13	2023-03-14
Pretty URL nanouwho.com/27/90f7f588ad5892e2821c323c80d6c1b6 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:49:13 Last Seen2023-03-14 05:02:21 Times Seen1 Hash b8395a0def782b0e8e05ea592db784f0 c75780fba97d89d81dc66f6153e5136a17356537 ca94bff5adecb78dbfae6bb35bd971d18e28ff290b3758e4be7c8ab9b8844cc7 Loading...

	download.oxy.st/slake/asset/js/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL download.oxy.st/slake/asset/js/jquery.min.js IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-26 10:26:38 Times Seen25944 Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Loading...

	download.oxy.st/d/yvPf	203 B	2023-03-08	2024-04-20
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:10:53 Last Seen2024-04-20 19:02:08 Times Seen9791 Hash bff65d72294ae1a1fc014c9e9f776615 cf200b19907d85ad2bcc12a6224d52b0e791cdaf 3d94f0c46ddac793f8834d2727f4f4c38915244512e7a4b42ec10d68106a7660 Loading...

	download.oxy.st/d/yvPf	193 B	2023-03-12	2023-03-13
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:58:04 Last Seen2023-03-13 22:55:43 Times Seen1 Hash c6f43beae4de3a12d3b73d59d424abab 572a02205a5f39f98da834572d60b4f2612f4a43 980850e4e7d9aff8c856608a70c975771451b48f2fff4ded566311403d16ec3b Loading...

	ads.themoneytizer.com/moneybile.js	39 kB	2023-03-07	2023-11-06
Pretty URL ads.themoneytizer.com/moneybile.js IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2023-11-06 07:20:59 Times Seen1830 Hash efe528f52c3d05d68794f3f0f8146a8e 577c01fdfae7dcc7e7d23009d74422f61b414783 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3 Loading...

	ibrapush.com/pfe/current/tag.min.js?z=5630104	15 kB	2023-03-13	2023-03-14
Pretty URL ibrapush.com/pfe/current/tag.min.js?z=5630104 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:16:15 Last Seen2023-03-14 05:20:20 Times Seen1 Hash f37ecc39dc4f3f4f4f5427f26813cf28 5a167a66a9fd08f47a7c688a61f994064c7de22e 59197f385292a6620e439f1b15a990ec57a75bcfa0e2a95cae10606642cb4136 Loading...

	ads.themoneytizer.com/s/gen.js?type=2	4.6 kB	2023-03-13	2023-04-12
Pretty URL ads.themoneytizer.com/s/gen.js?type=2 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:51:45 Last Seen2023-04-12 04:42:27 Times Seen296 Hash e5a00dab4d3e3e5b4e7e6b9ef9ccb8e8 3bdf5decc2e641e193f75afee4bbd615cb0136da 5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923 Loading...

	ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js	601 kB	2023-03-13	2023-03-26
Pretty URL ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:38:44 Last Seen2023-03-26 14:40:02 Times Seen88 Hash 8d7bf07cc165e1b8b8a45fb7a4ccd10c ea7fa405d9a81cb044499b88e16a709c51b01eab 9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0 Loading...

	download.oxy.st/d/yvPf	255 B	2023-03-09	2024-04-18
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:57:24 Last Seen2024-04-18 09:27:26 Times Seen7522 Hash d47a28c42c0b4402186a014830e33c59 c65eca97fa75a6d7910a6511c9c26b7927c91dc2 b45fb4585ee569e83749f3d7dc9e2da394a9d6d463e1e8fc2effebbfb8527dc3 Loading...

	download.oxy.st/d/yvPf	193 B	2023-03-08	2024-04-20
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:10:53 Last Seen2024-04-20 19:02:09 Times Seen9763 Hash 6ecfa1336326d765e016a88ab498b19f f2c66833233de0ec9d468035e8b78dfc40a78de9 abf0d3ee81363003e4704b84b6662250bd8d3ced4685ef9ed9c9122328ae68e1 Loading...

	s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322	661 B	2023-03-13	2023-03-13
Pretty URL s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322 IP 63.32.219.30 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash 8d58b5e34d8847a71ee626c4bf7842b2 0456e6181a5aeeff8151b64417f06d4db3ec186d ea5a97a6be92b79c4d7cfd453b20e52cf691bc4c9f8f749fdda4acc60f2f21b2 Loading...

	mediasama.com/starharem/01/s/index_rt.html	66 B	2023-03-07	2023-04-05
Pretty URL mediasama.com/starharem/01/s/index_rt.html IP 149.56.38.113 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2023-04-05 01:59:44 Times Seen2 Hash a34c74f5a0f4c82a893bd20da6a62f14 8a062e7b3d648e5a4bd24d63c34fb6d77bf8853a f8ad5d8fad94dc20cfc2d172435b5556d3ca13289566d16bb8a3f84ecaa11ef1 Loading...

	download.oxy.st/d/yvPf	104 B	2023-03-13	2023-03-13
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash b9f82d5bcd402ee7fc1351d656c9fd87 fe008b28f3580b23536a4ca3d972cb867f72ca10 ba7888ac40ece74a89d59142d2bc4c334c68530e70a3648119a5458fdf34a605 Loading...

	d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js	26 kB	2023-03-07	2023-11-30
Pretty URL d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js IP 54.230.245.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:29 Last Seen2023-11-30 03:07:33 Times Seen15813 Hash 8703fc9eead243fe2f47380e962d7fa2 3d9f707259112fa9ccdd1e676f00eadcff71906c b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213 Loading...

	contextual.media.net/dmedianet.js?cid=8CU7BC15F	149 kB	2023-03-13	2023-03-13
Pretty URL contextual.media.net/dmedianet.js?cid=8CU7BC15F IP 2.18.172.23 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash 3d8ff6fb20fefcb1fd3d34131d599c8e ec4b0c2a3cf2ef19d4fc122326e40d6ee26cdf34 3ab3fa8915056c9c54d37b9374a4fa81608fb716b4403ebc8f62daa7c0786343 Loading...

	secure.quantserve.com/quant.js	26 kB	2023-03-13	2023-03-14
Pretty URL secure.quantserve.com/quant.js IP 91.228.74.251 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:54:25 Last Seen2023-03-14 00:00:09 Times Seen1 Hash bbeae221ba5e592568957a38afe753da f9590fc8632e5f0a320573091ffe67d83a59964f 2a15822e997e4b7b172e4b1e4c1366dd01f10ff936a8971ce15510f207b5d25c Loading...

	download.oxy.st/d/yvPf	711 B	2023-03-09	2024-04-20
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:57:24 Last Seen2024-04-20 19:02:09 Times Seen9677 Hash 13e6988b26e75ff59bcbc49efbcd731e a69dec8eeeae18fa09688a66572d7329706ec7a4 7f9fb86fa3190bd7ccbd2c4d56b9ed87d71897e299917eaa5dc41ffdbb1f74ab Loading...

	tag.leadplace.fr/libJsLP.js	5.5 kB	2023-03-07	2023-12-06
Pretty URL tag.leadplace.fr/libJsLP.js IP 145.239.193.51 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:29 Last Seen2023-12-06 11:11:01 Times Seen14646 Hash a0c24f993bc0901cfe62d1e801cb2b45 7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333 Loading...

	ced.sascdn.com/tag/1097/smart.js	99 kB	2023-03-13	2023-03-14
Pretty URL ced.sascdn.com/tag/1097/smart.js IP 95.101.11.123 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:30:17 Last Seen2023-03-14 13:44:04 Times Seen1 Hash 45645cc76a04795b4eee6130dcf57dc1 b1c8c76606daaa158553f18a7d791422630f61a3 876626ded6c9d01e8764f738775f4c00a85312a5a63959ef7547cc6d1af5c506 Loading...

	cdn.adlook.me/u/cds.html	1.3 kB	2023-03-07	2023-03-29
Pretty URL cdn.adlook.me/u/cds.html IP 92.223.126.57 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:53:41 Last Seen2023-03-29 23:33:16 Times Seen25 Hash b1085e2e3e7908742eebe4b9c54d28e0 dbc685b9fd34b562bf2d8d140ce3f2824108994a 5d37320a43aaf6303b47381532935be8ea870415a8f006a83ffc2e8f1611a715 Loading...

	betotodilea.com/400/5630102	84 kB	2023-03-13	2023-03-13
Pretty URL betotodilea.com/400/5630102 IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash 65e8ddd783297052bc1cf1cb9adf9cbf 952b29a9ecebfe60897cc8de982fb1b47a214cec 8032fb901335fef66323f73202f300e472dc829e32c10a8f55de375da582b2a9 Loading...

	rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js	1.1 kB	2023-03-08	2023-05-06
Pretty URL rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:17:06 Last Seen2023-05-06 00:25:32 Times Seen369 Hash 1f431dc94c1f033d6666f0fe637e2d7b 18ee472909d5856fe9684765258c50731efbbdbe 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c Loading...

	download.oxy.st/d/yvPf	199 B	2023-03-09	2024-04-20
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:57:24 Last Seen2024-04-20 19:02:08 Times Seen9489 Hash c178512b2fa871ed859cc5c78614a90f 3ea9b0941dac51dd0ec23713471efcf88e4fe204 916a18878c3b59bd1b1faf426fd8e58722a759fcd14f5fe3209943b74a5bc952 Loading...

	download.oxy.st/slake/asset/js/ajax-mail.js	1.7 kB	2023-03-08	2024-04-20
Pretty URL download.oxy.st/slake/asset/js/ajax-mail.js IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:10:53 Last Seen2024-04-20 19:02:09 Times Seen19362 Hash 06acf64af6cd1d69540460ddb018c78c 9db22d7b6b6a223abca82e69fc4fba0c987587c2 259ce4dee332f67cc9d86367330efa87617f8c78428774d26dd0528f4942f39c Loading...

	gum.criteo.com/sync?c=147&r=2&j=criteoCallback	30 kB	2023-03-07	2023-03-26
Pretty URL gum.criteo.com/sync?c=147&r=2&j=criteoCallback IP 178.250.0.157 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:36:08 Last Seen2023-03-26 04:43:41 Times Seen35 Hash 80bfc02fde42033a0f48537690341313 268ee930484015bbbaf4f221a76d800bfba7f24d 259a03dd0fab544bf8564bacd97ad8562de81c929f00037a463f77fee3445fb0 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 11:05:36 Times Seen106333 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	whereres.com/api/scripts/mSetupWidget?id=363	35 kB	2023-03-12	2023-03-14
Pretty URL whereres.com/api/scripts/mSetupWidget?id=363 IP 88.208.46.156 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:08:26 Last Seen2023-03-14 06:50:29 Times Seen1 Hash dc43adec9be7ab048033ee28b0477ad1 63db771d90e9c1018605e140b2490a35da3d77ea 52e0cf3855c906381d0c5c0de9209dd3bf3de9289addf228de0b6e75108b642b Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js	1.3 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2024-04-26 10:42:46 Times Seen8337 Hash 4412bf8023109ee9eb1f1f226d391329 c273960aa874a87dd022b5e597887142f1b8e34f d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6 Loading...

	tzegilo.com/stattag.js	17 kB	2023-03-13	2023-03-14
Pretty URL tzegilo.com/stattag.js IP 172.64.104.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:57:04 Last Seen2023-03-14 07:35:08 Times Seen1 Hash 0576b696d0d93d3d09a14184fd321641 54ae6d8827838d84d082db92a01fe8534c6f3782 a79a9f73119b87e83d5762597cd84b735e443825d2e320e8f55693843ae5bacc Loading...

	contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU7BC15F&https=1&itype=CM	15 kB	2023-03-13	2023-03-14
Pretty URL contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU7BC15F&https=1&itype=CM IP 2.18.172.23 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:30:17 Last Seen2023-03-14 04:17:59 Times Seen1 Hash fd2a89764d09c35c83a049fe61c73c85 3623b7246540b53c3839530d5ccd19179f2e6bd1 d1f8124d040304fc7d76dbbe5ca8d5775d8fb210990f67dbb3b37618dc82a4ba Loading...

	download.oxy.st/slake/asset/js/jquery.mCustomScrollbar.concat.min.js	46 kB	2023-03-07	2024-04-20
Pretty URL download.oxy.st/slake/asset/js/jquery.mCustomScrollbar.concat.min.js IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:19 Last Seen2024-04-20 19:02:09 Times Seen19988 Hash 9df3cfdcc9b72f1aa24e2e114455ae7a e6ac207cdb6c4591f2d39f2a645f6dbf42534f89 5ab5f19f9bd4a4ddcf14235fc1684eefe7cfbfbc33f0a1fce661b13de43092be Loading...

	cdn.adlook.me/js/rlf.js	71 kB	2023-03-09	2023-03-29
Pretty URL cdn.adlook.me/js/rlf.js IP 92.223.126.57 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:57:24 Last Seen2023-03-29 23:33:16 Times Seen24 Hash 44e861d9732eee28700fd9b91bc53455 edf09e207b8093b2af6ec34c747c854d8f18374d 4a16bb79b3eb9420d0158bf8ebe6e0e544a826154155f26d2f434e90d25e5085 Loading...

	mediasama.com/starharem/01/s/js/main.js	1.3 kB	2023-03-07	2024-03-04
Pretty URL mediasama.com/starharem/01/s/js/main.js IP 149.56.38.113 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2024-03-04 05:36:19 Times Seen58 Hash dee042800157426b09099ecf3eb7d004 f0a082059f6f9174869ce1f52b7ee6423a311641 4bad52d0b87da525c7eefbc4bb92656abb89bb6bbec58c54848523ec7ae09587 Loading...

	download.oxy.st/d/yvPf	143 B	2023-03-13	2023-03-13
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash 97d9c6f6deb3edf5b31719edb61fbdf2 e48c63ec4b9eeacdef032c80d43b1e9da1cb443f aa5a9d918c0ff2307bef3fe29f1ce230fa57d0d79708aec3aeae7d2561ebb728 Loading...

	ads.themoneytizer.com/s/requestform.js?siteId=85433&formatId=2	136 kB	2023-03-13	2023-03-13
Pretty URL ads.themoneytizer.com/s/requestform.js?siteId=85433&formatId=2 IP 185.76.9.26 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash c420714228e902348bf33535bf30b6db 01afb96f17a1f3138edb226dcda6233753df3a0d 43bb53a5d14016dbffed132b952d93dbe6d5ae23f3f2d76694c864734f2df707 Loading...

	mediasama.com/starharem/01/s/index_rt.html	1.5 kB	2023-03-07	2023-04-05
Pretty URL mediasama.com/starharem/01/s/index_rt.html IP 149.56.38.113 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:04 Last Seen2023-04-05 01:59:44 Times Seen2 Hash 4d9b111ab737a0a624f183fabc53f9e0 8f00b34fb084ab6d382adf2eaf39ce63d6c0a485 69e434a040e615971563c02e2d45d52b362510ba6131141e72f60f9208564a51 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js	86 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-26 07:21:07 Times Seen22768 Hash d0212568ce69457081dacf84e327fa5c d6702a1af0378b2342f6a0692e77c169f580aed7 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=download.oxy.st#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:%22A-nmGF9WUnd0RFhDS2pwVSUyRm10WmRtZHJsVmxsRkF6aHp3ckI1SHVEJTJGWDJwYTlqM04xT2VPQUFmYWdZTEs3TzZCTFF4R2FnRFNIYzg5V2FhWklVSTFuWWNkUHF6UCUyQlVINzhnUm45NVYzR1B2Z3NoVSUzRA%22,%22origin%22:3%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22oxy.st%22,%22topUrl%22:%22download.oxy.st%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:147,%22requestId%22:%220.7925633216587376%22%7D	418 B	2023-03-07	2023-04-01
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=download.oxy.st#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:%22A-nmGF9WUnd0RFhDS2pwVSUyRm10WmRtZHJsVmxsRkF6aHp3ckI1SHVEJTJGWDJwYTlqM04xT2VPQUFmYWdZTEs3TzZCTFF4R2FnRFNIYzg5V2FhWklVSTFuWWNkUHF6UCUyQlVINzhnUm45NVYzR1B2Z3NoVSUzRA%22,%22origin%22:3%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22oxy.st%22,%22topUrl%22:%22download.oxy.st%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:147,%22requestId%22:%220.7925633216587376%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-04-01 10:34:33 Times Seen447 Hash 755b312976dc0edb23fa08bed999c482 6685710ba04dc63e4122ec3ce89f3adfe479adf4 663197a6a8353d989cdc65d4f3112e425a00839c85a3fde99bbe451a9c604a6f Loading...

	p.cpx.to/p/12771/px.js	2.0 kB	2023-03-08	2023-05-09
Pretty URL p.cpx.to/p/12771/px.js IP 18.203.96.189 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:47:35 Last Seen2023-05-09 18:09:53 Times Seen100 Hash a667f26d4e73b4b5098a9c9637d3d29f 83d9b753da4c51039a689bc67956f7f9997854cc a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6 Loading...

	nanouwho.com/1?z=5630103	18 kB	2023-03-13	2023-03-13
Pretty URL nanouwho.com/1?z=5630103 IP 139.45.197.242 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash f0b123fb53027177087667fc2d284a0d 3e3a8a1b27a013a0f53bde4d9d6d83c211ac0230 e6ebe3c30ac70a2d8dbf7dfecadd90726bae1f9dbeeae786fe5ed7a493538b2a Loading...

	download.oxy.st/slake/asset/js/plugins.js	339 kB	2023-03-08	2024-04-20
Pretty URL download.oxy.st/slake/asset/js/plugins.js IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:10:53 Last Seen2024-04-20 19:02:09 Times Seen9598 Hash 132e96f62255f4daf2aff234f50912c2 62bbe81f1a3c0babfc39e2c3abf6d5687f3493f6 07174a0088fe0b461713a172e371e448f3d8eef64886d3e2f04a2e178073f6ad Loading...

	download.oxy.st/d/yvPf	497 B	2023-03-07	2023-04-05
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2023-04-05 01:55:46 Times Seen28 Hash a010578715b1a87b2eb9cddffb170a90 a086b82341838ebecf514fac053023fa34b861a4 ccbe2ad7cc0e6e2882a8221b456efd5acc6ea52f922b0c8ffb6e965222df60da Loading...

	download.oxy.st/d/yvPf	102 kB	2023-03-13	2023-03-14
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:15:06 Last Seen2023-03-14 05:20:20 Times Seen1 Hash e0abdbf1baa12630b698c7123270447e b046d1b2e37a1fe9d6b38b252b31fdd1d10b4d1b f5e055cf89cd683ebd6c951e0f0c7c556a6d346d8f6833340f3e87bff51a861b Loading...

	contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU7BC15F&cpcd=AsZK00HS1DbaKD6Sqj_EvA%3D%3D&crid=468178560&size=300x250&cc=NO&https=1&vif=1&requrl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&nse=5&vi=1675894333493497303&ugd=4&sff=0&pgid=p0733295009t202302082213&nb=1	550 B	2023-03-13	2023-03-13
Pretty URL contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU7BC15F&cpcd=AsZK00HS1DbaKD6Sqj_EvA%3D%3D&crid=468178560&size=300x250&cc=NO&https=1&vif=1&requrl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&nse=5&vi=1675894333493497303&ugd=4&sff=0&pgid=p0733295009t202302082213&nb=1 IP 2.18.172.23 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash f319ee0ce598e2d155795064f4317fe3 7c07ab5bdd5111cdbf63b81e83b735e956f737b6 49f4d396c66298b86638d3ee6410146fff7f56f4d097ba0737899db72a518d2d Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=download.oxy.st#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:%22A-nmGF9WUnd0RFhDS2pwVSUyRm10WmRtZHJsVmxsRkF6aHp3ckI1SHVEJTJGWDJwYTlqM04xT2VPQUFmYWdZTEs3TzZCTFF4R2FnRFNIYzg5V2FhWklVSTFuWWNkUHF6UCUyQlVINzhnUm45NVYzR1B2Z3NoVSUzRA%22,%22origin%22:3%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22oxy.st%22,%22topUrl%22:%22download.oxy.st%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:147,%22requestId%22:%220.7925633216587376%22%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=download.oxy.st#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:%22A-nmGF9WUnd0RFhDS2pwVSUyRm10WmRtZHJsVmxsRkF6aHp3ckI1SHVEJTJGWDJwYTlqM04xT2VPQUFmYWdZTEs3TzZCTFF4R2FnRFNIYzg5V2FhWklVSTFuWWNkUHF6UCUyQlVINzhnUm45NVYzR1B2Z3NoVSUzRA%22,%22origin%22:3%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22oxy.st%22,%22topUrl%22:%22download.oxy.st%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:147,%22requestId%22:%220.7925633216587376%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	download.oxy.st/d/yvPf	143 B	2023-03-07	2024-04-22
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:39:10 Last Seen2024-04-22 02:02:22 Times Seen9903 Hash 0e1ffe876425e6a6b54c517119ca9ec2 fe778fd505adb0f26552512e719c838f9df041fe b865ee6df9893808db5cca02720d02220c2c9c0259f249fa010495641dbcdf5e Loading...

	download.oxy.st/slake/asset/js/main.js	8.7 kB	2023-03-08	2024-04-20
Pretty URL download.oxy.st/slake/asset/js/main.js IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:10:53 Last Seen2024-04-20 19:02:09 Times Seen19332 Hash 86fe5c70d7107cc8ab30e192072ac15d 15cd81d73ddec861349d2f1b2d4cf10eaefa9373 b1de65cb0d3a28aeed81012371764b92d0ac30077edb2d768dfdfd8640cfc7c1 Loading...

	download.oxy.st/d/yvPf	965 B	2023-03-09	2023-04-01
Pretty URL download.oxy.st/d/yvPf IP 185.178.208.137 ASN #57724 Ddos-guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 22:57:24 Last Seen2023-04-01 10:27:01 Times Seen23 Hash 1f2af4be15233c94732028f340908a41 6953d65533d246e0ce4d9d98973f68b9e2a0152b 5290521804727a0a6e618b6f9a515c04894358401f6b9356c9e1f48ab9ab7c6e Loading...

	inklinkor.com/tag.min.js	75 kB	2023-03-13	2023-03-13
Pretty URL inklinkor.com/tag.min.js IP 104.21.91.63 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:45:38 Last Seen2023-03-13 20:29:22 Times Seen1 Hash 6314812a5d32f0b79286e144355e2605 3a0f27e5fac22f3b0cac3890e3c4ccc15fd0a92d d566c4cd4cc00f272aadd4570c7db34f7f0a9c446400340c040fac497f8f7a77 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 745f73ff18a5a343736fd5e84209901f	81 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash 745f73ff18a5a343736fd5e84209901f 61c871aa80bb4b94e12305778a5ae5f1715c0538 ec914d3dc84286a5b15584b2d4453554ec5ebe2de0064b21414c65c457fd474b Loading...

		Size	First Seen	Last Seen
	#1 Write - 763f7f1aec350cd1a46238d1d5c3c229	7 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-26 06:16:51 Times Seen1024 Hash 763f7f1aec350cd1a46238d1d5c3c229 b4ee6522335b033249255b4cc1d572993282aafb 2f26233595d165e6868c5bb9e5e835506039e72c61a36a1bafb0827abfe746a5 Loading...

	#2 Write - 3c5f201cdff72147c337fed127eb256d	308 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash 3c5f201cdff72147c337fed127eb256d f788ad21999cb8a66fa397134c8b69b80fd936b6 89a2336936e115459cb1a9581d7b55e23a45b15a73c1317c0d83be65f59ad0de Loading...

	#3 Write - 6eef470ad08d64d5eb19252adcd9a416	340 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 19:57:08 Last Seen2023-03-13 19:57:08 Times Seen1 Hash 6eef470ad08d64d5eb19252adcd9a416 61ffd9c089128ccef2eb24fe4b79aa4732384990 b07f8ce35eaa2b35747f68deed91574093e0061e4e4eb6c8004de3074d86dd44 Loading...

	#4 Write - ce6bffe55ce28b1e6ed9b06677acb502	298 B	2023-03-08	2023-04-30
Pretty Observations First Seen2023-03-08 16:10:53 Last Seen2023-04-30 21:31:06 Times Seen51 Hash ce6bffe55ce28b1e6ed9b06677acb502 73d0b9c700d603484dbe5447e3f95de8ba81b939 3f853347836c2f4e3f50a468fd03c0d34b1376dd0d9de42e26ae76a5f59497dd Loading...

HTTP Transactions (182)

URL IP Response Size

download.oxy.st/d/yvPf/2/c8711980fa285d1d428cf84f60663a75

185.178.208.137

301 Moved Permanently

568 B

URL HTTP/1.1
download.oxy.st/d/yvPf/2/c8711980fa285d1d428cf84f60663a75
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Size
568 B (568 bytes)
Hash
2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee

HTTP Headers

GET /d/yvPf/2/c8711980fa285d1d428cf84f60663a75 HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Wed, 08 Feb 2023 22:12:10 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://download.oxy.st/d/yvPf/2/c8711980fa285d1d428cf84f60663a75
Content-Type: text/html; charset=utf8
Content-Length: 568

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17774
Expires: Thu, 09 Feb 2023 03:08:24 GMT
Date: Wed, 08 Feb 2023 22:12:10 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14130
Expires: Thu, 09 Feb 2023 02:07:40 GMT
Date: Wed, 08 Feb 2023 22:12:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 21:34:13 GMT
content-type: application/json
age: 2277
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13380
Expires: Thu, 09 Feb 2023 01:55:10 GMT
Date: Wed, 08 Feb 2023 22:12:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: yHirCzDNevTsxCw9MuBSCqG0p9uqtF0TwywwakYqsOpkpXgTZqa8ktmkmgDFuEq4mNLfXZBV5rY=
x-amz-request-id: 2KDPBNEGR57EJ1TJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 21:46:07 GMT
age: 1563
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b79ea27e773b0d1fad03fe83c1b1977c
c1f8045656d7b3d916f55dbbb1ea7b5b91935e09
8fa9a878919bd3cd3ca4383e863257fe5ba61ff97807a6672f23c6f4202022bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FA9A878919BD3CD3CA4383E863257FE5BA61FF97807A6672F23C6F4202022BD"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19266
Expires: Thu, 09 Feb 2023 03:33:16 GMT
Date: Wed, 08 Feb 2023 22:12:10 GMT
Connection: keep-alive

download.oxy.st/d/yvPf/2/c8711980fa285d1d428cf84f60663a75

185.178.208.137

302 Found

329 B

URL HTTP/2
download.oxy.st/d/yvPf/2/c8711980fa285d1d428cf84f60663a75
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
data
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /d/yvPf/2/c8711980fa285d1d428cf84f60663a75 HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 22:12:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; Domain=.oxy.st; HttpOnly; Path=/; Expires=Thu, 08-Feb-2024 22:12:10 GMT
PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0; path=/; domain=.oxy.st
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: /d/yvPf
access-control-allow-origin: *
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/css/jquery.mCustomScrollbar.min.css

185.178.208.137

200 OK

4.0 kB

URL HTTP/2
download.oxy.st/slake/asset/css/jquery.mCustomScrollbar.min.css
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (42894), with no line terminators
Size
4.0 kB (3950 bytes)
Hash
a6ffd799664bd950121e2e9f0d9b2667
88af5ed7d6e3ed43ee0ec21fb314e03fb07867f0
de088565a1c5910a1c409bf3ec676c5d0c7c1304a18c744b46771c09fa6bdcad

HTTP Headers

GET /slake/asset/css/jquery.mCustomScrollbar.min.css HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 15:04:03 GMT
content-type: text/css
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 3950
ddg-cache-status: HIT,HIT
etag: W/"5eefbeb2-a78e"
age: 371288
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2469
Expires: Wed, 08 Feb 2023 22:53:20 GMT
Date: Wed, 08 Feb 2023 22:12:11 GMT
Connection: keep-alive

download.oxy.st/slake/asset/css/elements.css?1

185.178.208.137

200 OK

24 kB

URL HTTP/2
download.oxy.st/slake/asset/css/elements.css?1
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (460), with CRLF line terminators
Size
24 kB (24208 bytes)
Hash
82db06ca267ac7fdd878a1df35f41f4e
9dae7f1ae60d7b83dbdada64fd1b4296f8f20051
3847721350fd764d4d21cb4d2e02ab95c4ccdaa9d8ffefeb6f1078bf169ac6fb

HTTP Headers

GET /slake/asset/css/elements.css?1 HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 14:50:47 GMT
content-type: text/css
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 24208
ddg-cache-status: HIT,HIT
etag: "5eefbeb2-2fbea"
age: 372084
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b8ad5b23aac490c2e9ccbac5a9dbcc6b
ef73076be963061b44563356cb33201e401f65e8
92d2469a14b9fe0eb637029f9f2782228441a65c44feb1a37b73ccc606e2b55d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2988
Cache-Control: max-age=169361
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Etag: "63e40520-117"
Expires: Fri, 10 Feb 2023 21:14:52 GMT
Last-Modified: Wed, 08 Feb 2023 20:25:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

download.oxy.st/slake/style.css?ver=6

185.178.208.137

200 OK

24 kB

URL HTTP/2
download.oxy.st/slake/style.css?ver=6
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
24 kB (24360 bytes)
Hash
cd7b3e4dfecea7028bc1bdeda5a47477
5c37dcaa4ed3c2a4051e4dc1714a342ac0de8365
4d401337713e7f1c9f6588f8f7d79721e531c837b5f2f73c0b3cb372fd8f9b87

HTTP Headers

GET /slake/style.css?ver=6 HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 15:04:03 GMT
content-type: text/css
last-modified: Fri, 18 Dec 2020 20:37:06 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 24360
ddg-cache-status: HIT,HIT
etag: W/"5fdd12f2-2a549"
age: 371288
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

download.oxy.st/slake/cookie.css?ver=6

185.178.208.137

200 OK

299 B

URL HTTP/2
download.oxy.st/slake/cookie.css?ver=6
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
299 B (299 bytes)
Hash
6d5f76f4027c2e9a60d78a83f4b952cd
b4ae6d8509643916be8eff3979acec375867708b
2338311f30dadbc2bffe2bdbfdd100c148e8fe4cb50ca669c7ff602a9c206f94

HTTP Headers

GET /slake/cookie.css?ver=6 HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 11:14:36 GMT
content-type: text/css
last-modified: Mon, 15 Feb 2021 21:38:28 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: W/"602ae9d4-224"
age: 385055
content-length: 299
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

104.17.24.14

200 OK

591 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1266)
Size
591 B (591 bytes)
Hash
414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3

HTTP Headers

GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8488224
expires: Mon, 29 Jan 2024 22:12:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY5ZWZj2Fmx6WJ0R75elv%2F8lfkhtHyqiQiOeu8ZTCQFTEfNBZ0hrwpSDn40Hfv%2BqdFzjWA1Hg9N07ee0NkV%2BH1M5lVgAqNAibT2x8A34mxiYFPhrKB6wBbg%2F2VmCEnn0mvy7KQMY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7967b491c82efac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

download.oxy.st/img/oxy-logo.svg

185.178.208.137

200 OK

3.2 kB

URL HTTP/2
download.oxy.st/img/oxy-logo.svg
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1126)
Size
3.2 kB (3204 bytes)
Hash
4dbb074be70991a358f914be3c00ad99
5f699e31b76bcb7e69fc4478a04b73b3df0e855a
9531a716a5007ddfc819613ec77f883ba963578d699f824034b4962f8221b8bf

HTTP Headers

GET /img/oxy-logo.svg HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 30 Jan 2023 10:11:42 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Feb 2021 01:25:02 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
etag: "602c706e-2019"
age: 820829
content-length: 3204
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

download.oxy.st/slake/responsive.css?ver=5

185.178.208.137

200 OK

12 kB

URL HTTP/2
download.oxy.st/slake/responsive.css?ver=5
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text
Size
12 kB (11872 bytes)
Hash
c9887952027ae1466ab90ba9dcd23ce3
0afb76db6c9644265da1820da0afe7aaef448e53
f16e171dae88fb2e1970604b6152409551d184fb1977a2668dd19f36dc0ab338

HTTP Headers

GET /slake/responsive.css?ver=5 HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 15:04:03 GMT
content-type: text/css
last-modified: Sun, 21 Jun 2020 22:27:36 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 11872
ddg-cache-status: HIT,HIT
etag: "5eefded8-135c7"
age: 371288
X-Firefox-Spdy: h2

download.oxy.st/css/cloud.css

185.178.208.137

200 OK

9.2 kB

URL HTTP/2
download.oxy.st/css/cloud.css
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (14454)
Size
9.2 kB (9206 bytes)
Hash
0517562cc81de376b3c1fee3e8bef414
80df32c8b71549b0253cce1b47fe13d82fc1b604
184ccb46109faef0678ef3a603a551e55d3f9ff74a200ebeaba2c23655e52c8a

HTTP Headers

GET /css/cloud.css HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 12:34:11 GMT
content-type: text/css
last-modified: Sun, 21 Jun 2020 20:10:25 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 9206
ddg-cache-status: HIT,HIT
etag: "5eefbeb1-d024"
age: 34680
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/css/bootstrap.min.css

185.178.208.137

200 OK

20 kB

URL HTTP/2
download.oxy.st/slake/asset/css/bootstrap.min.css
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (65325)
Size
20 kB (20483 bytes)
Hash
4588208961b6b7ed6cd974687346348a
52085a4f6c875b6949261704f05050c1727e9c55
95a95b07b4e0d051f83a51b680810572bd1244b42cb6e640d3b29b98f3e92885

HTTP Headers

GET /slake/asset/css/bootstrap.min.css HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 14:05:40 GMT
content-type: text/css
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 20483
ddg-cache-status: HIT,HIT
etag: "5eefbeb2-235ed"
age: 374791
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/slice_white.png

185.178.208.137

200 OK

6.1 kB

URL HTTP/2
download.oxy.st/slake/asset/slice_white.png
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 201 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
6.1 kB (6078 bytes)
Hash
946ed1d2bd247854fa58e938de28ee95
883cda7ee0087e29a32f07b6c8ead3e8df5db738
bfe6c8b9cf34578f573091bb118f86a10b918b7d530b25107648f12158759e85

HTTP Headers

GET /slake/asset/slice_white.png HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 03 Feb 2023 15:02:00 GMT
content-type: image/png
content-length: 6078
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
access-control-allow-origin: *
accept-ranges: bytes
etag: "5eefbeb2-17be"
age: 457811
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/js/main.js

185.178.208.137

200 OK

1.8 kB

URL HTTP/2
download.oxy.st/slake/asset/js/main.js
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (368)
Size
1.8 kB (1840 bytes)
Hash
76d3c4da3644ed1684ed54ff59305a5a
3e03f21e8af17de66be1aa22a6f952c000fbcc70
adc0957a4224cf75ae632338e6e52591d0552189b8ba1a4e7f19885405dfc2f8

HTTP Headers

GET /slake/asset/js/main.js HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 07 Feb 2023 16:21:50 GMT
content-type: application/javascript
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 1840
ddg-cache-status: HIT,HIT
etag: W/"5eefbeb2-2210"
age: 107421
X-Firefox-Spdy: h2

download.oxy.st/images/sprite3.png

185.178.208.137

200 OK

2.1 kB

URL HTTP/2
download.oxy.st/images/sprite3.png
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 124 x 49, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2059 bytes)
Hash
b08166a270b58c28d429bf2f9ffece6c
91dab55cbe8c802a7c56cd9d2ffaee9ccea4a49f
a21a9fa89fb6dd8c8e84907a99b0374abdf641c71c55e0283b7758e8f2a12507

HTTP Headers

GET /images/sprite3.png HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 07 Feb 2023 19:18:27 GMT
content-type: image/png
content-length: 2059
last-modified: Sun, 27 Mar 2022 20:43:28 GMT
access-control-allow-origin: *
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "6240cc70-80b"
age: 96824
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/js/ajax-mail.js

185.178.208.137

200 OK

544 B

URL HTTP/2
download.oxy.st/slake/asset/js/ajax-mail.js
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with CRLF line terminators
Size
544 B (544 bytes)
Hash
4eb7582278a2e3748b9017bb83307caf
93c419ea8637148be2192bfa8068ed8009e3add7
59ccbe475f369df6e9daf6480deb023a38b4fc29016142e062f76f4218f66abc

HTTP Headers

GET /slake/asset/js/ajax-mail.js HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 11:09:33 GMT
content-type: application/javascript
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "5eefbeb2-683"
age: 385358
content-length: 544
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/js/ajax-subscribe.js

185.178.208.137

200 OK

635 B

URL HTTP/2
download.oxy.st/slake/asset/js/ajax-subscribe.js
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with CRLF line terminators
Size
635 B (635 bytes)
Hash
574b8cde44d6b421cd12af0df0cca335
7dbd98f2d7925795343e8b8a3fc0c91ba496f526
035c75b2646589e751a275f3469f1e53b5e9c55cff4f0b3d3cbdfbb248aef9c2

HTTP Headers

GET /slake/asset/js/ajax-subscribe.js HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 11:09:33 GMT
content-type: application/javascript
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: W/"5eefbeb2-595"
age: 385358
content-length: 635
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/js/bootstrap.min.js

185.178.208.137

200 OK

13 kB

URL HTTP/2
download.oxy.st/slake/asset/js/bootstrap.min.js
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (48664)
Size
13 kB (13046 bytes)
Hash
061a1656d3064d501413d45bef002938
1fec864435f996d6f5cec2f95b9b24cafef0b182
a7b82b175ee2cb823d904fc89454e91e6e92c91f91c0de1663d54e62bf3cc6e1

HTTP Headers

GET /slake/asset/js/bootstrap.min.js HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 05 Feb 2023 15:51:05 GMT
content-type: application/javascript
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
etag: W/"5eefbeb2-bf30"
access-control-allow-origin: *
content-encoding: gzip
age: 282066
content-length: 13046
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/js/jquery.mCustomScrollbar.concat.min.js

185.178.208.137

200 OK

13 kB

URL HTTP/2
download.oxy.st/slake/asset/js/jquery.mCustomScrollbar.concat.min.js
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (32001), with CRLF line terminators
Size
13 kB (12929 bytes)
Hash
112891904d2ce52d072013c5e993463a
4cca8f66204463d7dc6f9f6819e3ebbd0636f5b1
d58c3c940e6ac6a2587c3d28ef50dd9dc6f20ea23c213ac5ff75419656fd3291

HTTP Headers

GET /slake/asset/js/jquery.mCustomScrollbar.concat.min.js HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 31 Jan 2023 23:03:56 GMT
content-type: application/javascript
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
etag: W/"5eefbeb2-b1ab"
access-control-allow-origin: *
content-encoding: gzip
age: 688096
content-length: 12929
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/js/jquery.min.js

185.178.208.137

200 OK

30 kB

URL HTTP/2
download.oxy.st/slake/asset/js/jquery.min.js
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
ASCII text, with very long lines (65451)
Size
30 kB (30285 bytes)
Hash
28198fab85f1ac98f664600f670ba43d
ee0dd46d793071270130c08412258d8c32194a32
81bd52c3dd2417f30deadecbe5412bed404a86e05233b7b7ba6b7e8f682b5b49

HTTP Headers

GET /slake/asset/js/jquery.min.js HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 01 Feb 2023 07:30:17 GMT
content-type: application/javascript
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 30285
ddg-cache-status: HIT,HIT
etag: "5eefbeb2-1538e"
age: 657714
X-Firefox-Spdy: h2

download.oxy.st/images/ltd.svg

185.178.208.137

200 OK

20 kB

URL HTTP/2
download.oxy.st/images/ltd.svg
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (50102)
Size
20 kB (19700 bytes)
Hash
d37ece4290313a264b5e235c0dadf2fb
9ae09bed58122b3d3c4914c45e682dce63993e14
e08d9d0fd918211315836b13807379efdf0a22ac163c96f96c5a14d1212781bd

HTTP Headers

GET /images/ltd.svg HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 31 Jan 2023 22:14:05 GMT
content-type: image/svg+xml
last-modified: Fri, 20 Nov 2020 00:55:29 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 19700
ddg-cache-status: HIT,HIT
etag: "5fb71401-c420"
age: 691086
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b8ad5b23aac490c2e9ccbac5a9dbcc6b
ef73076be963061b44563356cb33201e401f65e8
92d2469a14b9fe0eb637029f9f2782228441a65c44feb1a37b73ccc606e2b55d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2988
Cache-Control: max-age=169361
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Etag: "63e40520-117"
Expires: Fri, 10 Feb 2023 21:14:52 GMT
Last-Modified: Wed, 08 Feb 2023 20:25:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1acb10f2d928fc12b6dc86e08f69c6e8
d825c8a501f070bdbc9c2338b345b32109b50d76
6f88e6d99b738f86acd708c2e16de71a57543087520947db23a9d2581207df68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4133
Cache-Control: max-age=161853
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Etag: "63e3e353-116"
Expires: Fri, 10 Feb 2023 19:09:44 GMT
Last-Modified: Wed, 08 Feb 2023 18:00:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
bc87c517a242638d0f4d1239dc42f3b5
0787c5fc41c56c8fc0e919df5fa6f995f3add681
ffd2d6dcc9eb8de03ca1d322dffdb29bc10a1d887cd425debcd6a9e682917182

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 04:59:12 GMT
Expires: Wed, 15 Feb 2023 04:59:11 GMT
Etag: "0787c5fc41c56c8fc0e919df5fa6f995f3add681"
Cache-Control: max-age=542219,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967b4930ec4b509-OSL

download.oxy.st/slake/asset/img/bg/flake-slider-header.jpg

185.178.208.137

200 OK

32 kB

URL HTTP/2
download.oxy.st/slake/asset/img/bg/flake-slider-header.jpg
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x824, components 3\012- data
Size
32 kB (31870 bytes)
Hash
8e2a0e56ae25b282b437f9d5bd300d96
5d4ba26731ee84ba9bbc5487312162b826ede550
b48a7837a73459a7d6f545cb45a810533d9bf006a54077b2ca3bd62dd6f6315d

HTTP Headers

GET /slake/asset/img/bg/flake-slider-header.jpg HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 02 Feb 2023 10:08:57 GMT
content-type: image/jpeg
content-length: 31870
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
access-control-allow-origin: *
accept-ranges: bytes
etag: "5eefbeb2-7c7e"
age: 561794
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/fonts/themify--fvbane.woff

185.178.208.137

200 OK

56 kB

URL HTTP/2
download.oxy.st/slake/asset/fonts/themify--fvbane.woff
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
Web Open Font Format, CFF, length 56108, version 1.0\012- data
Size
56 kB (56108 bytes)
Hash
a1ecc3b826d01251edddf29c3e4e1e97
9394f35bd2addd24666b79bfc36d4f9d247cb01d
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

HTTP Headers

GET /slake/asset/fonts/themify--fvbane.woff HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://download.oxy.st/slake/asset/css/elements.css?1
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 30 Jan 2023 11:54:45 GMT
content-type: font/woff
content-length: 56108
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
etag: "5eefbeb2-db2c"
access-control-allow-origin: *
accept-ranges: bytes
age: 814647
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6be728d7452575cca3126147cbeff312
eba5640777f43c8bc67d6d2ac95c030e4bf62df1
5301d3eacf8d5beeee78c0e70c03727413bd10322a6df95c35245c32508acf63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5301D3EACF8D5BEEEE78C0E70C03727413BD10322A6DF95C35245C32508ACF63"
Last-Modified: Tue, 07 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1947
Expires: Wed, 08 Feb 2023 22:44:38 GMT
Date: Wed, 08 Feb 2023 22:12:11 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.adlook.me/js/rlf.js

92.223.126.57

200 OK

19 kB

URL HTTP/2
cdn.adlook.me/js/rlf.js
IP
92.223.126.57:0
ASN
#199524 G-Core Labs S.A.

File type
Unicode text, UTF-8 text, with very long lines (65509), with no line terminators
Size
19 kB (19276 bytes)
Hash
4753bd99e680f991e358fcfc5956d348
f7506e35d1e97953351bacf094278a919dd2d5e9
417b57437a57fdbfdbe26fb8e676b6936d868f23f5aa5ca587811aa01ce9d03f

HTTP Headers

GET /js/rlf.js HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: application/javascript,application/javascript;charset=utf-8
content-length: 19276
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 11:05:17 GMT
etag: "8054b6f2abfd91:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2023-02-08T22:06:59+00:00
x-id: am3-up-gc95
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.81.123.193

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.81.123.193:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IQE2W9y1pcyA8GiwP2JNOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FC83IOWVjPbhghwliW1Gw9HTPa0=

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1acb10f2d928fc12b6dc86e08f69c6e8
d825c8a501f070bdbc9c2338b345b32109b50d76
6f88e6d99b738f86acd708c2e16de71a57543087520947db23a9d2581207df68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4133
Cache-Control: max-age=161853
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Etag: "63e3e353-116"
Expires: Fri, 10 Feb 2023 19:09:44 GMT
Last-Modified: Wed, 08 Feb 2023 18:00:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

142.250.74.35

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21276, version 1.0\012- data
Size
21 kB (21276 bytes)
Hash
59c9b83cc112cf7eeb3bf7a5e96b21fe
771790b776b5e1bc3039c337024e400974184208
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 16:07:46 GMT
expires: Tue, 06 Feb 2024 16:07:46 GMT
cache-control: public, max-age=31536000
age: 194665
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8a30a6ae2cef598dfd5bd3b074d3f2ee
64309464184784c3c55065c480ae8336c779a922
71880971b5e8fc6e2397258d1ec74d64d042f6e802abfaba6314ed1001a59984

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Last-Modified: Wed, 08 Feb 2023 20:59:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279

whereres.com/api/scripts/mSetupWidget?id=363

88.208.46.156

200 OK

9.0 kB

URL HTTP/1.1
whereres.com/api/scripts/mSetupWidget?id=363
IP
88.208.46.156:0
ASN
#39572 DataWeb Global Group B.V.

File type
Unicode text, UTF-8 text, with very long lines (3565)
Size
9.0 kB (8982 bytes)
Hash
9c6d8fe1a69623dcc4c1948506d672af
b400e0ddf00fbbeed8a94c949165659d78714911
a5b9db9230019c2386cbd1bd2b8e193cd202b1f5558cc20a4a52058f79542c09

HTTP Headers

GET /api/scripts/mSetupWidget?id=363 HTTP/1.1
Host: whereres.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.27
Content-Encoding: gzip

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 486242
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
f889f88135a58ae1a45385a264c5e817
c469d7e8cf84a01eda8e58b96643f0f0047900c4
5f590eec65b4a1c21ebccfdadfb977deeae3e5ecc8d1cc008cb064a0f68d5717

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4370
Cache-Control: max-age=146637
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Etag: "63e3a6f6-139"
Expires: Fri, 10 Feb 2023 14:56:08 GMT
Last-Modified: Wed, 08 Feb 2023 13:43:18 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
27d218500c529e36f2357ce7df6bc917
d48387ced0a8e419f05509b55dc11d7ff49fb9f3
ef1c3c6d260553c6826890ee9971bf3dbd91c496e9e33f249d84926173f9f8b4

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:59:22 GMT
ETag: "d48387ced0a8e419f05509b55dc11d7ff49fb9f3"
Last-Modified: Wed, 08 Feb 2023 19:59:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2326
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967b4947ac4fac0-OSL

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
27d218500c529e36f2357ce7df6bc917
d48387ced0a8e419f05509b55dc11d7ff49fb9f3
ef1c3c6d260553c6826890ee9971bf3dbd91c496e9e33f249d84926173f9f8b4

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:59:22 GMT
ETag: "d48387ced0a8e419f05509b55dc11d7ff49fb9f3"
Last-Modified: Wed, 08 Feb 2023 19:59:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2326
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967b4948ad4fac0-OSL

download.oxy.st/slake/asset/img/bg/footer-bg.png

185.178.208.137

200 OK

75 kB

URL HTTP/2
download.oxy.st/slake/asset/img/bg/footer-bg.png
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 1920 x 890, 8-bit/color RGB, non-interlaced\012- data
Size
75 kB (74560 bytes)
Hash
ce2f90b81ee3a43f46c29223ad1d981b
b82b68c892bd7c8b0bf06a883f1bdcd8ca0121e5
7b5c7bc066eb345c6c48189f960ad13fac80add5b5769e2d7a1f59d82a382505

HTTP Headers

GET /slake/asset/img/bg/footer-bg.png HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/slake/style.css?ver=6
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 01 Feb 2023 15:39:30 GMT
content-type: image/png
content-length: 74560
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
access-control-allow-origin: *
accept-ranges: bytes
etag: "5eefbeb2-12340"
age: 628361
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675894387651

51.89.9.254

204 No Content

0 B

URL HTTP/2
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1675894387651
IP
51.89.9.254:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?pubId=2a897e3f18e6769&cb=1675894387651 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f55b5de2cbb8ea55ca6050eac7d60709
ea272902464e9037b143f5c6c0253ddc81a27a78
f815579266f5cc67502efd0d6db662a628185132945ab67fac4ebceda2506bee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F815579266F5CC67502EFD0D6DB662A628185132945AB67FAC4EBCEDA2506BEE"
Last-Modified: Mon, 06 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=286
Expires: Wed, 08 Feb 2023 22:16:57 GMT
Date: Wed, 08 Feb 2023 22:12:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7f32addc23634c5f55fdd92c9f6d11e8
76f1d272abe4599e132cdcda6211703574d34024
646dcc0838b646cf96a628ecf41b2a7ef50657868d2679c692984f82d046c9d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "646DCC0838B646CF96A628ECF41B2A7EF50657868D2679C692984F82D046C9D3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17458
Expires: Thu, 09 Feb 2023 03:03:09 GMT
Date: Wed, 08 Feb 2023 22:12:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd7ba8a5698924d1e2b8d4c626f03ddd
0a10aa0a67b9a5f07702a62f6447b71ca4442b82
2b8e027cab3c2e411876035f60d516d55c8f2afd4c5c7df1849a6eac4c6435bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B8E027CAB3C2E411876035F60D516D55C8F2AFD4C5C7DF1849A6EAC4C6435BC"
Last-Modified: Wed, 08 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12851
Expires: Thu, 09 Feb 2023 01:46:22 GMT
Date: Wed, 08 Feb 2023 22:12:11 GMT
Connection: keep-alive

yastatic.net/islands/_/TR2STky64Ra69XlYzqKN7cnjYfQ.woff2

178.154.131.217

200 OK

45 kB

URL HTTP/2
yastatic.net/islands/_/TR2STky64Ra69XlYzqKN7cnjYfQ.woff2
IP
178.154.131.217:0
ASN
#13238 YANDEX LLC

File type
Web Open Font Format (Version 2), TrueType, length 45100, version 1.0\012- data
Size
45 kB (45100 bytes)
Hash
e783c489351712fa80a7cb4206cffd02
4d1d924e4cbae116baf57958cea28dedc9e361f4
281e998fb084bbc3243914bfd01a00ef5cdbc847179c43106808821a6e0ae1a5

HTTP Headers

GET /islands/_/TR2STky64Ra69XlYzqKN7cnjYfQ.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: application/font-woff2
content-length: 45100
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "e783c489351712fa80a7cb4206cffd02"
expires: Fri, 09 Feb 2024 04:00:28 GMT
last-modified: Tue, 22 Jan 2019 17:07:25 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 0614cd21dd9ce1dc
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.adlook.me/u/cds.html

92.223.126.57

200 OK

1.4 kB

URL HTTP/2
cdn.adlook.me/u/cds.html
IP
92.223.126.57:0
ASN
#199524 G-Core Labs S.A.

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.4 kB (1439 bytes)
Hash
092b935eec2ba1199c03c1c856472e77
90d533fb895dda57fd0645cf484a4ecb7a64c344
8719a7a7e474f30d7a1d5dbf2ab97bbd73437c28ef567b410361540ad38c985e

HTTP Headers

GET /u/cds.html HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: text/html
content-length: 1439
last-modified: Thu, 06 Aug 2020 17:06:57 GMT
etag: "207a2dfe136cd61:0"
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2023-02-08T22:07:43+00:00
x-id: am3-up-gc95
accept-ranges: bytes
X-Firefox-Spdy: h2

yastatic.net/islands/_/KRBKbh7904nwfw8-FzDelXRpZ9o.woff2

178.154.131.217

200 OK

43 kB

URL HTTP/2
yastatic.net/islands/_/KRBKbh7904nwfw8-FzDelXRpZ9o.woff2
IP
178.154.131.217:0
ASN
#13238 YANDEX LLC

File type
Web Open Font Format (Version 2), TrueType, length 43112, version 1.0\012- data
Size
43 kB (43112 bytes)
Hash
f8883ab9c4a452a0bfe3c5cf9619db86
29104a6e1efdd389f07f0f3e1730de95746967da
427f528f5d190e0e3275d8a1fc40bad36fede3da064b33f29dc8fe6e614ff2f7

HTTP Headers

GET /islands/_/KRBKbh7904nwfw8-FzDelXRpZ9o.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.17.9
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: application/font-woff2
content-length: 43112
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "f8883ab9c4a452a0bfe3c5cf9619db86"
expires: Fri, 09 Feb 2024 03:57:51 GMT
last-modified: Tue, 22 Jan 2019 17:04:38 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 104f3f89f61a0a6d
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.adlook.me/css/rlf.css?1.4

92.223.126.57

200 OK

1.6 kB

URL HTTP/2
cdn.adlook.me/css/rlf.css?1.4
IP
92.223.126.57:0
ASN
#199524 G-Core Labs S.A.

File type
ASCII text, with very long lines (1612), with no line terminators
Size
1.6 kB (1612 bytes)
Hash
ebb99a8c16a4ad70389cc2e9306fa4b1
b926dbbe4d67d1a39e3a7b1f4ea992c41388067b
d1b01565ed50bb2012a6d2c9b409fa41752d6c3a30e735f9f7008b7f635a21f1

HTTP Headers

GET /css/rlf.css?1.4 HTTP/1.1
Host: cdn.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: text/css
content-length: 1612
last-modified: Mon, 11 Oct 2021 12:59:26 GMT
etag: "2fce1cd29fbed71:0"
x-powered-by: ASP.NET
cache: HIT
x-cached-since: 2023-02-08T22:04:41+00:00
x-id: am3-up-gc95
accept-ranges: bytes
X-Firefox-Spdy: h2

p.cpx.to/p/12771/px.js

18.203.96.189

200 OK

2.0 kB

URL HTTP/1.1
p.cpx.to/p/12771/px.js
IP
18.203.96.189:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1990), with no line terminators
Size
2.0 kB (1990 bytes)
Hash
a667f26d4e73b4b5098a9c9637d3d29f
83d9b753da4c51039a689bc67956f7f9997854cc
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6

HTTP Headers

GET /p/12771/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: max-age=2419200, public
content-type: application/javascript; charset=UTF-8
date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Length: 1990
Connection: keep-alive

c.tmyzer.com/c/?s=85433&f=2&fi=99

54.38.64.100

200 OK

0 B

URL HTTP/1.1
c.tmyzer.com/c/?s=85433&f=2&fi=99
IP
54.38.64.100:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/?s=85433&f=2&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:E6CB_36264064:01BB_63E41E3B_5F3D312:23B5E
X-IPLB-Instance: 24858

tag.leadplace.fr/libJsLP.js

145.239.193.51

200 OK

5.5 kB

URL HTTP/1.1
tag.leadplace.fr/libJsLP.js
IP
145.239.193.51:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
5.5 kB (5547 bytes)
Hash
a0c24f993bc0901cfe62d1e801cb2b45
7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

HTTP Headers

GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Mon, 18 Oct 2021 12:21:41 GMT
ETag: "616d66d5-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:0EDF_91EFC133:01BB_63E41E3B_6EABF8DC:10556
X-IPLB-Instance: 29923

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b67850e3b3e13edebbd556f007617b39
f87b768ae3edea0649975ffe2dde53507cf7ef9e
5d2f919c5deae902674f2fec6fde833cd1286566566f9c70c2779edd789d08fb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D2F919C5DEAE902674F2FEC6FDE833CD1286566566F9C70C2779EDD789D08FB"
Last-Modified: Tue, 07 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16156
Expires: Thu, 09 Feb 2023 02:41:27 GMT
Date: Wed, 08 Feb 2023 22:12:11 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
8e109baddb22b573a373457259aac9ac
f5f95ff6171d3cb8b274fa8c1eb361a98faaf423
f6d6b1beb6eb4837871a5b74c2f74ef9d1fc27b9f86b4eeba62c43cebf8914a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5327
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Last-Modified: Wed, 08 Feb 2023 20:43:24 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
8e109baddb22b573a373457259aac9ac
f5f95ff6171d3cb8b274fa8c1eb361a98faaf423
f6d6b1beb6eb4837871a5b74c2f74ef9d1fc27b9f86b4eeba62c43cebf8914a3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5327
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:11 GMT
Last-Modified: Wed, 08 Feb 2023 20:43:24 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314

id5-sync.com/api/config/prebid

162.19.138.118

200

134 B

URL HTTP/1.1
id5-sync.com/api/config/prebid
IP
162.19.138.118:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
134 B (134 bytes)
Hash
99be75395b3c89cdd6781761e5a85ad2
225a8b587c3545be2581aa9ac2b630b51679d7be
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

HTTP Headers

POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 08 Feb 2023 22:12:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload

tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&id=MTIZ

145.239.193.51

200 OK

0 B

URL HTTP/1.1
tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&id=MTIZ
IP
145.239.193.51:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wckr.php?ref=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&id=MTIZ HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5B5A2A9A:0EDF_91EFC133:01BB_63E41E3B_6EABF8E7:10556
X-IPLB-Instance: 29923

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9e3f9b56da1a35405f7a7626152dc4a6
b15efd9a0ad69b761c9269b196ed2d077f3ea804
5ec2e71db4e55997f9da77f19617acd56e0c75244323bdf3399390b1c00303e1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EC2E71DB4E55997F9DA77F19617ACD56E0C75244323BDF3399390B1C00303E1"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12862
Expires: Thu, 09 Feb 2023 01:46:33 GMT
Date: Wed, 08 Feb 2023 22:12:11 GMT
Connection: keep-alive

gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.oxy.st%2F&domain=download.oxy.st&cw=1&lsw=1

178.250.0.157

200 OK

853 B

URL HTTP/2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.oxy.st%2F&domain=download.oxy.st&cw=1&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type
data
Size
853 B (853 bytes)
Hash
52d4938d9e1dd2f2d85ecde0124ec670
b511a76e1b1c80cecf8db55cd94798bdf6c4c713
4c97db6916da12aa74bbca9e0d0ef68d6ad6e5baa69dbe1fa5206a8f27ad9cf8

HTTP Headers

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fdownload.oxy.st%2F&domain=download.oxy.st&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://download.oxy.st
server-processing-duration-in-ticks: 1031228
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322

63.32.219.30

200 OK

661 B

URL HTTP/1.1
s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322
IP
63.32.219.30:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (661), with no line terminators
Size
661 B (661 bytes)
Hash
8d58b5e34d8847a71ee626c4bf7842b2
0456e6181a5aeeff8151b64417f06d4db3ec186d
ea5a97a6be92b79c4d7cfd453b20e52cf691bc4c9f8f749fdda4acc60f2f21b2

HTTP Headers

GET /fire.js?pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:11 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 661
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
p3p: CP="NOI DEV ADM"
expires: Mon, 30 Jan 2023 15:29:25 UTC
set-cookie: cpSess=d75d1a4a605768d; Expires=Thu, 08 Feb 2024 22:12:11 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None

ads.adlook.me/vast?id=5344&w=1268&h=713&mult=1&rw=0&ref=&loc=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&top=&_ts=1675894388067

212.116.120.34

200 OK

2 B

URL HTTP/2
ads.adlook.me/vast?id=5344&w=1268&h=713&mult=1&rw=0&ref=&loc=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&top=&_ts=1675894388067
IP
212.116.120.34:0
ASN
#48096 Enterprise Cloud Ltd.

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /vast?id=5344&w=1268&h=713&mult=1&rw=0&ref=&loc=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&top=&_ts=1675894388067 HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=199da223a41d4a3ea4d42eb813084233; expires=Thu, 08 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
date: Wed, 08 Feb 2023 22:12:11 GMT
content-length: 2
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9c14e228f19415f2af825294ff401241
dabb4fa3c22980b27aa873fd8aa429366655c95e
df9ed274a8026ea08f348145695717b6f8a11fa8f3c14e60b30b4cd60f7e2fde

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF9ED274A8026EA08F348145695717B6F8A11FA8F3C14E60B30B4CD60F7E2FDE"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5259
Expires: Wed, 08 Feb 2023 23:39:50 GMT
Date: Wed, 08 Feb 2023 22:12:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f4007f5a7f8ae8f8f2a5512aeab92424
331c535bf6b89049136868d10ce149a14271a990
1fd8100e7ed65cfaa69fff725cae7b4d08b8ff29e70ec836193486dd02d86e6c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FD8100E7ED65CFAA69FFF725CAE7B4D08B8FF29E70EC836193486DD02D86E6C"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13082
Expires: Thu, 09 Feb 2023 01:50:14 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

mpraven.org/api/getslugv3?partner_apikey=fc637ad2fa123a2358df5768a2427c14&bl=0&raw=Discover%20new%20possibilities%20for%20%3Cspan%3E%20%242.70%2F5%20days%3C%2Fspan%3E&sourceURL=https%3A%2F%2Floader.oxy.st%2Fget%2F5884d751f177858378cd729afe2bd82e%2FWexsideCrack_1.zip&sourceName=WexsideCrack%20(1).zip&sourceIntro=&sourceNote=&priority=source&tag=&rnd=5a03dd2c0c735cf5ed592a66bf7bfe68&d=0&utm_content=&err=0&b=1&rfr=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf

88.208.5.115

200 OK

123 B

URL HTTP/1.1
mpraven.org/api/getslugv3?partner_apikey=fc637ad2fa123a2358df5768a2427c14&bl=0&raw=Discover%20new%20possibilities%20for%20%3Cspan%3E%20%242.70%2F5%20days%3C%2Fspan%3E&sourceURL=https%3A%2F%2Floader.oxy.st%2Fget%2F5884d751f177858378cd729afe2bd82e%2FWexsideCrack_1.zip&sourceName=WexsideCrack%20(1).zip&sourceIntro=&sourceNote=&priority=source&tag=&rnd=5a03dd2c0c735cf5ed592a66bf7bfe68&d=0&utm_content=&err=0&b=1&rfr=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf
IP
88.208.5.115:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
123 B (123 bytes)
Hash
efb61405f4c5a85fb52f61f358cf4cf0
fa27c3415f436fba7e38c79ad327d5809f875260
cdddfce64d8b8ef10f035600f0102ebf497f74560544d56d8a4c09799fc998d2

HTTP Headers

GET /api/getslugv3?partner_apikey=fc637ad2fa123a2358df5768a2427c14&bl=0&raw=Discover%20new%20possibilities%20for%20%3Cspan%3E%20%242.70%2F5%20days%3C%2Fspan%3E&sourceURL=https%3A%2F%2Floader.oxy.st%2Fget%2F5884d751f177858378cd729afe2bd82e%2FWexsideCrack_1.zip&sourceName=WexsideCrack%20(1).zip&sourceIntro=&sourceNote=&priority=source&tag=&rnd=5a03dd2c0c735cf5ed592a66bf7bfe68&d=0&utm_content=&err=0&b=1&rfr=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf HTTP/1.1
Host: mpraven.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 22:12:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-SF: ok
X-Slug: check SF
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Content-Encoding: gzip

my.rtmark.net/gid.js?userId=4cd5874d8fdd4d729cb4eaf2837e6ce5

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=4cd5874d8fdd4d729cb4eaf2837e6ce5
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
94adccf92a7aadc98cd39abc2f539953
8591cb944bfd7fad2bc835018eb4ed59e5a72930
ff134895c369c5350d2c2eed1a3205576ebc818779a38c8c70fb2674611ec01f

HTTP Headers

GET /gid.js?userId=4cd5874d8fdd4d729cb4eaf2837e6ce5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://download.oxy.st
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4cd5874d8fdd4d729cb4eaf2837e6ce5; expires=Thu, 08 Feb 2024 22:12:12 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b39e9b23d29a98eff34416a616ba37f5
bdc9129409a52c7da406b0a0bf6067b936a446dc
2329a603d135a67a020b3f1f94be7ffb9ad0b3afbd4a33a6e85d9ef1d053f4cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2329A603D135A67A020B3F1F94BE7FFB9AD0B3AFBD4A33A6E85D9EF1D053F4CD"
Last-Modified: Tue, 07 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13273
Expires: Thu, 09 Feb 2023 01:53:25 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
0fc3e2be9a02b14fdb24e92d26da8838
d55b2ea7ea9d97de65bd0833926173f205591b6e
55958bd04c967f293dd41c5f4cd5fc52eaaad9738af71c0910fad08b11996c24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3707
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:12 GMT
Last-Modified: Wed, 08 Feb 2023 21:10:25 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
233dd4c0e5587716dc0d454da5b8dace
e9c9b60a118eb2d85d48533329518ca9657c034a
0a886317a16976863a8b574b177145c7ad3d9ec1a775a4a7fc5a77209930e632

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A886317A16976863A8B574B177145C7AD3D9EC1A775A4A7FC5A77209930E632"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17867
Expires: Thu, 09 Feb 2023 03:09:59 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

lb.eu-1-id5-sync.com/lb/v1

162.19.138.83

200

33 B

URL HTTP/1.1
lb.eu-1-id5-sync.com/lb/v1
IP
162.19.138.83:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
f0dcd72bde7fde523c90a7229e8965eb
6f8bcdc318d23cc4d7214a40c859d6ec983a9bd7
f1e173f4d80eb1a8303d0717ade7e9af14df280c9eeb78095bd176fa8ad7f642

HTTP Headers

GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://download.oxy.st
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 08 Feb 2023 22:12:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
13360298b923fd906b4b624b0da766e6
7fed574e837cf690e6e472b7d0503d45ca1dc4c4
e6e705083473540b524a734b8d3dc3382e35d1dfd682ca3a05e1ed53dbb1866b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6E705083473540B524A734B8D3DC3382E35D1DFD682CA3A05E1ED53DBB1866B"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1141
Expires: Wed, 08 Feb 2023 22:31:13 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

dnacdn.net/dna

178.250.0.157

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=yUE6DF80M0RITmhlJTJCZkMwOUJGQlhaMUN2cyUyQnF2bnIyajRhVEhxZTByVFglMkZYcWt1SGklMkJkRDdiTnI0cUxTdGtzZmFpMnU; expires=Mon, 04 Mar 2024 22:12:12 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://download.oxy.st
server-processing-duration-in-ticks: 132608
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 18:52:41 GMT
expires: Tue, 06 Feb 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 184771
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ibrapush.com/zone?pub=0&zone_id=5630104&is_mobile=false&domain=download.oxy.st&var=&ymid=&var_3=

139.45.197.250

200 OK

705 B

URL HTTP/2
ibrapush.com/zone?pub=0&zone_id=5630104&is_mobile=false&domain=download.oxy.st&var=&ymid=&var_3=
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (704)
Size
705 B (705 bytes)
Hash
6c06cc9928faf120d82dadd02fa95693
9c125bf7e60bf9a24b1930f7ac07eb0f8b4c6dd3
52169d99021252e7886267012e55ea205545579fa875b3a36b6263e0da841f8e

HTTP Headers

GET /zone?pub=0&zone_id=5630104&is_mobile=false&domain=download.oxy.st&var=&ymid=&var_3= HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Origin: https://download.oxy.st
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: d3d3f40e238573997b33471aa4b112d2
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5164e65394d3992a5c0cb200ed7eb7d
4c0c637eaafd0c7199df68ce9ef47280c923657e
312e3529b379099b027cd28ad47aba6c68f9a87bc72ba27677c47dcb9b7365b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "312E3529B379099B027CD28AD47ABA6C68F9A87BC72BA27677C47DCB9B7365B3"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2323
Expires: Wed, 08 Feb 2023 22:50:55 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

id5-sync.com/g/v2/12.json

162.19.138.118

200

216 B

URL HTTP/1.1
id5-sync.com/g/v2/12.json
IP
162.19.138.118:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
216 B (216 bytes)
Hash
21fd551572d2ed6a95a15c6865582003
565c4060676719ee73f24c489143e7e8253045ff
b65ba5fa0cd5d7121e49fe88f78bebee7a62da180b14956d451922447e4fe150

HTTP Headers

POST /g/v2/12.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 287
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 08 Feb 2023 22:12:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload

tzegilo.com/stattag.js

172.64.104.21

200 OK

6.7 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
172.64.104.21:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17335), with no line terminators
Size
6.7 kB (6731 bytes)
Hash
a13bb28ed011c2b5fd0da3614fe159fd
33c2b209d249b8e86dcc13403788d891e9784f5c
435e1429b53f09b82577d8bccf74abe833a1d68d6d19f44ccf0af9b0182abc25

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:52 GMT
etag: W/"63dd36bc-43b7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wemfNvhLFgQXSJBS4Z%2F%2BMfKXDxCWNghad414LVo9Yc7rqwzhkC44rVc06Fw60VQ22%2BuN4y10v%2F4IS6%2FZy093C%2BMnxxBcFuu0Y9p4UZt4NxxB9TOXWNoAHwiWa86N2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967b498f8378880-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://download.oxy.st/
Origin: https://download.oxy.st
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Content-Type: application/json
Origin: https://download.oxy.st
Content-Length: 373
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a377abba7f5dd1280c0df91470017e5e
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

betotodilea.com/500/5630102?excludes=&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/5630102?excludes=&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/5630102?excludes=&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://download.oxy.st/
Origin: https://download.oxy.st
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://download.oxy.st
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

nanouwho.com/11?rnd=278334686&z=5630103&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&ruid=244287db-e1d4-4d25-966f-6b160ce8254f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=170

139.45.197.242

200 OK

0 B

URL HTTP/2
nanouwho.com/11?rnd=278334686&z=5630103&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&ruid=244287db-e1d4-4d25-966f-6b160ce8254f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=170
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /11?rnd=278334686&z=5630103&b=16466421&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&ruid=244287db-e1d4-4d25-966f-6b160ce8254f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=170 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Cookie: scm=1; OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5; oaidts=1675894332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://download.oxy.st
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 306d75d17292baa5592afd6c3f69c213
access-control-expose-headers: X-Sc
set-cookie: OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5; expires=Thu, 08 Feb 2024 22:12:12 GMT; secure; SameSite=None
oaidts=1675894332; expires=Thu, 08 Feb 2024 22:12:12 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

nanouwho.com/121?rnd=2394881015&z=5630103&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&bag=wyLK4bud9T-KLxZeyEKJiG4GTbs6IM1Q&ruid=244287db-e1d4-4d25-966f-6b160ce8254f

139.45.197.242

302 Found

0 B

URL HTTP/2
nanouwho.com/121?rnd=2394881015&z=5630103&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&bag=wyLK4bud9T-KLxZeyEKJiG4GTbs6IM1Q&ruid=244287db-e1d4-4d25-966f-6b160ce8254f
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /121?rnd=2394881015&z=5630103&b=16466421&c=6538593&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&bag=wyLK4bud9T-KLxZeyEKJiG4GTbs6IM1Q&ruid=244287db-e1d4-4d25-966f-6b160ce8254f HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5; oaidts=1675894332
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-length: 0
location: https://mediasama.com/starharem/01/s/index_rt.html
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 2846c288484f60b2cce211bef142440f
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18209
Expires: Thu, 09 Feb 2023 03:15:41 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18209
Expires: Thu, 09 Feb 2023 03:15:41 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

139.45.197.237

200 OK

1.6 kB

URL HTTP/2
betotodilea.com/500/5630102?excludes=&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
1.6 kB (1550 bytes)
Hash
ea8b6f53177e114fd1108b88df660c25
9ec3e8a9cdeebcabebecb10bd540144bff4fee32
225f178fb102844199b5aa33d203ddb7c7553ce4eb220467df2ff8abeb9dc2d8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5630102?excludes=&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Cookie: OAID=240561fdc29f43e1a4a5f13447e8ac0a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/javascript
x-trace-id: 04913e82daa00428f24f91a5383a3088
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://download.oxy.st
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5; expires=Thu, 08 Feb 2024 22:12:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18209
Expires: Thu, 09 Feb 2023 03:15:41 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6838 bytes)
Hash
4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KUNhk8O0jpb6OyjCo5RGruuV5633xiM-PBeb6c0BaJI8uFQ7Aflj2g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:53:58 GMT
age: 1094
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12401 bytes)
Hash
ed10868ea9554510e43f77dfb8c43877
df0d86c2c53bdec7b8935912e42dc7f82f87aa61
751e95e7dd20802cc4e0b6f208bf5559b0b73efd3ca22a9abafd86cf83ab6420

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc93fe33d-3033-473c-8315-95eb00ba319e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12401
x-amzn-requestid: 7bfa8a84-c348-4f55-8e8e-befcdd24f026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjPG-eIAMFccA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47a-06eedb3c7396825f77360755;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lXTMw2s8GxQtwjucvNYZeHL-i8ECHbdGThUV5_vn2mKEhArswcO3VA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:43:09 GMT
age: 1743
etag: "df0d86c2c53bdec7b8935912e42dc7f82f87aa61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6805 bytes)
Hash
c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 85975
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11205 bytes)
Hash
aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 14:35:48 GMT
age: 27384
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

download.oxy.st/sw.js

185.178.208.137

200 OK

12 kB

URL HTTP/2
download.oxy.st/sw.js
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
data
Size
12 kB (11925 bytes)
Hash
a40c17da28af5dc688945e2cc17aea14
90c443cbc8c704e27b48bba20f950c1c4a55bb20
4774c20670bcb304282c0e42762999e4522c7a46fcc35b02ca14ec71939cb945

HTTP Headers

GET /sw.js HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/d/yvPf
Connection: keep-alive
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0; _pbjs_userid_consent_data=3524755945110770; sharedid=c9439ed0-096d-486f-8513-d6af464e3353; cto_bundle=A-nmGF9WUnd0RFhDS2pwVSUyRm10WmRtZHJsVmxsRkF6aHp3ckI1SHVEJTJGWDJwYTlqM04xT2VPQUFmYWdZTEs3TzZCTFF4R2FnRFNIYzg5V2FhWklVSTFuWWNkUHF6UCUyQlVINzhnUm45NVYzR1B2Z3NoVSUzRA; cto_bidid=PNsKll9lZjF0RFVRVVZVZ0prVzQlMkJDTGVjbWtkSFVSMW9XbUFZZzdQNTY3Q3Q1cVZZTGtmTUtTVUdnN0wyUUNmRzRrVWJ4U0hLc2JKU2pIMDI1NUF2Q281azNBJTNEJTNE; prefetchAd_5630105=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
content-encoding: gzip
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6679 bytes)
Hash
4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 06:25:01 GMT
age: 56831
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
667969b00f8c8fc38286f03336a390be
5641c7d8ed2215217ca1ce9455e6f1d3f2da86ca
3e00b0f485380682196fe468f05cc6cecccd5163a2644807067fbc108ee98b9e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E00B0F485380682196FE468F05CC6CECCCD5163A2644807067FBC108EE98B9E"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4104
Expires: Wed, 08 Feb 2023 23:20:36 GMT
Date: Wed, 08 Feb 2023 22:12:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
31b43452695cd13fe96bc1d9972b319b
b31e47802e563f5260e243a7a06f1275a0dd1308
88127788e8947cc1d3664b8ca9ca8a549c4a1aad32a74110cec2a3d05e579705

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3556
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:12 GMT
Last-Modified: Wed, 08 Feb 2023 21:12:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280

offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg

104.22.32.172

200 OK

13 kB

URL HTTP/2
offerimage.com/www/images/1355aa125a385056845e0ee1d5384e9a.jpeg
IP
104.22.32.172:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
13 kB (13093 bytes)
Hash
1355aa125a385056845e0ee1d5384e9a
cfa5fd1b2dd6b299c0aecdf19fec3532ce4392ea
248797fff982ee400ab78ff6831182372f9ef8a6916364192ca0f30556577733

HTTP Headers

GET /www/images/1355aa125a385056845e0ee1d5384e9a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: image/jpeg
content-length: 13093
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849b-3325"
expires: Thu, 09 Feb 2023 04:58:38 GMT
last-modified: Thu, 01 Dec 2022 10:40:27 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 62014
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967b49c888e2d7b-ARN
X-Firefox-Spdy: h2

ced.sascdn.com/tag/1097/smart.js

95.101.11.123

200 OK

33 kB

URL HTTP/1.1
ced.sascdn.com/tag/1097/smart.js
IP
95.101.11.123:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (33218 bytes)
Hash
a97933c723f113f0dd3d2002e84d93a2
094b9f92278e5666edf0188782d3ac6c6ac6166e
bbf457cf59f2a71418ba0c89105917395c3d627dd6087db9dd5202f3969035b7

HTTP Headers

GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 33218
Cache-Control: public, max-age=7200
Expires: Thu, 09 Feb 2023 00:12:13 GMT
Date: Wed, 08 Feb 2023 22:12:13 GMT
Connection: keep-alive

download.oxy.st/slake/asset/img/favicon/apple-touch-icon.png

185.178.208.137

200 OK

2.0 kB

URL HTTP/2
download.oxy.st/slake/asset/img/favicon/apple-touch-icon.png
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1994 bytes)
Hash
05807c4aceabfb49ab9d66e54618ff53
fddb5a3eb50d1a255989f72f91911dc21e2d5d9b
725d652f8c9ad3d148a0528878b51e2e250d228ab6eaf39111d0664abad359b3

HTTP Headers

GET /slake/asset/img/favicon/apple-touch-icon.png HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0; _pbjs_userid_consent_data=3524755945110770; sharedid=c9439ed0-096d-486f-8513-d6af464e3353; cto_bundle=A-nmGF9WUnd0RFhDS2pwVSUyRm10WmRtZHJsVmxsRkF6aHp3ckI1SHVEJTJGWDJwYTlqM04xT2VPQUFmYWdZTEs3TzZCTFF4R2FnRFNIYzg5V2FhWklVSTFuWWNkUHF6UCUyQlVINzhnUm45NVYzR1B2Z3NoVSUzRA; cto_bidid=PNsKll9lZjF0RFVRVVZVZ0prVzQlMkJDTGVjbWtkSFVSMW9XbUFZZzdQNTY3Q3Q1cVZZTGtmTUtTVUdnN0wyUUNmRzRrVWJ4U0hLc2JKU2pIMDI1NUF2Q281azNBJTNEJTNE; prefetchAd_5630105=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 07 Feb 2023 19:18:29 GMT
content-type: image/png
content-length: 1994
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
access-control-allow-origin: *
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5eefbeb2-7ca"
age: 96824
X-Firefox-Spdy: h2

id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

162.19.138.118

200

43 B

URL HTTP/1.1
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP
162.19.138.118:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Wed, 08-Feb-2023 22:17:13 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Wed, 08-Feb-2023 22:17:13 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Wed, 08-Feb-2023 22:17:13 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Wed, 08-Feb-2023 22:17:13 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Wed, 08-Feb-2023 22:17:13 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Wed, 08-Feb-2023 22:17:13 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Wed, 08 Feb 2023 22:12:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload

download.oxy.st/images/icon.png

185.178.208.137

200 OK

7.5 kB

URL HTTP/2
download.oxy.st/images/icon.png
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
7.5 kB (7531 bytes)
Hash
b63d70eb8c5d379fa68fe0f63e8c4255
232de1f52e52611ae67aab8ebaa143946154a233
100c7773d318b841267dc4ac654366ac19ba903e6cd6551777268f6eb4ed86cd

HTTP Headers

GET /images/icon.png HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0; _pbjs_userid_consent_data=3524755945110770; sharedid=c9439ed0-096d-486f-8513-d6af464e3353; cto_bundle=A-nmGF9WUnd0RFhDS2pwVSUyRm10WmRtZHJsVmxsRkF6aHp3ckI1SHVEJTJGWDJwYTlqM04xT2VPQUFmYWdZTEs3TzZCTFF4R2FnRFNIYzg5V2FhWklVSTFuWWNkUHF6UCUyQlVINzhnUm45NVYzR1B2Z3NoVSUzRA; cto_bidid=PNsKll9lZjF0RFVRVVZVZ0prVzQlMkJDTGVjbWtkSFVSMW9XbUFZZzdQNTY3Q3Q1cVZZTGtmTUtTVUdnN0wyUUNmRzRrVWJ4U0hLc2JKU2pIMDI1NUF2Q281azNBJTNEJTNE; prefetchAd_5630105=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 01 Feb 2023 08:49:02 GMT
content-type: image/png
content-length: 7531
last-modified: Sun, 21 Jun 2020 20:10:25 GMT
access-control-allow-origin: *
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5eefbeb1-1d6b"
age: 652991
X-Firefox-Spdy: h2

d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

54.230.245.166

200 OK

26 kB

URL HTTP/1.1
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP
54.230.245.166:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16085)
Size
26 kB (25704 bytes)
Hash
8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

HTTP Headers

GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Wed, 08 Feb 2023 07:43:40 GMT
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1VdLecXppZgVXlc--RD2qO06rDNWjdkQyutHbKdgPA6R_VUqoY8X6Q==
Age: 52114

mediasama.com/starharem/01/s/index_rt.html

149.56.38.113

200 OK

1.5 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/index_rt.html
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.5 kB (1525 bytes)
Hash
30597b59f3cb1eadf603fcfb21952340
baca3a552764959edd4fc56947acc9a4f33822de
6ac92da5b37d94c53f231a18bb88be006ae20f1724a63151a97ed918d86cb25d

HTTP Headers

GET /starharem/01/s/index_rt.html HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 09:11:51 GMT
ETag: "17a0-5e438fdce23c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Content-Type: text/html

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67226199464b18c839cd5cfa96cae88b
fb6a62c5e2ede15470740e30ee9df37fd1d774b2
7a24ad381f2b14f7285d5bc2074b79fd97fba5c564629e928f3fc8467aafefa3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3536
Cache-Control: max-age=161624
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:13 GMT
Etag: "63e3e4c5-1d7"
Expires: Fri, 10 Feb 2023 19:05:57 GMT
Last-Modified: Wed, 08 Feb 2023 18:07:01 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d09192b0325fc351f837998af0ec0859
9a2e9bd3eafa7a522727e29908c1576e7d256a87
def6f8c8083625ad72cb4a4e93336979b5ab7d0181031f639c3abc3f5b63ef99

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6464
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:13 GMT
Last-Modified: Wed, 08 Feb 2023 20:24:29 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
a052c6202097931eb074a1cdea5ce017
701304e9ba5f97454d84128d79ce29e324cf9c5f
8c8486f2565c6ceafe940d3f2c3128a4e512ab9459a2918ea350fea958778768

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sun, 12 Feb 2023 19:20:56 GMT
ETag: "701304e9ba5f97454d84128d79ce29e324cf9c5f"
Last-Modified: Wed, 08 Feb 2023 19:20:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2950
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967b49dea4cfac0-OSL

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
e55c78916e20ff8e3ce7369eaadb218a
52f39bbae31031003c95246e28ea851b571ebc5c
67efd0d4a7b6576b7e06c7f5b5ed3bd81a6bbba087733535eb2dcbc3c7de8176

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 12 Feb 2023 17:23:37 GMT
ETag: "52f39bbae31031003c95246e28ea851b571ebc5c"
Last-Modified: Wed, 08 Feb 2023 17:23:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3033
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7967b49def98b4f3-OSL

gum.criteo.com/sync?c=147&r=2&j=criteoCallback

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://download.oxy.st/
Origin: https://download.oxy.st
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:12 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://download.oxy.st
server-processing-duration-in-ticks: 466807
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322

216.58.211.2

302 Found

341 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
341 B (341 bytes)
Hash
507df1a15cc0135e32b5e28e6c020848
f1a4abf21722429e4e9f9a6c5758cdf2127fc79d
ea1d4b86134ab1232503ccc3104a8c4c1f0cd24ae4034345baeb94a3b12f18f6

HTTP Headers

GET /pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322&google_tc=
date: Wed, 08 Feb 2023 22:12:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 341
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 22:27:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fdownload.oxy.st%252Fd%252FyvPf%26hn_ver%3D40%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322

37.252.171.53

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fdownload.oxy.st%252Fd%252FyvPf%26hn_ver%3D40%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322
IP
37.252.171.53:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fdownload.oxy.st%252Fd%252FyvPf%26hn_ver%3D40%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 08 Feb 2023 22:12:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fdownload.oxy.st%25252Fd%25252FyvPf%2526hn_ver%253D40%2526fid%253Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322
AN-X-Request-Uuid: ca762722-c297-4c33-aff7-173dbf79ea5c
Set-Cookie: uuid2=705728747500012562; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 09-May-2023 22:12:13 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

counter.yadro.ru/hit?t52.6;r;s1280*1024*24;uhttps%3A//download.oxy.st/d/yvPf;hDownload%20file%20WexsideCrack%20%281%29.zip%20on%20Oxy.Cloud;0.9726354922210853

88.212.202.52

200 OK

362 B

URL HTTP/1.1
counter.yadro.ru/hit?t52.6;r;s1280*1024*24;uhttps%3A//download.oxy.st/d/yvPf;hDownload%20file%20WexsideCrack%20%281%29.zip%20on%20Oxy.Cloud;0.9726354922210853
IP
88.212.202.52:0
ASN
#39134 United Network LLC

File type
GIF image data, version 87a, 88 x 31\012- data
Size
362 B (362 bytes)
Hash
7b25b20ac31706e7ca86a5ffd09c75d5
830c6230d01396292aa9c76f9579e3fd0ff8d000
a73d6739819ba98621e4bdb24bc2fbc2c88583479558b9878e5b986d3b59341d

HTTP Headers

GET /hit?t52.6;r;s1280*1024*24;uhttps%3A//download.oxy.st/d/yvPf;hDownload%20file%20WexsideCrack%20%281%29.zip%20on%20Oxy.Cloud;0.9726354922210853 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 08 Feb 2023 22:12:13 GMT
Content-Type: image/gif
Content-Length: 362
Connection: keep-alive
Expires: Tue, 08 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400

cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e0867bc2-0792-49b8-7d75-595d6a473f6e&reqId=1624b691-3f40-40b9-5693-dee81f50177a&zdid=1258

216.58.211.2

302 Found

447 B

URL HTTP/2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e0867bc2-0792-49b8-7d75-595d6a473f6e&reqId=1624b691-3f40-40b9-5693-dee81f50177a&zdid=1258
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
447 B (447 bytes)
Hash
19a7c7945171adbdb8088a105a334cef
9e4a4a21f6c3b07746dce3442c715717c88e0240
b9ceaa9c72ec32c727c6dfad5d529599ff76a083d49cb74ef679716967a60dd3

HTTP Headers

GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e0867bc2-0792-49b8-7d75-595d6a473f6e&reqId=1624b691-3f40-40b9-5693-dee81f50177a&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e0867bc2-0792-49b8-7d75-595d6a473f6e&reqId=1624b691-3f40-40b9-5693-dee81f50177a&zdid=1258&google_tc=
date: Wed, 08 Feb 2023 22:12:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 22:27:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1

15.197.193.217

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:13 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU7BC15F&https=1&itype=CM

2.18.172.23

200 OK

5.7 kB

URL HTTP/2
contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU7BC15F&https=1&itype=CM
IP
2.18.172.23:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (13426)
Size
5.7 kB (5746 bytes)
Hash
bf19ca918607dd6c94d72d4f73ba83df
8f860309c01915f0bd1e082c1294ab177c5f4999
0bd3530918145469d93d16d5ed233cff822007fb98ed1ada03bf2ae7b646ed67

HTTP Headers

GET /checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU7BC15F&https=1&itype=CM HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=146125
expires: Fri, 10 Feb 2023 14:47:38 GMT
date: Wed, 08 Feb 2023 22:12:13 GMT
content-length: 5746
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 19:19:40 GMT
expires: Wed, 07 Feb 2024 19:19:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 96753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mediasama.com/starharem/01/s/styles.css

149.56.38.113

200 OK

2.4 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/styles.css
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (420)
Size
2.4 kB (2406 bytes)
Hash
8e7117f5f47cb6cde0a8e8eb38b16dbb
617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98

HTTP Headers

GET /starharem/01/s/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:29 GMT
ETag: "2638-5dc0be6400e82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406
Content-Type: text/css

lg3.media.net/bping.php?vgd_len=493&&vgd_cdv=870&vgd_cage=0&gdpr=1&prid=8PRHGG6T9&cid=8CU7BC15F&crid=468178560&vi=1675894333493497303&ugd=4&lf=6&cc=NO&lper=100&wsip=170785058&r=1675894389355&requrl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=50304&vgd_rakh=1675894333177326088&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p0733295009t202302082213&vgd_pgids=1&vgd_uspa=0&hvsid=00001675894389345015326356488073&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1

23.38.200.22

200 OK

35 B

URL HTTP/1.1
lg3.media.net/bping.php?vgd_len=493&&vgd_cdv=870&vgd_cage=0&gdpr=1&prid=8PRHGG6T9&cid=8CU7BC15F&crid=468178560&vi=1675894333493497303&ugd=4&lf=6&cc=NO&lper=100&wsip=170785058&r=1675894389355&requrl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=50304&vgd_rakh=1675894333177326088&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p0733295009t202302082213&vgd_pgids=1&vgd_uspa=0&hvsid=00001675894389345015326356488073&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1
IP
23.38.200.22:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
349909ce1e0bc971d452284590236b09
adfc01f8a9de68b9b27e6f98a68737c162167066
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

HTTP Headers

GET /bping.php?vgd_len=493&&vgd_cdv=870&vgd_cage=0&gdpr=1&prid=8PRHGG6T9&cid=8CU7BC15F&crid=468178560&vi=1675894333493497303&ugd=4&lf=6&cc=NO&lper=100&wsip=170785058&r=1675894389355&requrl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=50304&vgd_rakh=1675894333177326088&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p0733295009t202302082213&vgd_pgids=1&vgd_uspa=0&hvsid=00001675894389345015326356488073&gdpr=1&vgd_l2type=scs_newfl&vgd_end=1 HTTP/1.1
Host: lg3.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 35
Content-Type: image/gif
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=21600
Expires: Wed, 08 Feb 2023 22:12:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 08 Feb 2023 22:12:13 GMT
Connection: keep-alive

mediasama.com/starharem/01/s/js/main.js

149.56.38.113

200 OK

549 B

URL HTTP/1.1
mediasama.com/starharem/01/s/js/main.js
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
549 B (549 bytes)
Hash
d8fa8e233a4db9fbce0c20d9a57a06fe
2366b2969771aa164bfdca6b5baf916806f6758a
f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932

HTTP Headers

GET /starharem/01/s/js/main.js HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:50 GMT
ETag: "516-5dc0be78000b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Content-Type: application/javascript

secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fdownload.oxy.st%25252Fd%25252FyvPf%2526hn_ver%253D40%2526fid%253Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322

37.252.171.53

302 Found

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fdownload.oxy.st%25252Fd%25252FyvPf%2526hn_ver%253D40%2526fid%253Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322
IP
37.252.171.53:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12771%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fdownload.oxy.st%25252Fd%25252FyvPf%2526hn_ver%253D40%2526fid%253Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 08 Feb 2023 22:12:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/an_fire?app_nexus_uid=0&pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322
AN-X-Request-Uuid: aa46dc8f-b574-48a4-a371-6b24041b68b0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
ba8280a44e5cca2706d6fb4cc1b63e00
b02884c54a886e1c67fb686496d7f585ac4da1c1
a527caf4c3b2ce7295e54fe42e81a7c8e5c80d26506fce05bf1220d95cee22cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4926
Cache-Control: max-age=91003
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:13 GMT
Etag: "63e2cb7a-139"
Expires: Thu, 09 Feb 2023 23:28:56 GMT
Last-Modified: Tue, 07 Feb 2023 22:06:50 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1

178.250.0.162

200 OK

43 B

URL HTTP/2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
IP
178.250.0.162:0
ASN
#44788 Criteo SA

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:13 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5b1b993523163323b6a569da7eb55c47
f0e6b63b23125aab1eb608664e58ecddfefb7dd8
ec0a03bcaa80fc111a90f16589e849b4e9ee9a89b084cc5caa30103361edff24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 15:49:38 GMT
Expires: Wed, 15 Feb 2023 15:49:37 GMT
Etag: "f0e6b63b23125aab1eb608664e58ecddfefb7dd8"
Cache-Control: max-age=581243,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967b49aca22b509-OSL

pixel.quantserve.com/pixel;r=1349092968;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf;uht=2;fpan=1;fpa=P0-385993408-1675894389401;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=oxy.st;dst=0;et=1675894389620;tzo=0;ogl=;ses=f470b14f-01c4-44de-b66f-076f94211ba8

91.228.74.251

200 OK

35 B

URL HTTP/2
pixel.quantserve.com/pixel;r=1349092968;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf;uht=2;fpan=1;fpa=P0-385993408-1675894389401;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=oxy.st;dst=0;et=1675894389620;tzo=0;ogl=;ses=f470b14f-01c4-44de-b66f-076f94211ba8
IP
91.228.74.251:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

HTTP Headers

GET /pixel;r=1349092968;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf;uht=2;fpan=1;fpa=P0-385993408-1675894389401;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=oxy.st;dst=0;et=1675894389620;tzo=0;ogl=;ses=f470b14f-01c4-44de-b66f-076f94211ba8 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:13 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63e41e3d-7ac98-1f6df-8105d; expires=Sun, 10-Mar-2024 22:12:13 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322

185.64.189.110

302 Found

137 B

URL HTTP/2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322
IP
185.64.189.110:0
ASN
#62713 AS-PUBMATIC

File type
data
Size
137 B (137 bytes)
Hash
bbe2324dbdca1d5d070aac82805aaec5
fbc20a230bb5851f791743f2c9e90672d091b698
fde3b4ba116e639bc679f7caab4b537f28eb783e5e59888c019cf9489b94e22d

HTTP Headers

GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Tue, 09-May-2023 22:12:12 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2

contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU7BC15F&cpcd=AsZK00HS1DbaKD6Sqj_EvA%3D%3D&crid=468178560&size=300x250&cc=NO&https=1&vif=1&requrl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&nse=5&vi=1675894333493497303&ugd=4&sff=0&pgid=p0733295009t202302082213&nb=1

2.18.172.23

200 OK

329 B

URL HTTP/2
contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU7BC15F&cpcd=AsZK00HS1DbaKD6Sqj_EvA%3D%3D&crid=468178560&size=300x250&cc=NO&https=1&vif=1&requrl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&nse=5&vi=1675894333493497303&ugd=4&sff=0&pgid=p0733295009t202302082213&nb=1
IP
2.18.172.23:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (550), with no line terminators
Size
329 B (329 bytes)
Hash
e983f1f4d1ae32f0be77331c96e64c38
aa11abce55c65af6c8155339c955c2edd2b13c1b
6191142b42ebb1c4bcf78d88d8d6c20460513c850d8a8bb5613a425fc1cff28a

HTTP Headers

GET /smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU7BC15F&cpcd=AsZK00HS1DbaKD6Sqj_EvA%3D%3D&crid=468178560&size=300x250&cc=NO&https=1&vif=1&requrl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&nse=5&vi=1675894333493497303&ugd=4&sff=0&pgid=p0733295009t202302082213&nb=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript
x-sc-h: 21-n2pr
expires: Wed, 08 Feb 2023 22:12:13 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 Feb 2023 22:12:13 GMT
content-length: 329
vary: Accept-Encoding
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

betotodilea.com/400/5630102

139.45.197.237

200 OK

32 kB

URL HTTP/2
betotodilea.com/400/5630102
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
32 kB (31773 bytes)
Hash
33153f0d0658f7d13a782ae6ea1c8e35
a61a0b16aa300a9a21653a022f99d3f215ec2443
8cf5fd436aff9949e876f1b035958e17d374ac5720afdea5cb15d499020ef217

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /400/5630102 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/javascript
x-trace-id: babf4bc51de98ac3ad1d9ff5d9f8ed31
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=240561fdc29f43e1a4a5f13447e8ac0a; expires=Thu, 08 Feb 2024 22:12:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e0867bc2-0792-49b8-7d75-595d6a473f6e&reqId=1624b691-3f40-40b9-5693-dee81f50177a&zdid=1258&google_error=3

104.22.24.87

200 OK

95 B

URL HTTP/2
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e0867bc2-0792-49b8-7d75-595d6a473f6e&reqId=1624b691-3f40-40b9-5693-dee81f50177a&zdid=1258&google_error=3
IP
104.22.24.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

HTTP Headers

GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e0867bc2-0792-49b8-7d75-595d6a473f6e&reqId=1624b691-3f40-40b9-5693-dee81f50177a&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Connection: keep-alive
Cookie: zc=e0867bc2-0792-49b8-7d75-595d6a473f6e; zsc=%60%08%A4%0Dj%D7%3B%AB%C4%8A%24%E3%EA%241%D6%DF%E8%26BP%EF%D9%83%B8%C2%B0%BB%B8%E9%1E1%806%FA%FD%12%19f%90%FEE%FA%A9%ACZ%16%BEX%E2%B19%FD%D6%90%CEn%01%97%22%89%9D%9D%1Co%23%A2b%AC%07%14%FB%17%97%F7%EE%D4%81%153%06%3E%C1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:13 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://download.oxy.st
set-cookie: zc=e0867bc2-0792-49b8-7d75-595d6a473f6e; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7967b4a088a3b4f9-OSL
X-Firefox-Spdy: h2

s.cpx.to/an_fire?app_nexus_uid=0&pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322

63.32.219.30

200 OK

95 B

URL HTTP/1.1
s.cpx.to/an_fire?app_nexus_uid=0&pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322
IP
63.32.219.30:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

HTTP Headers

GET /an_fire?app_nexus_uid=0&pid=12771&ref=&url=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&hn_ver=40&fid=d3df43df-b983-4bfe-a83a-bbcc6a4c3322 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Connection: keep-alive
Cookie: cpSess=d75d1a4a605768d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=d75d1a4a605768d; Expires=Thu, 08 Feb 2024 22:12:13 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
p3p: CP="NOI DEV ADM"
expires: Wed, 08 Feb 2023 22:12:13 UTC

nanouwho.com/15?rnd=2888495753&z=5630103&var=&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&ruid=244287db-e1d4-4d25-966f-6b160ce8254f&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.207%2C%22location%22%3A%22https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D

139.45.197.242

204 No Content

0 B

URL HTTP/2
nanouwho.com/15?rnd=2888495753&z=5630103&var=&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&ruid=244287db-e1d4-4d25-966f-6b160ce8254f&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.207%2C%22location%22%3A%22https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /15?rnd=2888495753&z=5630103&var=&rb=cnMKrVBFrsJT_udqbxR0q_jECGIij1NFai7Ez-U6xnOcC-8s1m7epUsUo5O8FAumHMAaFh63j33uzoOVkH_Pa9LIs4NFJvN3mMyo-_R8gANn41JDgYfFMI5uwk8UACSiwr5QK_Hl5Ul9mebGAb2j3Gn7lr61ZHP5lJcNI_yr-pOKEP5V3tbuLl-BP6zOiBDXytbO9XluKwOXKo0EjaFJMu8X1DeokSP93FOfAd23zVZr3wnyBiHiq-lHruDV51MuNJLAYiN-CX8oe8ng3dYMTHeQUQG-V8xSw7wY0hNM39WMQL8Tcv6wyrXoFkW2oSfSMcKUwd3O92XDquk865uRdf_ujfCK9yP_iJcAQP1m554YfoHKnTwZjTXPkA0fJoYCKoF8CCWbYz9oLJAShx9UoYIekGiICTs36yCPdngmAJIWON5CKt9m4VYy3T_YWa7N8yjRazx7siNTl5sttSPYZYC__Sl0ibcMZfpZTF_xiIxaKmdleBjuKiRXbJKBqwGR97NFE-w82Eqk3YWrzMPjMvFY4Ar_fOgw7__UOxtslfkoYVLpyW9UHG9E2fhkPp8maoBfS-Jkg0qNtuJ3veb20N5y4jPrMPbzhcP7EJ5rBvuCzBkyjx4p3ncPoq9gUKcGZzzPtN9NFvqaopkwAx50QbvjhDTeJk0UsqcRJ6pcsYlZeOCthHYUhI-xlVuZygq-rGQhsfj5kzL0UGEiZhYc1-30nNvotltyjvp23X3_rOjg5zyogtCUaHf5PtKZDHqGWedFxO77h0w=&ruid=244287db-e1d4-4d25-966f-6b160ce8254f&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.207%2C%22location%22%3A%22https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Cookie: scm=1; OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5; oaidts=1675894332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 08 Feb 2023 22:12:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://download.oxy.st
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: cd970aaf08214a5fa7054ffd0eeef10d
access-control-expose-headers: X-Sc
set-cookie: OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5; expires=Thu, 08 Feb 2024 22:12:13 GMT; secure; SameSite=None
oaidts=1675894332; expires=Thu, 08 Feb 2024 22:12:13 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3c77c37b3286287da02d8b5a1770ed0e
8ff88ee70aef7d3572c1015a2f23670ff1526164
54c5848c1db5ebcb9bbe27c44525ce306b3e121102f8cc92acdf56a033db4343

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 22:12:13 GMT
Last-Modified: Wed, 08 Feb 2023 20:35:54 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: foCX3eSYQLhM9BN35mhfqBb6anjRG4M1TbB6QonePIMZKwinthYc-w==
Age: 5779

adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7

108.128.16.246

200 OK

20 B

URL HTTP/1.1
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP
108.128.16.246:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://download.oxy.st
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Wed, 08 Feb 2023 22:12:13 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 08 Feb 2023 22:12:13 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive

mediasama.com/starharem/01/s/audio/btn_1.mp3

149.56.38.113

206 Partial Content

20 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/audio/btn_1.mp3
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size
20 kB (20321 bytes)
Hash
d857acaef2cdf5ec88ea6128c1ceb7b3
5f67419243f34232a4da8cb1a1eaecfc192ff1a7
df83bc888086ae84b5d532a39023b0db17e8f3ccd3ffdcd6f35c8d4f39558d24

HTTP Headers

GET /starharem/01/s/audio/btn_1.mp3 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:31 GMT
ETag: "4f61-5dc0be65fcb81"
Accept-Ranges: bytes
Content-Length: 20321
Content-Range: bytes 0-20320/20321
Content-Type: audio/mpeg

mediasama.com/starharem/01/s/img/2.jpg

149.56.38.113

200 OK

369 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/2.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
369 kB (369239 bytes)
Hash
b7d3bd4ae3d5f8477e040e6410517866
2b255c9583c47e5da4069d9c055d3430a0c1e03a
7bb68d5a9a92a500956397e156beb117a0ef605b6747800cacf9c9440b6fc7e4

HTTP Headers

GET /starharem/01/s/img/2.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5a257-5dc622e1424eb"
Accept-Ranges: bytes
Content-Length: 369239
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/1.jpg

149.56.38.113

200 OK

397 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/1.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
397 kB (397097 bytes)
Hash
43c140ec16ce96d582782ea93eeaa4fe
3390bf8e8708620fc0a851455e4729cb4f0248a2
3e176a04debe08dd522e7f0fbc9f7530880a92fb9845afd7391bbaa764a4ad55

HTTP Headers

GET /starharem/01/s/img/1.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "60f29-5dc622dfac0e8"
Accept-Ranges: bytes
Content-Length: 397097
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/7.jpg

149.56.38.113

200 OK

327 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/7.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
327 kB (326553 bytes)
Hash
c67c9fb0268eea7d188c4c9bc54a0bf4
216b83374ba6f011041b31dd381f22e99ea7a8c1
95ae6eba3fad2ff05cadc95b27fc79a198a9e873371ab5fb7bb97c1661cd4654

HTTP Headers

GET /starharem/01/s/img/7.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:45 GMT
ETag: "4fb99-5dc622e5033f2"
Accept-Ranges: bytes
Content-Length: 326553
Content-Type: image/jpeg

image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322

185.64.189.110

200 OK

342 kB

URL HTTP/2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322
IP
185.64.189.110:0
ASN
#62713 AS-PUBMATIC

File type
data
Size
342 kB (341693 bytes)
Hash
c4bff23090cd883cbc24f2fcd2f2baf9
3ca4b835e5664204c8676cfcbdcb968ad0ff7660
ca752818d9d3f4308da8f17d9325a882a89d6e2c11c79c5197d08e84437ff09e

HTTP Headers

GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dd3df43df-b983-4bfe-a83a-bbcc6a4c3322 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2

mediasama.com/starharem/01/s/img/3.jpg

149.56.38.113

200 OK

375 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/3.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
375 kB (375159 bytes)
Hash
84c5f704120f28ad7bcde2ebab7442a0
fd2745300ba7ad59ff8044c7e9f76b1326ddd120
6227de9cf2198a85639d3808c134b85dc1e6a5ee5ee5709189c5e58d1b91b7c2

HTTP Headers

GET /starharem/01/s/img/3.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5b977-5dc622e17edac"
Accept-Ranges: bytes
Content-Length: 375159
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/4.jpg

149.56.38.113

200 OK

325 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/4.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
325 kB (325446 bytes)
Hash
ec18d276822ab5772f3458da7dbedfbc
f7a38f944aaba3e6b848f496bf4b8fee50b58161
da6b7082767f0ddffbec031c7f84b859c7a1f20624445bb26aa93895b75d7c09

HTTP Headers

GET /starharem/01/s/img/4.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "4f746-5dc622e2da82e"
Accept-Ranges: bytes
Content-Length: 325446
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/8.jpg

149.56.38.113

200 OK

682 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/8.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-3584, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 211035008.000000\012- data
Size
682 kB (682050 bytes)
Hash
cedcd46e956dee6a28f87198962b0477
7b38f1de654971e436983fb6a34a71540ba526c9
08c08ef6f1ed9da65259719bbcc97e9aec700d3b486a9f0a741cb5800be34db5

HTTP Headers

GET /starharem/01/s/img/8.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:14 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "a6842-5dc622e757ed6"
Accept-Ranges: bytes
Content-Length: 682050
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/10.jpg

149.56.38.113

200 OK

237 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/10.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
237 kB (236974 bytes)
Hash
e0046cc1f34ff0701ec4874a0a8c5d43
c6a46db14dfc50d67307a9855f4dd2688d576a01
8589d73053f4bb258d888488403564bdcc94fb2d87c7388f943bf06fb85865a1

HTTP Headers

GET /starharem/01/s/img/10.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:14 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "39dae-5dc622df755e8"
Accept-Ranges: bytes
Content-Length: 236974
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/6.jpg

149.56.38.113

200 OK

261 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/6.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
261 kB (261364 bytes)
Hash
4b7cf78d93f3f009f850bedb6829d7f6
cc55cad898df47a2f089946aee9398fea7fa2ae6
44d0a6f8e7f7fe0354c05417445137070431686d671c51e9f3d3869867f2448f

HTTP Headers

GET /starharem/01/s/img/6.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:44 GMT
ETag: "3fcf4-5dc622e471bd1"
Accept-Ranges: bytes
Content-Length: 261364
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/5.jpg

149.56.38.113

200 OK

461 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/5.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size
461 kB (461412 bytes)
Hash
42ad3cffde2e4081df94ded8a30a1dc5
7b064f0fcb96e5b5c498c0c03bcbb9ab15e999b0
be788428faee6157125228734e5510d4f49212766eff23a1a1b178e456f153d1

HTTP Headers

GET /starharem/01/s/img/5.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:13 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "70a64-5dc622e35f52f"
Accept-Ranges: bytes
Content-Length: 461412
Content-Type: image/jpeg

mediasama.com/starharem/01/s/img/11.jpg

149.56.38.113

200 OK

403 kB

URL HTTP/1.1
mediasama.com/starharem/01/s/img/11.jpg
IP
149.56.38.113:0
ASN
#16276 OVH SAS

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
403 kB (402740 bytes)
Hash
c10654a068f849e614885c983ac9ab02
8d69da78045560f1c2de7bafc47b2c8a12e86424
3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2

HTTP Headers

GET /starharem/01/s/img/11.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 22:12:14 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 09:18:06 GMT
ETag: "62534-5dc5d6c134c3d"
Accept-Ranges: bytes
Content-Length: 402740
Content-Type: image/jpeg

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Content-Type: application/json
Origin: https://download.oxy.st
Content-Length: 737
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:14 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: ac18f85e5608694462d7bac759f94a75
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3771
Cache-Control: max-age=112551
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:14 GMT
Etag: "63e3242a-139"
Expires: Fri, 10 Feb 2023 05:28:05 GMT
Last-Modified: Wed, 08 Feb 2023 04:25:14 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
9c0e95ec1969d04cbbe1a963f9556eac
6d9f7db5133272b8f78348469f8a007a74c64933
8eaba7c4d361e9320711b8d55b568074f3246cea376dd382c4ff8940ed57c438

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3771
Cache-Control: max-age=112551
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 22:12:14 GMT
Etag: "63e3242a-139"
Expires: Fri, 10 Feb 2023 05:28:05 GMT
Last-Modified: Wed, 08 Feb 2023 04:25:14 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

ag.gbc.criteo.com/newidsd

185.235.84.79

200 OK

82 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.79:0
ASN
#44788 Criteo SA

File type
data
Size
82 B (82 bytes)
Hash
6124dfb85282703fa8c0c2a79dfd6a59
03a933e4dde1a4edaeb30d12978d6be2a014d396
44e6d8d04ed17f78bbea45b3053746e5813ecfda89246c434e55141ab7f9be94

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 91987
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?origin=rtus&topUrl=download.oxy.st

178.250.0.157

200 OK

5.5 kB

URL HTTP/2
gum.criteo.com/syncframe?origin=rtus&topUrl=download.oxy.st
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Size
5.5 kB (5534 bytes)
Hash
30cafcb3c73fbd3c2cb953cff3513db8
11e28d81e87946f66c4826e4155f0232351eded5
71fe9b1e84ea0d2b17ec76af0205db58da37b1b78b6ae847781523e11bedd6ad

HTTP Headers

GET /syncframe?origin=rtus&topUrl=download.oxy.st HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:13 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=28edf0cf-03cf-4967-9c64-fa85de55e7a7; expires=Mon, 04 Mar 2024 22:12:13 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 648938
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

betotodilea.com/impression/4YE8pKisDYqNzcM8YXlI_9G8qNS_58URADNwNo-pWwze8DLN9ztQbC7xylLA0ukPG_sKxtjLmBidMD0-_DkSjrRwtVBK8Bcz4t7Dqbi189fDv80k0aVU0Cl6AhJQtj8QeZC9tIK8W9EBwoRt0Ba7VUnpu8tDExUtoD8-_jSsYBf9ERkxIGaPlTATQT2DJfjLNtZsoA1tO34HAkAPYd-IbCI7-1-1Za40RHkq3VBMnKVcFPgshlGP20CkwO_eY-T_aQNK0mpIFVob-0SOAV34JgOqhfweJkSn-oT9frhVqFaZsWOKRSGMSu7LGThsJxMoTqNFeg-hQ6AwiWHtiGlr57cAi_QRqei7iyZOTRQdBiDxZEtB8VzSFdifFD_oo3VMpcClbBax9FyN7Ic6aMWC5OHQ4ITnmJNL21FXmo50furGCMe1aY3tt7Z4FZePS2Q0IjnlS9A3pGLgwRpOMuJd1EZgTYGOCPlowlpaaHMCN2O9_x3ruliMtsF-U2YPOXLsvN0UMhANY8tIrj8jDohRSkFtnfV5OHL_zunYS_fVXJaJZuONeHM45hHsUdu6APh7k2y9kfWEuL9vXuIGMVCvNQ==?_z=5630102&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

43 B

URL HTTP/2
betotodilea.com/impression/4YE8pKisDYqNzcM8YXlI_9G8qNS_58URADNwNo-pWwze8DLN9ztQbC7xylLA0ukPG_sKxtjLmBidMD0-_DkSjrRwtVBK8Bcz4t7Dqbi189fDv80k0aVU0Cl6AhJQtj8QeZC9tIK8W9EBwoRt0Ba7VUnpu8tDExUtoD8-_jSsYBf9ERkxIGaPlTATQT2DJfjLNtZsoA1tO34HAkAPYd-IbCI7-1-1Za40RHkq3VBMnKVcFPgshlGP20CkwO_eY-T_aQNK0mpIFVob-0SOAV34JgOqhfweJkSn-oT9frhVqFaZsWOKRSGMSu7LGThsJxMoTqNFeg-hQ6AwiWHtiGlr57cAi_QRqei7iyZOTRQdBiDxZEtB8VzSFdifFD_oo3VMpcClbBax9FyN7Ic6aMWC5OHQ4ITnmJNL21FXmo50furGCMe1aY3tt7Z4FZePS2Q0IjnlS9A3pGLgwRpOMuJd1EZgTYGOCPlowlpaaHMCN2O9_x3ruliMtsF-U2YPOXLsvN0UMhANY8tIrj8jDohRSkFtnfV5OHL_zunYS_fVXJaJZuONeHM45hHsUdu6APh7k2y9kfWEuL9vXuIGMVCvNQ==?_z=5630102&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impression/4YE8pKisDYqNzcM8YXlI_9G8qNS_58URADNwNo-pWwze8DLN9ztQbC7xylLA0ukPG_sKxtjLmBidMD0-_DkSjrRwtVBK8Bcz4t7Dqbi189fDv80k0aVU0Cl6AhJQtj8QeZC9tIK8W9EBwoRt0Ba7VUnpu8tDExUtoD8-_jSsYBf9ERkxIGaPlTATQT2DJfjLNtZsoA1tO34HAkAPYd-IbCI7-1-1Za40RHkq3VBMnKVcFPgshlGP20CkwO_eY-T_aQNK0mpIFVob-0SOAV34JgOqhfweJkSn-oT9frhVqFaZsWOKRSGMSu7LGThsJxMoTqNFeg-hQ6AwiWHtiGlr57cAi_QRqei7iyZOTRQdBiDxZEtB8VzSFdifFD_oo3VMpcClbBax9FyN7Ic6aMWC5OHQ4ITnmJNL21FXmo50furGCMe1aY3tt7Z4FZePS2Q0IjnlS9A3pGLgwRpOMuJd1EZgTYGOCPlowlpaaHMCN2O9_x3ruliMtsF-U2YPOXLsvN0UMhANY8tIrj8jDohRSkFtnfV5OHL_zunYS_fVXJaJZuONeHM45hHsUdu6APh7k2y9kfWEuL9vXuIGMVCvNQ==?_z=5630102&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Cookie: OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:17 GMT
content-type: image/gif
content-length: 43
x-trace-id: f89ae593f813bc03bf58f1dded6cf911
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

betotodilea.com/500/5630102?excludes=16368910&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
betotodilea.com/500/5630102?excludes=16368910&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/5630102?excludes=16368910&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://download.oxy.st/
Origin: https://download.oxy.st
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:17 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://download.oxy.st
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

139.45.197.237

200 OK

15 kB

URL HTTP/2
betotodilea.com/500/5630102?excludes=16368910&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
15 kB (14782 bytes)
Hash
6f95efb4cfbee48e0b3ef5e89f6c7904
d7bec19ff61132e91f3ef294a692b9b43a4eda6b
21131bd94f319ee65721bb2ec931ab714807872b8f09f4789f4a73d5c84ebfa1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5630102?excludes=16368910&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Cookie: OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:17 GMT
content-type: application/javascript
x-trace-id: dbce5653dd262ab9f31898e7b6487281
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://download.oxy.st
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5; expires=Thu, 08 Feb 2024 22:12:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ibrapush.com/custom

139.45.197.250

200 OK

39 B

URL HTTP/2
ibrapush.com/custom
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Content-Type: application/json
Origin: https://download.oxy.st
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: ec4c89968a644907edfe1502df308486
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=ab9f57e4b4024dc39d607824aeb388ec&zoneId=5630104&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=ab9f57e4b4024dc39d607824aeb388ec&zoneId=5630104&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
94adccf92a7aadc98cd39abc2f539953
8591cb944bfd7fad2bc835018eb4ed59e5a72930
ff134895c369c5350d2c2eed1a3205576ebc818779a38c8c70fb2674611ec01f

HTTP Headers

GET /gid.js?pub=0&userId=ab9f57e4b4024dc39d607824aeb388ec&zoneId=5630104&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Origin: https://download.oxy.st
Connection: keep-alive
Cookie: ID=4cd5874d8fdd4d729cb4eaf2837e6ce5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:19 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://download.oxy.st
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4cd5874d8fdd4d729cb4eaf2837e6ce5; expires=Thu, 08 Feb 2024 22:12:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 22:12:11 GMT
date: Wed, 08 Feb 2023 22:12:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js

185.76.9.26

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
IP
185.76.9.26:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /moneybid7_35/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 22:21:08 GMT
expires: Thu, 09 Feb 2023 16:04:31 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675958671
server: CDN77-Turbo
x-77-nzt: AblMCRTAZY3/LFYAAA
x-77-nzt-ray: af585630e56f6cf33b1ee4633edcbc1a
x-cache: HIT
x-age: 22060
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

104.22.24.87

200 OK

0 B

URL HTTP/2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP
104.22.24.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://download.oxy.st
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7967b4946b68b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

ibrapush.com/pfe/current/tag.min.js?z=5630104

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/pfe/current/tag.min.js?z=5630104
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/tag.min.js?z=5630104 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:42 GMT
etag: W/"63e2610a-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/requestform.js?siteId=85433&formatId=2

185.76.9.26

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/s/requestform.js?siteId=85433&formatId=2
IP
185.76.9.26:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/requestform.js?siteId=85433&formatId=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1676477098
server: CDN77-Turbo
x-77-nzt: AblMCRRmlU3/EVYAAA
x-77-nzt-ray: af585630e56f6cf33b1ee4635b710315
x-cache: HIT
x-age: 22033
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ibrapush.com/pfe/current/universal.min.js?v=3.1.418

139.45.197.250

200 OK

0 B

URL HTTP/2
ibrapush.com/pfe/current/universal.min.js?v=3.1.418
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.418 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
Origin: https://download.oxy.st
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:42 GMT
etag: W/"63e2610a-19082"
access-control-allow-origin: https://download.oxy.st
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

nanouwho.com/9?z=5630103&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5

139.45.197.242

200 OK

0 B

URL HTTP/2
nanouwho.com/9?z=5630103&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /9?z=5630103&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fdownload.oxy.st%2Fd%2FyvPf&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=4cd5874d8fdd4d729cb4eaf2837e6ce5 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 160
Origin: https://download.oxy.st
Connection: keep-alive
Referer: https://download.oxy.st/
Cookie: scm=1; OAID=a4bd4c1a73244b608bcadbb6902688a2; oaidts=1675894332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://download.oxy.st
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 0fddf2c2fe28323f71689da750efe310
access-control-expose-headers: X-Sc
set-cookie: OAID=4cd5874d8fdd4d729cb4eaf2837e6ce5; expires=Thu, 08 Feb 2024 22:12:12 GMT; secure; SameSite=None
oaidts=1675894332; expires=Thu, 08 Feb 2024 22:12:12 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

download.oxy.st/slake/asset/js/plugins.js

185.178.208.137

200 OK

0 B

URL HTTP/2
download.oxy.st/slake/asset/js/plugins.js
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /slake/asset/js/plugins.js HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/d/yvPf
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 13:02:17 GMT
content-type: application/javascript
last-modified: Sun, 21 Jun 2020 20:10:26 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 90933
ddg-cache-status: HIT,HIT
etag: "5eefbeb2-52d51"
age: 32994
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=147&r=2&j=criteoCallback

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 781174
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

inklinkor.com/tag.min.js

104.21.91.63

200 OK

0 B

URL HTTP/2
inklinkor.com/tag.min.js
IP
104.21.91.63:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: fb82cf337c291799d3a55f74af818192
cache-control: max-age=86400
last-modified: Wed, 08 Feb 2023 13:52:33 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 09 Feb 2023 20:44:58 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 5233
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtcGZS6RyRwx0PFbJY2dfIkLURIr31fq2VP00kBx%2B%2FDX%2FEbcmQChFui7YfGk50KIzksWs%2FtnjVFQIJFhh2wt1ix2ykD5DyrAXX38bii5tfLbWpvLRy6hFFOPM8%2B6DL%2Bk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7967b4935f1bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

nanouwho.com/1?z=5630103

139.45.197.242

200 OK

0 B

URL HTTP/2
nanouwho.com/1?z=5630103
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /1?z=5630103 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 2981eeff636e8a0bc9b3cade1c24e4ce
access-control-expose-headers: X-Sc
x-sc: YqEibUP8-3gbMqBDgkTMDaAn2dFPzphxtH8PK0i_1EoeqylxlUy0bAfC2rVyFmj-_f9qAqbJ5WYSECFOCkYv3j80Lwg=
set-cookie: scm=1; expires=Thu, 08 Feb 2024 22:12:12 GMT; secure; SameSite=None
OAID=a4bd4c1a73244b608bcadbb6902688a2; expires=Thu, 08 Feb 2024 22:12:12 GMT; secure; SameSite=None
oaidts=1675894332; expires=Thu, 08 Feb 2024 22:12:12 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

secure.quantserve.com/quant.js

91.228.74.251

200 OK

0 B

URL HTTP/2
secure.quantserve.com/quant.js
IP
91.228.74.251:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:13 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "u+riIbpeWSVolXo4r+dT2g=="
expires: Wed, 15 Feb 2023 22:12:13 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

download.oxy.st/d/yvPf

185.178.208.137

200 OK

0 B

URL HTTP/2
download.oxy.st/d/yvPf
IP
185.178.208.137:0
ASN
#57724 Ddos-guard Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /d/yvPf HTTP/1.1
Host: download.oxy.st
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=WAwOtcUCwj1qYiQ5CuIx; PHPSESSID=a3cpcb8pustunp14rnuq3d8kb0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 22:12:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/gen.js?type=2

185.76.9.26

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/s/gen.js?type=2
IP
185.76.9.26:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/gen.js?type=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1676477071
server: CDN77-Turbo
x-77-nzt: AblMCRQMj5//LFYAAA
x-77-nzt-ray: af585630e56f6cf33b1ee4635bc52015
x-cache: HIT
x-age: 22060
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ads.themoneytizer.com/moneybile.js

185.76.9.26

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/moneybile.js
IP
185.76.9.26:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:11 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Thu, 09 Feb 2023 16:04:31 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1675958671
server: CDN77-Turbo
x-77-nzt: AblMCRQiYyf/LFYAAA
x-77-nzt-ray: af585630e56f6cf33b1ee46334e20d1a
x-cache: HIT
x-age: 22060
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

nanouwho.com/27/90f7f588ad5892e2821c323c80d6c1b6

139.45.197.242

200 OK

0 B

URL HTTP/2
nanouwho.com/27/90f7f588ad5892e2821c323c80d6c1b6
IP
139.45.197.242:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /27/90f7f588ad5892e2821c323c80d6c1b6 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Cookie: scm=1; OAID=a4bd4c1a73244b608bcadbb6902688a2; oaidts=1675894332
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Wed, 08 Feb 2023 07:51:08 GMT
expires: Wed, 10 Mar 2083 07:51:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

contextual.media.net/dmedianet.js?cid=8CU7BC15F

2.18.172.23

200 OK

0 B

URL HTTP/2
contextual.media.net/dmedianet.js?cid=8CU7BC15F
IP
2.18.172.23:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dmedianet.js?cid=8CU7BC15F HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
content-type: text/javascript; charset=utf-8
x-mnt-h: 21-188d
x-mnt-w: 22-pmnp
etag: "896dad7627e9b8066b3c8baa00ade3c3"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Wed, 08 Feb 2023 22:17:13 GMT
date: Wed, 08 Feb 2023 22:12:13 GMT
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=147&r=2&j=criteoCallback

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://download.oxy.st/
x-crto-bundle: A-nmGF9WUnd0RFhDS2pwVSUyRm10WmRtZHJsVmxsRkF6aHp3ckI1SHVEJTJGWDJwYTlqM04xT2VPQUFmYWdZTEs3TzZCTFF4R2FnRFNIYzg5V2FhWklVSTFuWWNkUHF6UCUyQlVINzhnUm45NVYzR1B2Z3NoVSUzRA
Origin: https://download.oxy.st
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Feb 2023 22:12:12 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://download.oxy.st
server-processing-duration-in-ticks: 1718569
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

54.230.111.33

200 OK

0 B

URL HTTP/2
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://download.oxy.st/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 08 Feb 2023 21:42:32 GMT
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
x-amz-server-side-encryption: AES256
cache-control: max-age=3600
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4rcBf41C86KxLgQuHkzuP2rBDfYUmzQd2cImFkeDQlfZmXvm0QUWmg==
age: 1782
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML