ocsp.sectigo.com/
104.18.15.101 471 B IP 104.18.15.101:0
Hash b1f65a0380152ed39bc45d4942698ea2
77e679c94d1479f3df377624acc494cdeab57bb1
7740c8dd1e4f0821e5c244ba33b896067be902d2ab45cefc9f56c8a2555df81a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Jun 2023 05:54:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Jun 2023 17:19:56 GMT
Expires: Sun, 11 Jun 2023 17:19:55 GMT
Etag: "77e679c94d1479f3df377624acc494cdeab57bb1"
Cache-Control: max-age=386981,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d36a4810cdb067b-OSL
datatechonert.com/log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763
139.45.195.253 12 B URL datatechonert.com/log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1672
Origin: https://cdntechone.com
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 07 Jun 2023 05:54:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v
34.192.29.125302 Found 0 B URL User Request GET HTTP/1.1 sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v
IP 34.192.29.125:443
Certificate IssuerLet's Encrypt
Subjectsweetbird.net
Fingerprint4D:FC:A9:DD:26:14:CA:3D:04:84:19:0F:4B:5E:5F:50:BE:A9:E8:F8
ValidityTue, 06 Jun 2023 02:06:40 GMT - Mon, 04 Sep 2023 02:06:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=97xwtzyoopcwl3bwxl6v HTTP/1.1
Host: sweetbird.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.20.2
Date: Wed, 07 Jun 2023 05:54:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=7vg65ma63y; expires=Thu, 08-Jun-2023 05:54:49 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=7vg65ma63y-7vg65ma63y-3zbl-0-m70-oj7v-oj8r-30fc66; expires=Thu, 08-Jun-2023 05:54:49 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://6.lands.ninja?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Strict-Transport-Security: max-age=31536000
6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
52.3.131.13200 OK 7.0 kB URL User Request GET HTTP/2 6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
IP 52.3.131.13:443
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6123)
Hash 6dba10eaa7d891abc4076f2d55b81bf4
947e81d5a95fbf94eb534175ae786b762655465f
878f02475c307854cc5ffd7e212b09f67f26e22c4446bb1e556f712f96de6ba1
GET /?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdntechone.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 20 Feb 2023 18:23:51 GMT
etag: "34b3-5f525c3cadbc0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7042
content-type: text/html
date: Wed, 07 Jun 2023 05:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33
52.3.131.13200 OK 5.1 kB URL GET HTTP/2 6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33
IP 52.3.131.13:443
Requested by https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type ASCII text, with very long lines (14442), with no line terminators
Hash d9399ffec754a2bdbbf4bfd2b785be4d
e67963687ee1a80f7f2500d8223d601d145a97cc
a5d43d7214a29ae16f5bbefc716c73d76760cdd93d30e8170fc842bdf3be2734
GET /rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33 HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Feb 2023 13:57:14 GMT
etag: "386a-5f5aedb2fa280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5108
content-type: text/javascript
date: Wed, 07 Jun 2023 05:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
6.lands.ninja/img/man.png
52.3.131.13200 OK 11 kB URL GET HTTP/2 6.lands.ninja/img/man.png
IP 52.3.131.13:443
Requested by https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /img/man.png HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 17:54:25 GMT
etag: "295f-5e69bc9e37640"
accept-ranges: bytes
content-length: 10591
content-type: image/png
date: Wed, 07 Jun 2023 05:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
6.lands.ninja/img/logo.png
52.3.131.13200 OK 1.1 kB URL GET HTTP/2 6.lands.ninja/img/logo.png
IP 52.3.131.13:443
Requested by https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /img/logo.png HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 17:54:24 GMT
etag: "425-5e69bc9d43400"
accept-ranges: bytes
content-length: 1061
content-type: image/png
date: Wed, 07 Jun 2023 05:54:50 GMT
server: Apache
X-Firefox-Spdy: h2
cdntechone.com/r.html?axcid=b11df4a5-b02c-4bff-b483-c91f3b797763&axtsid=direct-link&axaffid=82f5721cb5884d0edf7b84b3cce58475&clid=b78607vg6qe9zvr050&axfu=https://sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v&click_id={clid}&source_id={axtsid}&pub_id_hash={axaffid}&axft=2&r=https://jorttiuyng.com/link?z=5673874&var={axaffid}&ymid={clid}
172.64.140.36 19 kB URL cdntechone.com/r.html?axcid=b11df4a5-b02c-4bff-b483-c91f3b797763&axtsid=direct-link&axaffid=82f5721cb5884d0edf7b84b3cce58475&clid=b78607vg6qe9zvr050&axfu=https://sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v&click_id={clid}&source_id={axtsid}&pub_id_hash={axaffid}&axft=2&r=https://jorttiuyng.com/link?z=5673874&var={axaffid}&ymid={clid}
IP 172.64.140.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (17871)
Hash 371d76622a7573644e9a6715843a826b
230e9cf1d67c6a50cc6f520292ad5e4ae44a5f8f
3564d5725c7689c8ad979092104fed4996834b1d8470b7d96c35c15c091035ee
GET /r.html?axcid=b11df4a5-b02c-4bff-b483-c91f3b797763&axtsid=direct-link&axaffid=82f5721cb5884d0edf7b84b3cce58475&clid=b78607vg6qe9zvr050&axfu=https://sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v&click_id={clid}&source_id={axtsid}&pub_id_hash={axaffid}&axft=2&r=https://jorttiuyng.com/link?z=5673874&var={axaffid}&ymid={clid} HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 07 Jun 2023 05:54:48 GMT
content-type: text/html
last-modified: Fri, 19 May 2023 08:43:53 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJra%2Fw8PUcLnnCoJeRylRrZ07UirA0%2B3cs84ItLU0UfoyvQ%2BzGyTrg5q7wNCQrzjfagqD47ExMsyymHVuaeLG7PH42fuZtSxKH4G6aQ2fgU2bLVe%2BPt%2BWETxqOBn1AC4qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d36a47dfe4a886d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
eu.randomosity.xyz/pb/st
38.100.129.195200 OK 34 B IP 38.100.129.195:443
Requested by https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject*.randomosity.xyz
FingerprintDC:CE:17:BE:15:10:0B:02:E2:86:94:AF:EC:09:A2:36:C7:10:7C:36
ValiditySun, 28 May 2023 23:04:51 GMT - Sat, 26 Aug 2023 23:04:50 GMT
File type ASCII text, with no line terminators
Hash 027d3b7eb224476eeeef5fb4603d52ad
d8413242296f1eee3a3c40ff6e28f2211ac778da
6f9d4356870080ec8ace58f54cc9b6d006577cf9d192f5075d715db16a3f767a
GET /pb/st HTTP/1.1
Host: eu.randomosity.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.lands.ninja/
Origin: https://6.lands.ninja
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.15.8.3
date: Wed, 07 Jun 2023 05:54:50 GMT
content-type: text/html;charset=UTF-8
content-length: 34
access-control-allow-origin: https://6.lands.ninja
access-control-allow-credentials: true
X-Firefox-Spdy: h2
eu.randomosity.xyz/pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://eu.randomosity.xyz/pb/st
38.100.129.195200 OK 0 B URL GET HTTP/2 eu.randomosity.xyz/pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://eu.randomosity.xyz/pb/st
IP 38.100.129.195:443
Requested by https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject*.randomosity.xyz
FingerprintDC:CE:17:BE:15:10:0B:02:E2:86:94:AF:EC:09:A2:36:C7:10:7C:36
ValiditySun, 28 May 2023 23:04:51 GMT - Sat, 26 Aug 2023 23:04:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://eu.randomosity.xyz/pb/st HTTP/1.1
Host: eu.randomosity.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.15.8.3
date: Wed, 07 Jun 2023 05:54:51 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2
6.lands.ninja/img/bot.png
52.3.131.13200 OK 11 kB URL GET HTTP/2 6.lands.ninja/img/bot.png
IP 52.3.131.13:443
Requested by https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Certificate IssuerLet's Encrypt
Subject1.lands.ninja
Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71
ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT
File type PNG image data, 260 x 260, 8-bit colormap, non-interlaced\012- data
Hash ca1f4de0ad1d4fad72d299a6411e6959
c9f6d409f09264a34ee8bac4265233c56c280d1a
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
GET /img/bot.png HTTP/1.1
Host: 6.lands.ninja
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6.lands.ninja/?q=feab87vg65ma63yed1&s=Unknown&var=Unknown&geo=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 17:54:24 GMT
etag: "2b23-5e69bc9d43400"
accept-ranges: bytes
content-length: 11043
content-type: image/png
date: Wed, 07 Jun 2023 05:54:50 GMT
server: Apache
X-Firefox-Spdy: h2