Report - oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020

Report Overview

Submitted URL
oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
IP
104.21.90.149
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-05 10:29:06
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
dc5k8fg5ioc8s.cloudfront.net	unknown	2021-01-11T12:54:35Z	2023-03-13T05:42:25Z	286 B	52 kB	54.230.245.26
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
d1a3jb5hjny5s4.cloudfront.net	unknown	2021-05-29T18:33:12Z	2023-03-13T08:13:50Z	842 B	37 kB	54.230.245.112
verysilenit.com	unknown	2023-01-31T04:07:28Z	2023-02-19T02:12:17Z	3.8 kB	7.8 kB	65.9.44.85
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.9 kB	93.184.220.29
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	485 B	563 B	64.233.165.157
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	703 B	442 B	216.239.34.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	55 kB	34.120.237.76
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	306 B	34 kB	142.250.74.170
cdn.oaxyteek.net	unknown	2023-01-23T17:54:50Z	2023-03-13T05:42:24Z	6.4 kB	156 kB	172.67.157.221
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.4 kB	2.9 kB	95.101.11.115
cdn.adf.ly	214923	2012-07-03T16:35:38Z	2023-03-13T05:42:25Z	788 B	12 kB	104.20.67.244
adf.ly	49660	2012-05-22T02:13:31Z	2023-03-13T05:20:32Z	360 B	2.8 kB	104.20.67.244
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	2.0 kB	19 kB	142.250.74.110
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.33.119.27
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.2 kB	8.5 kB	142.250.74.131
yneationsliee.xyz	unknown	2023-01-13T04:38:44Z	2023-03-02T04:52:12Z	1.7 kB	2.9 kB	188.114.97.1
do6256x8ae75.cloudfront.net	unknown	2023-02-05T06:59:46Z	2023-03-13T16:59:23Z	551 B	908 B	143.204.42.136
accounts.google.com	81	2016-03-20T13:44:49Z	2023-03-13T07:05:07Z	1.6 kB	5.2 kB	142.250.74.109
pogothere.xyz	unknown	2022-09-04T21:11:25Z	2023-03-13T05:42:24Z	1.6 kB	115 kB	172.64.106.19
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.161.147.150
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	1.0 kB	7.0 kB	157.240.221.35
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
oaxyteek.net	unknown	2022-07-20T11:12:31Z	2023-03-13T09:06:15Z	2.4 kB	16 kB	172.67.157.221
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	377 B	42 kB	142.250.74.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-05	medium	pogothere.xyz	Sinkholed
2023-02-05	medium	pogothere.xyz	Sinkholed
2023-02-05	medium	pogothere.xyz	Sinkholed
2023-02-05	medium	pogothere.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473	184 kB	2023-03-13	2023-03-13
Pretty URL dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 IP 54.230.245.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:29:31 Last Seen2023-03-13 17:43:29 Times Seen1 Hash c9bd7a5f3d4713d5984f2125ab4ac20b 6ea939fbc998acf8dfbdb381a0492212858f6b27 cdafc0a03afe85e0b41212c100b331c2dc58ab96174e7383e85efb387cfd1f24 Loading...

	oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020	551 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash 103e92d5ca4c353a7dcdc13362c2fe33 bbb91319966840711530f6c9efb68e279f199fe5 5a0b18bc519fbbe151ecab7b393685ee314b75379d50579bfe931d020349b2a1 Loading...

	cdn.oaxyteek.net/static/js/amvn.js	259 kB	2023-03-13	2023-03-13
Pretty URL cdn.oaxyteek.net/static/js/amvn.js IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:29:31 Last Seen2023-03-13 17:35:25 Times Seen1 Hash 76a843b334a5eabc5e6d6a256172583b 6d115c5bad55b6607d8d7cb19a637f254623d18c 4fa456fb959d2825230609965524670adb202aa45da691cdaa71254d5c7c0948 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ	105 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:23 Last Seen2023-03-13 18:12:36 Times Seen1 Hash 36f7237b6966bd934fc55b0727b99674 f2e504bca71a9016941d0e84c51feb7c892eb3e8 506cd04069d34258429642b163627a9d2e86b37d68489cda8ffbbfa943d480d9 Loading...

	oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020	143 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash e4d2d45eb91b8f26c33f3ea334ae617d 6506b7ae7ba8c41c2e0148a69098fd7333bd294a 56aaee9dedf8c077bd5c9dd25dc214f2c09e4b715f81904e7c361122c5825487 Loading...

	do6256x8ae75.cloudfront.net/hbWpYdWMOBTYTXBkDPEhVXV5rQ1dLACsaDR1XG0MuHgM9PTFcWBEmVT0/aFMXFw5lRUUBCzYSXksPNhZeXEw5EQFQXn4BEwIBZQcKCgEuBgcfBClTFgxXNRoZBAY0FEZfLG1bU0hYaF0UBAQ8GhQeT2pFDRlPakVSXURoUFAvT2pFFAQEbkFGXih9R1MVXG-xQUC9PakURG09rNFJdX3ZFSkhYaBIGDgE3UFErWGhEU11baERGX1o+HBEIDDcNRl8saUVWQ1p+AF5c	712 B	2023-03-13	2023-03-13
Pretty URL do6256x8ae75.cloudfront.net/hbWpYdWMOBTYTXBkDPEhVXV5rQ1dLACsaDR1XG0MuHgM9PTFcWBEmVT0/aFMXFw5lRUUBCzYSXksPNhZeXEw5EQFQXn4BEwIBZQcKCgEuBgcfBClTFgxXNRoZBAY0FEZfLG1bU0hYaF0UBAQ8GhQeT2pFDRlPakVSXURoUFAvT2pFFAQEbkFGXih9R1MVXG-xQUC9PakURG09rNFJdX3ZFSkhYaBIGDgE3UFErWGhEU11baERGX1o+HBEIDDcNRl8saUVWQ1p+AF5c IP 143.204.42.136 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:23 Last Seen2023-03-13 17:32:23 Times Seen1 Hash 4afe6d647e44f6b735716ead929a1558 5b80a6f6da18e059fe4eaefa6d8074efbce63834 383d2e5e90d78f60d7dcc9aa6e57fcc361a46d709ca2d57a09bac5c4919b37d2 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js	94 kB	2023-03-07	2024-04-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-23 06:14:38 Times Seen10453 Hash ddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Loading...

	cdn.oaxyteek.net/static/js/view118_bidshow.js	11 kB	2023-03-07	2023-05-14
Pretty URL cdn.oaxyteek.net/static/js/view118_bidshow.js IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen122 Hash 7bd8a9fa85fffef9db565180d148b73e 487360f168864d7b56d45ce03e8962e9eb2d6c6e 38fea38c82addf11b3a9a703649451db83bb5af7645594afe9025ae84bd70311 Loading...

	verysilenit.com/TVMxY2YsMVIOWSxuU0UTPz8MRlQLdgMlAnwyAgkEeDtbDR94IAVNBSE8RAcAPzxfF0gjNkVGVAsrfAhXfgVpITQEO1oZMn0KWiZUJRtwDTQFCnQ6MwckYFUuJhlGLB8cEmgEUhoaWilSDwIBGiUlAgQnMgsdcA4VLx1zVjAuFXQULiEVRjEIAAFnCl8GCmc5IR0BVkZUDwdkBBALB1YpNTQ4Zy8kfQZ+ITwiG2dTVQU5WgAzfzt3JlYYMFc1LCMCcwxQBTlCNj4ZPHQAIwQQeBQoOgJWKV4fYEUiIH5nAAAjBBB+C1J6AVY5CR8RVTUnBWNhOlYcC1cJSxskYAQvaGF3Ij4PF1JQHgUKd1clFxV7DTcLBl4lInk1d1BeNQkBIiIrBlUINwwdXjExGARmGV4eHklaLSwWZDc3HBkFNDEbBGNQJAp1WxAJIyMMLxc9A3ICEX8ZeRkBNw	3.0 kB	2023-03-13	2023-03-13
Pretty URL verysilenit.com/TVMxY2YsMVIOWSxuU0UTPz8MRlQLdgMlAnwyAgkEeDtbDR94IAVNBSE8RAcAPzxfF0gjNkVGVAsrfAhXfgVpITQEO1oZMn0KWiZUJRtwDTQFCnQ6MwckYFUuJhlGLB8cEmgEUhoaWilSDwIBGiUlAgQnMgsdcA4VLx1zVjAuFXQULiEVRjEIAAFnCl8GCmc5IR0BVkZUDwdkBBALB1YpNTQ4Zy8kfQZ+ITwiG2dTVQU5WgAzfzt3JlYYMFc1LCMCcwxQBTlCNj4ZPHQAIwQQeBQoOgJWKV4fYEUiIH5nAAAjBBB+C1J6AVY5CR8RVTUnBWNhOlYcC1cJSxskYAQvaGF3Ij4PF1JQHgUKd1clFxV7DTcLBl4lInk1d1BeNQkBIiIrBlUINwwdXjExGARmGV4eHklaLSwWZDc3HBkFNDEbBGNQJAp1WxAJIyMMLxc9A3ICEX8ZeRkBNw IP 65.9.44.11 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:23 Last Seen2023-03-13 17:32:23 Times Seen1 Hash 9ad34707ba21b15e28f68e666e4e86ae 895d413237b8569eec618285f1d028b195da05f1 9ded023f80789f67cb601a6a3c4c338fd28ce4f0b2746a67154994fde5334ea3 Loading...

	www.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL www.google-analytics.com/ga.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020	665 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash aa14b51e4361d4da1792ad6b290f3b5f 904ea9c2a81485ca2eae1d3497313c47f2eb4a8c c5ec1ec9adb40a3e9f8af6630eb9f3f19f7e7e9f4c23d68fb906282b4c833112 Loading...

	verysilenit.com/alVpV3gLNwo6RwtoC3ENGDlUckoscFsRHAVjW2JOEm0IMk9fewo7Fx8xDyUXBCFHOR0ecFsREAgCGQ4cPRgmFSwzATEVEy4FLD8uMgNcJSlbMSUWOxk0LQVJMhJZGg0iMiRuKD4TCgA6Lzg/A0hPZy82PicNLyBNBgc8AjopLzAEIAEmORkQMDAxEg9fEDgRKTI7XRU9HRwrDSkJHiowPR8XDjQeKBYFAz4NLTEZKgUPKxYhWhMsDR4mElg1LVo9MDY+WgArFilSEgEGHT5nGRE8ODk5NhM8BjECKgUALxYOPmcZET4rBCw1EywSMT4QUwdYGi4yEkQvKT8WUAcZAQA7EEhTJycRMg4NWg0+OT4BDhkoHC4THy9mPBE9GAIuPz0/ZFg1GS8HLg9JBXBbFTAoECATPAkbOztAGTQ8AS87ZBlySigUL2IbTD8aOBYaaCphNRk8DB8qW2cgBE46AFk	3.0 kB	2023-03-13	2023-03-13
Pretty URL verysilenit.com/alVpV3gLNwo6RwtoC3ENGDlUckoscFsRHAVjW2JOEm0IMk9fewo7Fx8xDyUXBCFHOR0ecFsREAgCGQ4cPRgmFSwzATEVEy4FLD8uMgNcJSlbMSUWOxk0LQVJMhJZGg0iMiRuKD4TCgA6Lzg/A0hPZy82PicNLyBNBgc8AjopLzAEIAEmORkQMDAxEg9fEDgRKTI7XRU9HRwrDSkJHiowPR8XDjQeKBYFAz4NLTEZKgUPKxYhWhMsDR4mElg1LVo9MDY+WgArFilSEgEGHT5nGRE8ODk5NhM8BjECKgUALxYOPmcZET4rBCw1EywSMT4QUwdYGi4yEkQvKT8WUAcZAQA7EEhTJycRMg4NWg0+OT4BDhkoHC4THy9mPBE9GAIuPz0/ZFg1GS8HLg9JBXBbFTAoECATPAkbOztAGTQ8AS87ZBlySigUL2IbTD8aOBYaaCphNRk8DB8qW2cgBE46AFk IP 65.9.44.85 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:24 Last Seen2023-03-13 17:32:24 Times Seen1 Hash 338b2619c28ea7f53472824ee397d3df f35c39d5f6b4cfb145ab9dd4c42a4b62d1ba946a c41d1c8ddd5fa6a0b0e9f4ea90646cd38c1033f3dcb5e34799efa6caa0b1538a Loading...

	www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c	231 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:24 Last Seen2023-03-13 17:32:24 Times Seen1 Hash 804e5faed61b0f5c7db7e5495aa5d4e9 e457ca8884ae68ed32a117fab8a9d66b734ced7a 2a04acf1097f5d9e3b5f1e5358917528343ab8dba7175c2d90d54de18a3aac40 Loading...

	oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020	341 B	2023-03-10	2023-05-14
Pretty URL oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:49:27 Last Seen2023-05-14 09:10:31 Times Seen85 Hash 85fc9111b0ef7e154a67d8191eeb2ab8 cc2fc4aab1abffb44c72cd144f8435ce74531659 c62af88944f869e1f462cb666048f6e430c684e1ef43882e4486b95790e8ec62 Loading...

	d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056	108 kB	2023-03-13	2023-03-13
Pretty URL d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056 IP 54.230.245.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:24 Last Seen2023-03-13 17:32:24 Times Seen1 Hash 1efe7da9a4e0048802c6ce49ed17bcb3 cd9641b8e9561d3185063645f39c4077d375cbb3 28d222ea959658b554f96546ab4b35a8b21c2f3e5f1a90b512c799ea2234050d Loading...

	oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020	596 B	2023-03-13	2023-03-13
Pretty URL oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:24 Last Seen2023-03-13 17:32:24 Times Seen1 Hash da00a83baed3ff52873763a5291d3139 757650c8c4a2058d10c54b542b19a4dc5d6cd518 ab04c03ad1e38a213b9e5fc79a6d8e957df52837db233c7d31e41f2b9c027d2d Loading...

	oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020	516 B	2023-03-13	2023-03-13
Pretty URL oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:24 Last Seen2023-03-13 17:32:24 Times Seen1 Hash 34aa9c042e11d6375a0dec9c25ab5732 e6b6b3e031be65107bbb96e9458e7126e89a85b1 06799469a133d99049ba2b981f0a3afc9590e198a304dd3bd6d787bb381b7a21 Loading...

	oaxyteek.net/js/display.js	16 kB	2023-03-07	2023-07-09
Pretty URL oaxyteek.net/js/display.js IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2023-07-09 10:24:48 Times Seen188 Hash 31c9f8c6a12dfa956f8bd76d130c7d0b cbb32bfcd93a2f76f2bc66ec651ac27824082dab 4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259 Loading...

	d1a3jb5hjny5s4.cloudfront.net/xMk13VXBRIhkzT0YkE2hHAnRHYEYUJwQ6HkJwOyQAYg4WIkJ4BQ0yChQ5DTFNAmsbNB5VcFEwHlFwRnMRVi9KYVZGPRg+TUgvFTgJSykVLB0UOBZoHV03HjkcU2hFE0UcfVJnQBo6HjsUXToEcEICIwNwQgJ8R3tAF341cEICOh47RgZoRBdVAH0PY0QXfj-VwQgI/AXBDc3xHYF4CZFJnQFUoFD4fF38xZ0ADfUdkQANoRWUWWz8SMx9KaEUTQQJ4WWVWR3BG	593 B	2023-03-13	2023-03-13
Pretty URL d1a3jb5hjny5s4.cloudfront.net/xMk13VXBRIhkzT0YkE2hHAnRHYEYUJwQ6HkJwOyQAYg4WIkJ4BQ0yChQ5DTFNAmsbNB5VcFEwHlFwRnMRVi9KYVZGPRg+TUgvFTgJSykVLB0UOBZoHV03HjkcU2hFE0UcfVJnQBo6HjsUXToEcEICIwNwQgJ8R3tAF341cEICOh47RgZoRBdVAH0PY0QXfj-VwQgI/AXBDc3xHYF4CZFJnQFUoFD4fF38xZ0ADfUdkQANoRWUWWz8SMx9KaEUTQQJ4WWVWR3BG IP 54.230.245.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:24 Last Seen2023-03-13 17:32:24 Times Seen1 Hash 1cc12c1d92d51185c55abafee450f6a4 6021d2837342ad42282db4f8c9b37442581fc145 e13fc5af5ef5db92262a9b16b7c18e39119c2b1a59cdf88a1ed9ccaa335936c2 Loading...

	oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020	1.7 kB	2023-03-13	2023-03-13
Pretty URL oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:32:24 Last Seen2023-03-13 17:32:24 Times Seen1 Hash 347ff4d7c481dd67579b3ac9abfa639e 53dc880aa9cb670b67bc15afac0b13d884b60ba7 a6b797af668a0086ac2d7c98a0e92617819a3661372735ec40d5cfc99f6b0382 Loading...

	cdn.oaxyteek.net/static/js/main.js?v=2022052901	2.0 kB	2023-03-07	2023-05-14
Pretty URL cdn.oaxyteek.net/static/js/main.js?v=2022052901 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen104 Hash 9dccb8ccd8da2bae23d4a71b2f3d884b e375888187278462254e305c498959eb2745c49e 29d8741f9be753192c4ad99e21b22089a10952a10c2092dcfa1532edf58c3f68 Loading...

	oaxyteek.net/funcript1675592976022.php?pub=77879&v=NozjgI3kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc03Z9mGEZxuYlz2IV1oMATCcM5uMUTzgL2hMxTGUb5pNpT3NblNMJTiIOziZQTnIb2lNdWWYY5yZVG2Mc11IJny0e3=	0 B	2023-03-07	2024-04-23
Pretty URL oaxyteek.net/funcript1675592976022.php?pub=77879&v=NozjgI3kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc03Z9mGEZxuYlz2IV1oMATCcM5uMUTzgL2hMxTGUb5pNpT3NblNMJTiIOziZQTnIb2lNdWWYY5yZVG2Mc11IJny0e3= IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 09:45:25 Times Seen37018388 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - c5639dd33c003902bcb9563f1e09337d	82 B	2023-03-07	2023-05-14
Pretty Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen67 Hash c5639dd33c003902bcb9563f1e09337d 3d8a9f2173ae1e9e9cd21be7eb9cd6999befb486 ede59fa13aaed1cae74b3d5451084369b1c25b6fbc3c2b467f7ed1bbd2ad8206 Loading...

	#2 Write - 022b385c1bf5cac50663059a0b87bebb	4.4 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:32:24 Last Seen2023-03-13 17:32:24 Times Seen1 Hash 022b385c1bf5cac50663059a0b87bebb 8da354b38b62ac312d6560d5e24725918148faa7 6e2fcc4f4c62cb1a295e9119fc5cda753e36cc69edd377d49f935f9e20e0493e Loading...

HTTP Transactions (88)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13103
Expires: Sun, 05 Feb 2023 14:07:18 GMT
Date: Sun, 05 Feb 2023 10:28:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16319
Expires: Sun, 05 Feb 2023 15:00:54 GMT
Date: Sun, 05 Feb 2023 10:28:55 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 09:36:17 GMT
content-type: application/json
age: 3158
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4507
Expires: Sun, 05 Feb 2023 11:44:02 GMT
Date: Sun, 05 Feb 2023 10:28:55 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: hXLMflYfBlyJdteg7zOLJeHGJFH/XX7whBTeqc0Yu6PtkAtvs9L+zyE5fYHnt+TfvV0c8MN77u0=
x-amz-request-id: Q47HYNW64EJ7CNQW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 10:24:26 GMT
age: 269
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020

172.67.157.221

200 OK

5.7 kB

URL HTTP/1.1
oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (552), with CRLF, LF line terminators
Size
5.7 kB (5686 bytes)
Hash
fef3e2a0fb47776ded545e823c45f896
02cb3cd048b0a7bfa950d96d8bdd9b55d23eb19a
3f0dd21bf69752d27ca1a98072aec781edb70f9d2062d732d6605ea4b63f46b4

HTTP Headers

GET /-1JLQC/42Iz?rndad=579728665-1675592020 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=middsp47s29dqknvlq6v06ht6b; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Mon, 06-Feb-2023 10:28:55 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Mon, 06-Feb-2023 10:28:55 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp3=1532635802; expires=Mon, 06-Feb-2023 10:28:55 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 05 Feb 2023 10:28:55 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BxIJcWib3iZkyObIxzouTxAyHpZ8JrPqYitIyU1ThEFF4bhKuNR8E%2BZ9vE6jFZbxU7f9WRFUcRfr17IlLvthBFYDCo6%2BgdDe5FccwXRe%2FBTKO5Azln7qGOVJtGQRzw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af646ce550afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:28:55 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

142.250.74.170

200 OK

33 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
33 kB (33333 bytes)
Hash
18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0

HTTP Headers

GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 08:57:41 GMT
Expires: Fri, 02 Feb 2024 08:57:41 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 264674
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8

cdn.oaxyteek.net/static/js/amvn.js

172.67.157.221

200 OK

84 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/js/amvn.js
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (15948)
Size
84 kB (84293 bytes)
Hash
4fffba04ce6ff6eb2b958f288493b5d3
fa55371d0e5496c2a814ef51e73462b2ef11387d
ba07392e24680b0f68a5a77a6360128d767d48ef5ef2aa35468767a228fc719b

HTTP Headers

GET /static/js/amvn.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:55 GMT
Content-Type: application/x-javascript
Content-Length: 84293
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:12 GMT
last-modified: Sun, 05 Feb 2023 00:20:02 GMT
etag: "3f2ab-63def632-3a8d07bd3ec0da7d;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba0HRpugm4%2BYi2IHOMh%2BZwfeyW%2FwZWdW8HmOLSPIXEmxKs6UfZK0SvxfD0bNwpXYB1JG7T5hxi6Op1%2BpIoW%2FcZ9xSKphgH2lk4FtCzbXl8V5SKgvYSJ2SUrv4w6Hcktf7Ve%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af649aaca1c0e-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/css/adfly_7.css

172.67.157.221

200 OK

875 B

URL HTTP/1.1
cdn.oaxyteek.net/static/css/adfly_7.css
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2735), with no line terminators
Size
875 B (875 bytes)
Hash
f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a

HTTP Headers

GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:55 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-a94c583d5cffa0cf;gz"
expires: Sun, 12 Feb 2023 10:02:12 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPZSyfxxST6zP3C0cc7%2F%2FAFBXa1ccIA39rCeQ2uMbX4X5wtgKojsfAg3W1hV2EeQncKu00X42ESUzoiA0BrNHT3%2FP%2BN16WTsECHHgNYfT9%2BMhtRxjNs%2FuKJQw52WiGGFLWTh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af649aa5d1bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/js/view118_bidshow.js

172.67.157.221

200 OK

4.0 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/js/view118_bidshow.js
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10991), with no line terminators
Size
4.0 kB (4024 bytes)
Hash
966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9

HTTP Headers

GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:55 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-3bacd69da000f03;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAcX%2F9ElpEcIPKQxUdxjac5fyLfEm4T%2FLKsz24lbVx8Z0A1ZijD9IvZUc8Q%2BKOoHYGNB9ByGb4d6IUgwIEJOrubpGIHrq7JRkIbz6tvyEkzCzGg51E28hpD8K2f9li0tByoV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af649ab78b4f3-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.oaxyteek.net/static/js/main.js?v=2022052901

172.67.157.221

200 OK

705 B

URL HTTP/1.1
cdn.oaxyteek.net/static/js/main.js?v=2022052901
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
705 B (705 bytes)
Hash
5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d

HTTP Headers

GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:28:56 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-5a0b6a8c1f70ff01;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iB8wNaj1Nt1bbZBjAwj0rk%2F0DMi2lAnf3XuBz3Ydh4950IY84M0SHjtFvuviwin%2FU5g68eN5dmOG6F71PMNF6R3ozfGM35njGltTVLiCAMegcFh9ceBT%2F%2FypFNIcJlyK6q1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af649ad4d1c02-OSL
alt-svc: h2=":443"; ma=60

d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056

54.230.245.112

200 OK

36 kB

URL HTTP/1.1
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP
54.230.245.112:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (15481)
Size
36 kB (36015 bytes)
Hash
5838e65c8018a9bdd42293f159c25c06
c0ebf62942d32236077cf1a34796c1174ee2eb6a
9301aed065e0b501178b8618c587c8594e22ee83b9f69f54be12f373eab2b51d

HTTP Headers

GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Content-Length: 36015
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QrIElT1kT---eRx1okFsivTsDlYtM1OmrwACt7E_LhXgJFx7rBpd1A==

cdn.oaxyteek.net/static/image/ahl6532.gif

172.67.157.221

200 OK

3.2 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/ahl6532.gif
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 166 x 58\012- data
Size
3.2 kB (3229 bytes)
Hash
48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15

HTTP Headers

GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FAsnhUe8PVTu8vmz31cX4r6Oe87qC%2FM6d2QI3vWBG3aBdsLjlbrYq1TY0BbwzSuZW8h5cnaB3LhJpL7m6xFTtNq2mf3SCfFetZHZ2sldO0oLaHSytoffKGTJxn4pVZEQAC4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abb0d1bfe-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/spinner.gif

172.67.157.221

200 OK

36 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/spinner.gif
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 39 x 39\012- data
Size
36 kB (35453 bytes)
Hash
2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157

HTTP Headers

GET /static/image/spinner.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-3361a662be6e6961;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAua%2F3reUjFbeNETP%2FFBp2ABrkhfw5Ag1qJ9WTMwNt6y4HqDzDzqTV1Pvt99vC2jN%2FfKppKnYUEiW2tBq%2FTxqfjDbQ17rhDDra9EEnlTewZ%2Bj%2BdwGEauYAqmK%2BQxCHv0jNhi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abbb01c0e-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/logo_fb2.png

172.67.157.221

200 OK

6.3 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/logo_fb2.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Size
6.3 kB (6283 bytes)
Hash
84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3

HTTP Headers

GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-48354ceeda0c07b3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HmBnupofi218Tz5CiRvs12aV2OnLs6MyBy6B%2Bi1Faen%2BGFqlKiOMuf6dDu7p2%2Bf713hWGJ9j5edBYThaPDk4X4LQI8q4NY%2BuLp9xt2bnkVh9Qbec9tNn4952zW%2FNh9thXhn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abe4b1c02-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/skip_ad/en_tran.png

172.67.157.221

200 OK

5.1 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/skip_ad/en_tran.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5076 bytes)
Hash
a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29

HTTP Headers

GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:14 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-d082b40bd28384ce;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNoGXWTqHfwZ%2Bn2goEklYWyI1tH9jsaQadaYHLF7KbW79EBBb4CeQr54EfImkHBgljM3OHjCyqUA9u4f5Hfl8mR3BnbrMN5v4LJVhk1yjC3dCxa9PPOv%2FEOCKftJBqu0KMRr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abda8b4eb-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/delete2.png

172.67.157.221

200 OK

577 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/delete2.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
577 B (577 bytes)
Hash
3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43

HTTP Headers

GET /static/image/delete2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWNSfUjHPFvKbFeDSODCd9HTJiHzaX2UDAMczFmOE63hWXrBX6DxpknEWuCWC6dnM8GX8QVo2EqNiqyTbHGuoXP%2BtHysJwOwuvf7IfpbAkrPj6XivZs0xwwFPlZCSLlacuh%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64abcf5b4f3-OSL
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ

142.250.74.40

200 OK

41 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
41 kB (40888 bytes)
Hash
e36c8016d8dbb7af8d0881e48029eac5
9d47bf505e9ced6f3f5de71b5156581a85db0907
10ad89884a1bf0a39ca2e8ba3a094c082ff2357112a7eddf7e5af8740d3d10de

HTTP Headers

GET /gtm.js?id=GTM-5NL9VFJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 10:28:56 GMT
expires: Sun, 05 Feb 2023 10:28:56 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40888
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

oaxyteek.net/js/display.js

172.67.157.221

200 OK

5.8 kB

URL HTTP/1.1
oaxyteek.net/js/display.js
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15999)
Size
5.8 kB (5775 bytes)
Hash
e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27

HTTP Headers

GET /js/display.js HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: FLYSESSID=middsp47s29dqknvlq6v06ht6b; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:11 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1605
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmBZFldme4h%2B%2BmlVWXpB8i%2BIEqOmnNXQ9zTa0KNunAuCD88WIvsBGjCpIvfVOnLo3Cd0CLP3rtxRgnARqEK%2FRg8vsAm2tdoHRxdiz9yrbLtBHtn6%2BpkifhDbegBBJdc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af64b19f70afe-OSL
alt-svc: h2=":443"; ma=60

yneationsliee.xyz/popunder.gif

188.114.97.1

301 Moved Permanently

0 B

URL HTTP/1.1
yneationsliee.xyz/popunder.gif
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 10:28:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 11:28:56 GMT
Location: https://yneationsliee.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qniisJgmfTePAswKIEhYr2koU9l9J4LXnwmTdO6l9ltwN68o018BDZvevKJR7Su5cRn7vSc2KlB1GTYLWY7Jn67gtAkajY1ARB58OJweiQmHd9U06I1KgPZXk7nH29lCn8bw%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64b4dcab4f3-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/s/gts1p5/hFuUg_rClRM

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21

HTTP Headers

POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.oaxyteek.net/static/image/d_top_bg.png

172.67.157.221

200 OK

156 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/d_top_bg.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
156 B (156 bytes)
Hash
106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

HTTP Headers

GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-4968c22d9bbfac4c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1603
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ob6ZDVbE3awaYOi%2FQl6XgSVGjjhuWZU8CohYRgWG6MUtX9NPMxwOctODkuhmfH4zrorlx%2Fu1pC95PXIfc%2BexhKQTQA6iAzC5DBUwHK7hRHr6kN3egHQ0umcPdghlP88VB2Jw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64bcc8f1c0e-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/d_bottom_bg2.png

172.67.157.221

200 OK

2.8 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/d_bottom_bg2.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Size
2.8 kB (2829 bytes)
Hash
765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a

HTTP Headers

GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-e40381177193f2ef;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiVzg6b%2F8tlQRqz849iUOqmW%2Bxr1xK1UZWLshof1Om7awc%2FKS%2Bl5zXMk%2FgRUHMtrNlvV3TUX0SYvojh9dwnRdzvtV%2FC4ddLgiif6ZoDeS2gR0ksgajitTmtgIjf1Rjff52hU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64bdca11c0e-OSL
alt-svc: h2=":443"; ma=60

yneationsliee.xyz/ZFRlcDBLawYDDQUDLzZ+M203JV41GTImRDMwEiJpMRIVQ3EIM0MEWQBpUkAJVGFTVkANMFhCCUInERFEESdYQRYNOgMfDUIiWEEeVHpTQB5VchBNAUIgFRFXWWVDAEQQOFhBBlNhUEkCXWNQSQlS

188.114.97.1

204 No Content

0 B

URL HTTP/2
yneationsliee.xyz/ZFRlcDBLawYDDQUDLzZ+M203JV41GTImRDMwEiJpMRIVQ3EIM0MEWQBpUkAJVGFTVkANMFhCCUInERFEESdYQRYNOgMfDUIiWEEeVHpTQB5VchBNAUIgFRFXWWVDAEQQOFhBBlNhUEkCXWNQSQlS
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ZFRlcDBLawYDDQUDLzZ+M203JV41GTImRDMwEiJpMRIVQ3EIM0MEWQBpUkAJVGFTVkANMFhCCUInERFEESdYQRYNOgMfDUIiWEEeVHpTQB5VchBNAUIgFRFXWWVDAEQQOFhBBlNhUEkCXWNQSQlS HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98moxzrcThgQv5muMChyUS0p2wzY0BtqefXECtmgxM6F6rvDy5Xkg8q720YfHSGK2w%2BzxfwEjaPHjEx4Fq8knBidOoWYk3Rd33ago5XE7EHA2AIq0gV4Sy%2BscA3aJxeWmkntWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64b8dd20afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/hFuUg_rClRM

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21

HTTP Headers

POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

verysilenit.com/alVpV3gLNwo6RwtoC3ENGDlUckoscFsRHAVjW2JOEm0IMk9fewo7Fx8xDyUXBCFHOR0ecFsREAgCGQ4cPRgmFSwzATEVEy4FLD8uMgNcJSlbMSUWOxk0LQVJMhJZGg0iMiRuKD4TCgA6Lzg/A0hPZy82PicNLyBNBgc8AjopLzAEIAEmORkQMDAxEg9fEDgRKTI7XRU9HRwrDSkJHiowPR8XDjQeKBYFAz4NLTEZKgUPKxYhWhMsDR4mElg1LVo9MDY+WgArFilSEgEGHT5nGRE8ODk5NhM8BjECKgUALxYOPmcZET4rBCw1EywSMT4QUwdYGi4yEkQvKT8WUAcZAQA7EEhTJycRMg4NWg0+OT4BDhkoHC4THy9mPBE9GAIuPz0/ZFg1GS8HLg9JBXBbFTAoECATPAkbOztAGTQ8AS87ZBlySigUL2IbTD8aOBYaaCphNRk8DB8qW2cgBE46AFk

65.9.44.85

200 OK

1.2 kB

URL HTTP/1.1
verysilenit.com/alVpV3gLNwo6RwtoC3ENGDlUckoscFsRHAVjW2JOEm0IMk9fewo7Fx8xDyUXBCFHOR0ecFsREAgCGQ4cPRgmFSwzATEVEy4FLD8uMgNcJSlbMSUWOxk0LQVJMhJZGg0iMiRuKD4TCgA6Lzg/A0hPZy82PicNLyBNBgc8AjopLzAEIAEmORkQMDAxEg9fEDgRKTI7XRU9HRwrDSkJHiowPR8XDjQeKBYFAz4NLTEZKgUPKxYhWhMsDR4mElg1LVo9MDY+WgArFilSEgEGHT5nGRE8ODk5NhM8BjECKgUALxYOPmcZET4rBCw1EywSMT4QUwdYGi4yEkQvKT8WUAcZAQA7EEhTJycRMg4NWg0+OT4BDhkoHC4THy9mPBE9GAIuPz0/ZFg1GS8HLg9JBXBbFTAoECATPAkbOztAGTQ8AS87ZBlySigUL2IbTD8aOBYaaCphNRk8DB8qW2cgBE46AFk
IP
65.9.44.85:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Size
1.2 kB (1197 bytes)
Hash
dd46e50129fba8e7c560abf68ede4bec
3b83933bc9b357d9ed8c23a998101c16a7f99c57
70fd9f4d80bc8ad24a86ad293941b32bd6aab847284f85adfe18727426006735

HTTP Headers

GET /alVpV3gLNwo6RwtoC3ENGDlUckoscFsRHAVjW2JOEm0IMk9fewo7Fx8xDyUXBCFHOR0ecFsREAgCGQ4cPRgmFSwzATEVEy4FLD8uMgNcJSlbMSUWOxk0LQVJMhJZGg0iMiRuKD4TCgA6Lzg/A0hPZy82PicNLyBNBgc8AjopLzAEIAEmORkQMDAxEg9fEDgRKTI7XRU9HRwrDSkJHiowPR8XDjQeKBYFAz4NLTEZKgUPKxYhWhMsDR4mElg1LVo9MDY+WgArFilSEgEGHT5nGRE8ODk5NhM8BjECKgUALxYOPmcZET4rBCw1EywSMT4QUwdYGi4yEkQvKT8WUAcZAQA7EEhTJycRMg4NWg0+OT4BDhkoHC4THy9mPBE9GAIuPz0/ZFg1GS8HLg9JBXBbFTAoECATPAkbOztAGTQ8AS87ZBlySigUL2IbTD8aOBYaaCphNRk8DB8qW2cgBE46AFk HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1197
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 7f7d86a250c539fe4431535882cf4e4e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: kBNd-kW5q8_h8gZOBtbZYwY7mWeTqPM3R-xjcyta9y9ZhjvUnOf2PA==

yneationsliee.xyz/popunder.gif

188.114.97.1

200 OK

380 B

URL HTTP/2
yneationsliee.xyz/popunder.gif
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
380 B (380 bytes)
Hash
33e405a5c41d430df6e6de708b489a3e
9910db819e80641ff508559c92b09a3def53b3c7
c2bb4ffc70fec095af17ce5c17a881b0a4dfcf574b69233618462562be72cb79

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 46780
last-modified: Sat, 04 Feb 2023 21:29:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHC8iOd5hgzA%2B2AQowUxNXnkP%2Be1Ak%2FzpfT0%2FYbeHuHSQzEjDV7mwoTMhvCU0Z5IZ0ogh9lOxPzFRhKYFDNWFfbblImtkdbUqsRrE3mBIHs5AMlU9i3hnJ3toJ%2BUpS0RVKuT6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af64c0e2a0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
7df4a9b8a8a54916b1ee5c697706ab93
08d87799f1e91b2e0c72f5fbca75ef5b7f79e97b
af104ae974297c4c0eefe2c9c16a2b2ab17c2950b972c98bb94a3df625dccd9a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF104AE974297C4C0EEFE2C9C16A2B2AB17C2950B972C98BB94A3DF625DCCD9A"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Sun, 05 Feb 2023 14:53:54 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
7df4a9b8a8a54916b1ee5c697706ab93
08d87799f1e91b2e0c72f5fbca75ef5b7f79e97b
af104ae974297c4c0eefe2c9c16a2b2ab17c2950b972c98bb94a3df625dccd9a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF104AE974297C4C0EEFE2C9C16A2B2AB17C2950B972C98BB94A3DF625DCCD9A"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Sun, 05 Feb 2023 14:53:54 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive

cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1

172.67.157.221

200 OK

156 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
156 B (156 bytes)
Hash
106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

HTTP Headers

GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:28:56 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-95f251b8bd8ef212;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeHBZVlDvzQ%2FtuKcYhvcWeFMqjcxkSsM7LosA%2BbEYwKSjSvLZT8hER4wynjp9%2FTwYdJTEDiWNlx7pU5mw%2FeP83kiR%2B2QDoQV8Hy5LC579HasmZlll96lvtZ3KsQD5LLNEXrU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64acdefb4f4-OSL
alt-svc: h2=":443"; ma=60

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
7df4a9b8a8a54916b1ee5c697706ab93
08d87799f1e91b2e0c72f5fbca75ef5b7f79e97b
af104ae974297c4c0eefe2c9c16a2b2ab17c2950b972c98bb94a3df625dccd9a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF104AE974297C4C0EEFE2C9C16A2B2AB17C2950B972C98BB94A3DF625DCCD9A"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Sun, 05 Feb 2023 14:53:54 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive

verysilenit.com/utx?cb=lnHtvvw1gLgI&top=oaxyteek.net&tid=604364

65.9.44.85

204 No Content

0 B

URL HTTP/2
verysilenit.com/utx?cb=lnHtvvw1gLgI&top=oaxyteek.net&tid=604364
IP
65.9.44.85:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=lnHtvvw1gLgI&top=oaxyteek.net&tid=604364 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 10:29:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: addXj14mOvcCuRqsdqZKI15b0VCYeOLT30FwFhWvzkWHYJy63WLFgQ==
X-Firefox-Spdy: h2

oaxyteek.net/2market_bidshow.php?user_id=77879&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww77.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D77879%26pci%3D3111797%26t%3D1675592935%26dest%3Dhttp%253A%252F%252Fwww.google.com&url_id=3111797&t=8cc8917c8a5566e1731e423feca34bd5&w=7cdaf108c4108200f643acfbfb1e7de5

172.67.157.221

200 OK

82 B

URL HTTP/1.1
oaxyteek.net/2market_bidshow.php?user_id=77879&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww77.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D77879%26pci%3D3111797%26t%3D1675592935%26dest%3Dhttp%253A%252F%252Fwww.google.com&url_id=3111797&t=8cc8917c8a5566e1731e423feca34bd5&w=7cdaf108c4108200f643acfbfb1e7de5
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
82 B (82 bytes)
Hash
d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c

HTTP Headers

GET /2market_bidshow.php?user_id=77879&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fwww77.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D77879%26pci%3D3111797%26t%3D1675592935%26dest%3Dhttp%253A%252F%252Fwww.google.com&url_id=3111797&t=8cc8917c8a5566e1731e423feca34bd5&w=7cdaf108c4108200f643acfbfb1e7de5 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: FLYSESSID=middsp47s29dqknvlq6v06ht6b; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXQZ8T9niMmMra5aFmABXZba4zKr66beMmSlEqTmqNLPmm7d4u9VEEaGWF%2FD77QMvBxrsngG9q2ATnFDnwkILcfSazU4pADBb3568dzw31%2F1TTvNwF0guWT%2BHYiZVeE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 794af64b8a610afe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

verysilenit.com/utx?cb=jFUGStF4snQw&top=oaxyteek.net&tid=709056

65.9.44.85

204 No Content

0 B

URL HTTP/2
verysilenit.com/utx?cb=jFUGStF4snQw&top=oaxyteek.net&tid=709056
IP
65.9.44.85:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=jFUGStF4snQw&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 10:29:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: vqbfN0F-m6iSrcTkbmOfa1VX8jidFLC0lv3jajv66i9GKbmZqU9Hmw==
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 10:07:20 GMT
age: 1296
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ba089de09b6322a93026f30cc52007ae
ef94a35787b5f8056d9efc71e9d78a916a2cc717
cbc7d42a2075bc5ec876b265d36b77e5eb59796b93f2b91a8a4c504c64df5aff

HTTP Headers

POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

verysilenit.com/TVMxY2YsMVIOWSxuU0UTPz8MRlQLdgMlAnwyAgkEeDtbDR94IAVNBSE8RAcAPzxfF0gjNkVGVAsrfAhXfgVpITQEO1oZMn0KWiZUJRtwDTQFCnQ6MwckYFUuJhlGLB8cEmgEUhoaWilSDwIBGiUlAgQnMgsdcA4VLx1zVjAuFXQULiEVRjEIAAFnCl8GCmc5IR0BVkZUDwdkBBALB1YpNTQ4Zy8kfQZ+ITwiG2dTVQU5WgAzfzt3JlYYMFc1LCMCcwxQBTlCNj4ZPHQAIwQQeBQoOgJWKV4fYEUiIH5nAAAjBBB+C1J6AVY5CR8RVTUnBWNhOlYcC1cJSxskYAQvaGF3Ij4PF1JQHgUKd1clFxV7DTcLBl4lInk1d1BeNQkBIiIrBlUINwwdXjExGARmGV4eHklaLSwWZDc3HBkFNDEbBGNQJAp1WxAJIyMMLxc9A3ICEX8ZeRkBNw

65.9.44.11

200 OK

1.2 kB

URL HTTP/1.1
verysilenit.com/TVMxY2YsMVIOWSxuU0UTPz8MRlQLdgMlAnwyAgkEeDtbDR94IAVNBSE8RAcAPzxfF0gjNkVGVAsrfAhXfgVpITQEO1oZMn0KWiZUJRtwDTQFCnQ6MwckYFUuJhlGLB8cEmgEUhoaWilSDwIBGiUlAgQnMgsdcA4VLx1zVjAuFXQULiEVRjEIAAFnCl8GCmc5IR0BVkZUDwdkBBALB1YpNTQ4Zy8kfQZ+ITwiG2dTVQU5WgAzfzt3JlYYMFc1LCMCcwxQBTlCNj4ZPHQAIwQQeBQoOgJWKV4fYEUiIH5nAAAjBBB+C1J6AVY5CR8RVTUnBWNhOlYcC1cJSxskYAQvaGF3Ij4PF1JQHgUKd1clFxV7DTcLBl4lInk1d1BeNQkBIiIrBlUINwwdXjExGARmGV4eHklaLSwWZDc3HBkFNDEbBGNQJAp1WxAJIyMMLxc9A3ICEX8ZeRkBNw
IP
65.9.44.11:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3044), with no line terminators
Size
1.2 kB (1196 bytes)
Hash
df85743e2369ec369ee03d734f836535
83062eec4e22d2f34dc9f71dcf5e82b7bf1e3b0b
5ba2158632dfa7fdda25ff2cb280e558c70dc4cbdb89ee034b0f4679b89422c1

HTTP Headers

GET /TVMxY2YsMVIOWSxuU0UTPz8MRlQLdgMlAnwyAgkEeDtbDR94IAVNBSE8RAcAPzxfF0gjNkVGVAsrfAhXfgVpITQEO1oZMn0KWiZUJRtwDTQFCnQ6MwckYFUuJhlGLB8cEmgEUhoaWilSDwIBGiUlAgQnMgsdcA4VLx1zVjAuFXQULiEVRjEIAAFnCl8GCmc5IR0BVkZUDwdkBBALB1YpNTQ4Zy8kfQZ+ITwiG2dTVQU5WgAzfzt3JlYYMFc1LCMCcwxQBTlCNj4ZPHQAIwQQeBQoOgJWKV4fYEUiIH5nAAAjBBB+C1J6AVY5CR8RVTUnBWNhOlYcC1cJSxskYAQvaGF3Ij4PF1JQHgUKd1clFxV7DTcLBl4lInk1d1BeNQkBIiIrBlUINwwdXjExGARmGV4eHklaLSwWZDc3HBkFNDEbBGNQJAp1WxAJIyMMLxc9A3ICEX8ZeRkBNw HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1196
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 f13ebb34b9ca74b5ffe9e85709c21a7c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN54-C1
X-Amz-Cf-Id: rVohsuUXWocOcZaybGyXsbyBXVSXNUtUdNXAz-uKnd2mqBI_r3e5WA==

yneationsliee.xyz/WURZdkN2ezoFfg8oEwURNSwwLwULMzgbDSgSASA3OykPFyAOfH8CKj15b0Z3anJtUDMwIGRHZSowOAI2KnloUCo3IjZLZS95aFhwbWpqR21rYixLcn8wKRckZHV/BjctKGRHdW5xbE9xYHNvRndq

188.114.97.1

204 No Content

0 B

URL HTTP/2
yneationsliee.xyz/WURZdkN2ezoFfg8oEwURNSwwLwULMzgbDSgSASA3OykPFyAOfH8CKj15b0Z3anJtUDMwIGRHZSowOAI2KnloUCo3IjZLZS95aFhwbWpqR21rYixLcn8wKRckZHV/BjctKGRHdW5xbE9xYHNvRndq
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WURZdkN2ezoFfg8oEwURNSwwLwULMzgbDSgSASA3OykPFyAOfH8CKj15b0Z3anJtUDMwIGRHZSowOAI2KnloUCo3IjZLZS95aFhwbWpqR21rYixLcn8wKRckZHV/BjctKGRHdW5xbE9xYHNvRndq HTTP/1.1
Host: yneationsliee.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8UzCI%2BwtK%2B1heTbTB9l1hLrM%2Ftjrd53VpZmu3NjZP%2Fe%2BHJQIO7UqahoHppkcYTQsq37PCm13UFbgi21Yd3UHTYRFDXOTFQnr9xsAKhrMfQSfqd5hneny49mJHQhpyiXB%2FDZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64c6e6b0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
7df4a9b8a8a54916b1ee5c697706ab93
08d87799f1e91b2e0c72f5fbca75ef5b7f79e97b
af104ae974297c4c0eefe2c9c16a2b2ab17c2950b972c98bb94a3df625dccd9a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AF104AE974297C4C0EEFE2C9C16A2B2AB17C2950B972C98BB94A3DF625DCCD9A"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15898
Expires: Sun, 05 Feb 2023 14:53:54 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/hFuUg_rClRM

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/hFuUg_rClRM
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f5b4aa23f5d2b30a7f2eb1bd8d12126a
837d09bac35b94e04cf42c011463de90dff16ccd
4e0338b1106c771eb1b32924acea2fa6d42bcb64871e749e39d6223e00a84d21

HTTP Headers

POST /s/gts1p5/hFuUg_rClRM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6977
Expires: Sun, 05 Feb 2023 12:25:13 GMT
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive

do6256x8ae75.cloudfront.net/hbWpYdWMOBTYTXBkDPEhVXV5rQ1dLACsaDR1XG0MuHgM9PTFcWBEmVT0/aFMXFw5lRUUBCzYSXksPNhZeXEw5EQFQXn4BEwIBZQcKCgEuBgcfBClTFgxXNRoZBAY0FEZfLG1bU0hYaF0UBAQ8GhQeT2pFDRlPakVSXURoUFAvT2pFFAQEbkFGXih9R1MVXG-xQUC9PakURG09rNFJdX3ZFSkhYaBIGDgE3UFErWGhEU11baERGX1o+HBEIDDcNRl8saUVWQ1p+AF5c

143.204.42.136

200 OK

523 B

URL HTTP/1.1
do6256x8ae75.cloudfront.net/hbWpYdWMOBTYTXBkDPEhVXV5rQ1dLACsaDR1XG0MuHgM9PTFcWBEmVT0/aFMXFw5lRUUBCzYSXksPNhZeXEw5EQFQXn4BEwIBZQcKCgEuBgcfBClTFgxXNRoZBAY0FEZfLG1bU0hYaF0UBAQ8GhQeT2pFDRlPakVSXURoUFAvT2pFFAQEbkFGXih9R1MVXG-xQUC9PakURG09rNFJdX3ZFSkhYaBIGDgE3UFErWGhEU11baERGX1o+HBEIDDcNRl8saUVWQ1p+AF5c
IP
143.204.42.136:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (712), with no line terminators
Size
523 B (523 bytes)
Hash
d187cfe87e46f82f108eb67f3a83d051
d92cab2ea418e69dbaf27205b41f8cf00b976d3f
988f82afbe0484e3a37ac931aa3b55e0e7c96e779ba4f99f78d469cd44b20892

HTTP Headers

GET /hbWpYdWMOBTYTXBkDPEhVXV5rQ1dLACsaDR1XG0MuHgM9PTFcWBEmVT0/aFMXFw5lRUUBCzYSXksPNhZeXEw5EQFQXn4BEwIBZQcKCgEuBgcfBClTFgxXNRoZBAY0FEZfLG1bU0hYaF0UBAQ8GhQeT2pFDRlPakVSXURoUFAvT2pFFAQEbkFGXih9R1MVXG-xQUC9PakURG09rNFJdX3ZFSkhYaBIGDgE3UFErWGhEU11baERGX1o+HBEIDDcNRl8saUVWQ1p+AF5c HTTP/1.1
Host: do6256x8ae75.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verysilenit.com/

HTTP/1.1 200 OK
Content-Length: 523
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6lNiD0waYshJE43zBsXeXpGrlkHwTnUnFLbHLIHvYFf8dohx37cqsA==

adf.ly/static/other/main.html

104.20.67.244

200 OK

2.4 kB

URL HTTP/1.1
adf.ly/static/other/main.html
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Size
2.4 kB (2397 bytes)
Hash
b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e

HTTP Headers

GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-8936a98b6e2a0431;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794af64d18dab4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.oaxyteek.net/static/image/favicon.ico

172.67.157.221

200 OK

766 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/favicon.ico
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
766 B (766 bytes)
Hash
1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a

HTTP Headers

GET /static/image/favicon.ico HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1675592976.1.0.1675592976.0.0.0; _ga=GA1.1.1322740405.1675592976

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 10:02:14 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1602
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmdqOPKXMNc2TQmbJaIhoogNtYsF%2BTccHNoGuAoKgDiCfL51lQubOD%2BeilhlM6MbhB80adEidq10TkUQP6BpwoRczGGHVnbFP%2B%2FKFCVSdJ9iFcSxb6dA5StODO0wB0wNQiPy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64df9221c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.google-analytics.com/ga.js

142.250.74.110

200 OK

17 kB

URL HTTP/1.1
www.google-analytics.com/ga.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 05 Feb 2023 09:08:15 GMT
Expires: Sun, 05 Feb 2023 11:08:15 GMT
Cache-Control: public, max-age=7200
Age: 4841
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript

d1a3jb5hjny5s4.cloudfront.net/xMk13VXBRIhkzT0YkE2hHAnRHYEYUJwQ6HkJwOyQAYg4WIkJ4BQ0yChQ5DTFNAmsbNB5VcFEwHlFwRnMRVi9KYVZGPRg+TUgvFTgJSykVLB0UOBZoHV03HjkcU2hFE0UcfVJnQBo6HjsUXToEcEICIwNwQgJ8R3tAF341cEICOh47RgZoRBdVAH0PY0QXfj-VwQgI/AXBDc3xHYF4CZFJnQFUoFD4fF38xZ0ADfUdkQANoRWUWWz8SMx9KaEUTQQJ4WWVWR3BG

54.230.245.112

200 OK

444 B

URL HTTP/1.1
d1a3jb5hjny5s4.cloudfront.net/xMk13VXBRIhkzT0YkE2hHAnRHYEYUJwQ6HkJwOyQAYg4WIkJ4BQ0yChQ5DTFNAmsbNB5VcFEwHlFwRnMRVi9KYVZGPRg+TUgvFTgJSykVLB0UOBZoHV03HjkcU2hFE0UcfVJnQBo6HjsUXToEcEICIwNwQgJ8R3tAF341cEICOh47RgZoRBdVAH0PY0QXfj-VwQgI/AXBDc3xHYF4CZFJnQFUoFD4fF38xZ0ADfUdkQANoRWUWWz8SMx9KaEUTQQJ4WWVWR3BG
IP
54.230.245.112:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (593), with no line terminators
Size
444 B (444 bytes)
Hash
1940296ed4e3e1c211a879b31296b3fc
a345b6475bd21bdd84a81fea91d1f3a1390d1d7a
87d8e5e8e1fd4f40d65eff1cc313c6d084e3f3e7522c5324b74e36d158a40f75

HTTP Headers

GET /xMk13VXBRIhkzT0YkE2hHAnRHYEYUJwQ6HkJwOyQAYg4WIkJ4BQ0yChQ5DTFNAmsbNB5VcFEwHlFwRnMRVi9KYVZGPRg+TUgvFTgJSykVLB0UOBZoHV03HjkcU2hFE0UcfVJnQBo6HjsUXToEcEICIwNwQgJ8R3tAF341cEICOh47RgZoRBdVAH0PY0QXfj-VwQgI/AXBDc3xHYF4CZFJnQFUoFD4fF38xZ0ADfUdkQANoRWUWWz8SMx9KaEUTQQJ4WWVWR3BG HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://verysilenit.com/

HTTP/1.1 200 OK
Content-Length: 444
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 395mIeUiVKUjDRcDxvJLFxG2w97INvVc1sY-hpZcBysmLgMtYJk_bQ==

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d09cd05d951779967af874274fbb4875
119e58de80b389f59c445f045371d49e4414767e
1a3f1b8c4f3a485afca5745a30c8402d66b56434f360e11d7ec2063fc9851908

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d09cd05d951779967af874274fbb4875
119e58de80b389f59c445f045371d49e4414767e
1a3f1b8c4f3a485afca5745a30c8402d66b56434f360e11d7ec2063fc9851908

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b66712e69be6c0a95b275254a0570c6c
53e7c43370118610609ef3260a76daf044323d09
c23269342aeab6987bda2d3ffa96ef2037a47e340572f1b011cedba02ff9867a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Last-Modified: Sun, 05 Feb 2023 08:44:54 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b66712e69be6c0a95b275254a0570c6c
53e7c43370118610609ef3260a76daf044323d09
c23269342aeab6987bda2d3ffa96ef2037a47e340572f1b011cedba02ff9867a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Last-Modified: Sun, 05 Feb 2023 08:44:54 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1689938395&utmhn=oaxyteek.net&utme=8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592976503&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1012044518&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~

142.250.74.110

302 Found

370 B

URL HTTP/1.1
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1689938395&utmhn=oaxyteek.net&utme=8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592976503&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1012044518&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
370 B (370 bytes)
Hash
07ff29a511219b62627bdc5fa0435a3b
7c6a5bb012adf051f12130255cee7e1736d0b2d1
c2b6c5322ba040c6ad14baaddd2a6da10b5caf8b9f5b972561a405a2c7b0e1ca

HTTP Headers

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1689938395&utmhn=oaxyteek.net&utme=8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592976503&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1012044518&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1322740405.1675592976&jid=1012044518&_v=5.7.2&z=1689938395
Access-Control-Allow-Origin: *
Date: Sun, 05 Feb 2023 10:28:56 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 370

oaxyteek.net/funcript1675592976022.php?pub=77879&v=NozjgI3kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc03Z9mGEZxuYlz2IV1oMATCcM5uMUTzgL2hMxTGUb5pNpT3NblNMJTiIOziZQTnIb2lNdWWYY5yZVG2Mc11IJny0e3=

172.67.157.221

200 OK

472 B

URL HTTP/2
oaxyteek.net/funcript1675592976022.php?pub=77879&v=NozjgI3kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc03Z9mGEZxuYlz2IV1oMATCcM5uMUTzgL2hMxTGUb5pNpT3NblNMJTiIOziZQTnIb2lNdWWYY5yZVG2Mc11IJny0e3=
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
63a634d127b22a2889918f993e7de3cd
3a20f60df65d86c87a6104a915eec5fc31f479a8
55218922df0b654c08d94234f70cf0614828cecc1fc962b86f7d85c9eff0be9f

HTTP Headers

GET /funcript1675592976022.php?pub=77879&v=NozjgI3kOVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc03Z9mGEZxuYlz2IV1oMATCcM5uMUTzgL2hMxTGUb5pNpT3NblNMJTiIOziZQTnIb2lNdWWYY5yZVG2Mc11IJny0e3= HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acaSh%2Bk1mJk8ONW81hW5TQB1zNJdD4THohr9ApZk26nxoLqKl3cy%2Bxgp95oQ5hbrZim93HS5QuL0AFzQTZWTVLsZQPRc%2BgEOOvwyd99llwrBaal3TRVW7xwZvqCRSfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64ccd741c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

142.250.74.109

302 Found

392 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Size
392 B (392 bytes)
Hash
29e3632f43bf82cc13e8779e35d852bb
8f3c6616365b51166b9b3f2b89763be67137321c
91cb702fc872481fd184fb9ff231d8781e52b138007589df91acbce8dfe61795

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 10:28:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675592936727973&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDdxIuasTnwPRchIcNReBJ9taY4RGyiBWMM9apGJTSj2Tnd0-WIAcCg0psiCLIDnObD---jA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-GEx08ToEFgQZyVpf_-n4Zw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:k9IzPp0r5uOg66aZhfAaY3ZlOKc5Jg:gUGjpBbLtN6xGTVk;Path=/;Expires=Tue, 04-Feb-2025 10:28:56 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verysilenit.com/utx?cb=hH1cQCiyewG4&top=oaxyteek.net&tid=709056

65.9.44.85

204 No Content

0 B

URL HTTP/2
verysilenit.com/utx?cb=hH1cQCiyewG4&top=oaxyteek.net&tid=709056
IP
65.9.44.85:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=hH1cQCiyewG4&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 05 Feb 2023 10:28:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 05 Feb 2023 10:29:56 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: ovJAvtcqkzNhCXZt4dESSMQ617-AQbmShhs260ZH7lDFOojSMNMZpg==
X-Firefox-Spdy: h2

cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css

104.20.67.244

200 OK

3.8 kB

URL HTTP/2
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.8 kB (3773 bytes)
Hash
9d4e19a376efea966122769055f549b8
a0a2aad945a151940df25a622556723caed8931d
f742449be310268664dd2166337d4ba278594e5b6d23d66ad0953a303f735f55

HTTP Headers

GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=25476
cache-control: public, max-age=604800
etag: W/"6384-5faa60e6-2ce8da3c9d76af49;gz"
expires: Sun, 12 Feb 2023 10:01:11 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1665
server: cloudflare
cf-ray: 794af64e8c1eb517-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ba089de09b6322a93026f30cc52007ae
ef94a35787b5f8056d9efc71e9d78a916a2cc717
cbc7d42a2075bc5ec876b265d36b77e5eb59796b93f2b91a8a4c504c64df5aff

HTTP Headers

POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

verysilenit.com/multi?cs=NXdKT1oNR3t2bAdDeH5tDE94eG0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_7yNi=1675592976188&crc=1

65.9.44.85

200 OK

1.5 kB

URL HTTP/2
verysilenit.com/multi?cs=NXdKT1oNR3t2bAdDeH5tDE94eG0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_7yNi=1675592976188&crc=1
IP
65.9.44.85:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3258), with no line terminators
Size
1.5 kB (1502 bytes)
Hash
96b4201ef969ed14e4febe4805622ab4
0b4b379de76c7eca33d401d00202909bd24a897d
4938ae28161dfd96345865bd3e28cb2757837c4632ad174117c1804444407a51

HTTP Headers

GET /multi?cs=NXdKT1oNR3t2bAdDeH5tDE94eG0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_7yNi=1675592976188&crc=1 HTTP/1.1
Host: verysilenit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/plain
content-length: 1502
date: Sun, 05 Feb 2023 10:28:56 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=d87e45d6-076b-44fc-9f86-ff37517f71ef
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 0edd9f6bc061f9d64e77285b1cac290c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: or4-X0Xjz8jKL-PxzXJOKsaLO4mkk0GHjPs2eA_dyEokLWWgl3O-Ig==
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

142.250.74.109

302 Found

392 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Size
392 B (392 bytes)
Hash
1fce2efe1d191e8bc6fee915067a6d92
f25ef8879f6ce950dbf270c16a6eb4ecbbfec0b3
142afd0125ded01a23eeab352d44fce77cd76298c1902aa87851825e673a9c79

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 10:28:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-939391772%3A1675592936768298&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfpCvs5sEtTNpi3923HH0ouIyMQTwwAWerZsM0EtlAktTBE0nUcejufxrupZ_orKtVuAYJKZw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-uhYKfUtG7MlCkEh4JEy3bQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:Y3339A0m6FD8L5VOUulODnlyQSTdKQ:LpBqKajV-MQFvjZA;Path=/;Expires=Tue, 04-Feb-2025 10:28:56 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.adf.ly/static/css/core_default.css

104.20.67.244

200 OK

6.7 kB

URL HTTP/2
cdn.adf.ly/static/css/core_default.css
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.7 kB (6715 bytes)
Hash
7f9be48864a8a4226127643355582632
dc9b4894f40764f6eb7fe98c952dc0a2175192d4
3f96cbe6278a14bd1c4c26c0987f41499557cec1fc9c5daa684ad279d4ee8bbb

HTTP Headers

GET /static/css/core_default.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=41418
cache-control: public, max-age=604800
etag: W/"a1ca-5faa60e6-43aa68c40fef0c2b;gz"
expires: Sun, 12 Feb 2023 10:01:11 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1665
server: cloudflare
cf-ray: 794af64e7c11b517-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473

54.230.245.26

200 OK

52 kB

URL HTTP/1.1
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP
54.230.245.26:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (15955)
Size
52 kB (51504 bytes)
Hash
8033292954f84989ee8670b3e0052087
f0954a6b78073a23c6161fc818b6461e5a0b3cb5
096c10fd6ab2a7764ad29bdef63829f0002b0881288b7467c4cfbec53cf03d69

HTTP Headers

GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/

HTTP/1.1 200 OK
Content-Length: 51504
Connection: keep-alive
Date: Sun, 05 Feb 2023 10:28:56 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZsRd3tozfYWgpOsXefO8q4UhcVW6Adb5fMmFSK9v_TZGjgykJ59qkg==

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1322740405.1675592976&jid=1012044518&_v=5.7.2&z=1689938395

64.233.165.157

200 OK

35 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1322740405.1675592976&jid=1012044518&_v=5.7.2&z=1689938395
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1322740405.1675592976&jid=1012044518&_v=5.7.2&z=1689938395 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 10:28:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pogothere.xyz/

172.64.106.19

200 OK

308 B

URL HTTP/2
pogothere.xyz/
IP
172.64.106.19:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
308 B (308 bytes)
Hash
214c8cfdbda380a8669fad73a2922543
417cb2482f08938052fa9e6ba2486f9837f37eb9
d0de7480cf5b381c7cdc35344992cb6155a6ca28127b065f77f52a267453a3f3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/plain
set-cookie: csu=1536910593356455@1@1675592936; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPLO4XrAJQSlRrD%2B7EscdKFokFSEvHH4TIIG2QVXC8GpaJZPpusgpTEGMHwAEn7L4ViDnVKZeic6WJ9VOoOkqsm0LSlbZ1yT%2BaEwAR9kxfudAmIreDSvBj9DucxL0PqM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64d4a95745b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.161.147.150

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.147.150:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4asci5hffF38eeD3lmuOXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7j5ystOGjIG6QuXhvrfS72ipG8g=

cdn.oaxyteek.net/static/image/apple-touch-icon.png

172.67.157.221

403 Forbidden

436 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/apple-touch-icon.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
436 B (436 bytes)
Hash
b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a

HTTP Headers

GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-1JLQC/42Iz?rndad=579728665-1675592020
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1675592976.1.0.1675592976.0.0.0; _ga=GA1.1.1322740405.1675592976

HTTP/1.1 403 Forbidden
Date: Sun, 05 Feb 2023 10:28:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F%2FfstVQuHxnyokGuDw9Q3aLpTiBSIriZvHDy6fwOj8qR%2FHt%2BQquKMWnr9vrUY4BhmiclaA9YlzsrpUn81pqeCecPsrFKXj6Euwor0ck0bGuu%2F5ssk%2Fb7AnrgjzhibLy9BRq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794af64dfe701c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

500 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
500 B (500 bytes)
Hash
f0db1d4fceef4bdf38e207ffa157001c
542854171f7f0c883822237f9c8cda0d3abb505b
8cbce294d1f497c59d760317b3128e9f07e29854f7dc3e9f4d17e1396ac852cb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4625
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:28:56 GMT
Last-Modified: Sun, 05 Feb 2023 09:11:51 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

pogothere.xyz/asd100.bin

172.64.106.19

200 OK

112 kB

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.106.19:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
112 kB (111736 bytes)
Hash
bd1026c3d7b8b01e2f9a2854db9f1b02
9c62e4bf5671a3a1fc9fcfb63943fe5aabee75d5
68b5e9142be02e9cd13baea92d78aa1894cf1d57cfbd403c9e8fc88b354bd225

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7121
last-modified: Sun, 05 Feb 2023 08:30:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4XsdWkB9rN4vu4psT8RJWAI1VN7vLgRiHEMvoI7fFBSX4mmaZAx4KJnbrt8XM64fNcPaUXzGdHe8b9rHN52ffJ2Cx4Pw9RuK%2BpfoIPOcqSI5PqM9rGkVDNuGPvqEOVp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af64c89bb745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

157.240.221.35

200 OK

4.5 kB

URL HTTP/2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
157.240.221.35:0
ASN
#32934 FACEBOOK

File type
data
Size
4.5 kB (4501 bytes)
Hash
c0f134bcae8446f985d564291a9d6beb
3d935c3984ce7a059096bb4677abd3301a2b5aeb
0d97fccd695d5147d56769a8a92c71cd041a92d0dad8c4c899447f3500798631

HTTP Headers

GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: QOruwroH4epNR/DBm0g9roHIS+9ve/2oSLFDOU9ik47JWU7pvMLTFF5XaLHzpprHQCCHixzx3L1zUSkN88Cf/Q==
date: Sun, 05 Feb 2023 10:28:56 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152

157.240.221.35

301 Moved Permanently

0 B

URL HTTP/1.1
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP
157.240.221.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Sun, 05 Feb 2023 10:28:56 GMT
Connection: keep-alive
Content-Length: 0

region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je3210&_p=1508426948&cid=1322740405.1675592976&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592976&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je3210&_p=1508426948&cid=1322740405.1675592976&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592976&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GT41R23D5L&gtm=45je3210&_p=1508426948&cid=1322740405.1675592976&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592976&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://oaxyteek.net
date: Sun, 05 Feb 2023 10:28:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7771
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:28:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7771
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:28:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7771
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:28:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7060 bytes)
Hash
75caf9549ac23c827c10d6baabb84884
e8391e4046acb91cd4a6113974fda1c44dcd3865
a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: e3e457e7-b73a-4b5f-a7bb-9a643cde2760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwAv_GI1oAMFbIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcae66-6793e5e054a709881bb2d191;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 06:49:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6LeXkwyELIc_XykRxsfDIBu7Kda_3OHFDiteX0rKwDt-315catmvKw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 44295
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10905 bytes)
Hash
1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 44212
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7589 bytes)
Hash
5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00Sp1Thtp-YIGYmu7qIB6GtKBxOGLgcAse2SusryA8xaBrnWQDD-Hg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 44697
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5014 bytes)
Hash
5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 70513
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12967 bytes)
Hash
8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 24530
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 45906
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1225243129&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592981028&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~

142.250.74.110

200 OK

35 B

URL HTTP/1.1
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1225243129&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592981028&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=1225243129&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(77879)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1508426948&utmr=-&utmp=%2F-1JLQC%2F42Iz%3Frndad%3D579728665-1675592020&utmht=1675592981028&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1322740405.1675592976.1675592976.1675592976.1%3B%2B__utmz%3D198071217.1675592976.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sat, 04 Feb 2023 21:51:18 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 45463
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif

pogothere.xyz/

172.64.106.19

200 OK

0 B

URL HTTP/2
pogothere.xyz/
IP
172.64.106.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: text/plain
set-cookie: csu=240819532168915@1@1675592936; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3KlTb9p7s4XVWFrAWkAinPwe2zHmnovmb82Ru%2BOpOoikXTO8c3pCPNSAYNxo8TbVkSkF%2Bd75EeB46ufMisNosgBL3Jlu2IT2Yrcq0GsX3hnP9NPfY6l14VmrYHxy7C9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af64c89b8745b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675592936727973&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDdxIuasTnwPRchIcNReBJ9taY4RGyiBWMM9apGJTSj2Tnd0-WIAcCg0psiCLIDnObD---jA

142.250.74.109

403 Forbidden

0 B

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S-1123696107%3A1675592936727973&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDdxIuasTnwPRchIcNReBJ9taY4RGyiBWMM9apGJTSj2Tnd0-WIAcCg0psiCLIDnObD---jA
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/signin/identifier?dsh=S-1123696107%3A1675592936727973&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDdxIuasTnwPRchIcNReBJ9taY4RGyiBWMM9apGJTSj2Tnd0-WIAcCg0psiCLIDnObD---jA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 10:28:56 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-rfSiodl9ZmVURKCjGuFkZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.106.19

200 OK

0 B

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.106.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:28:56 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 7121
last-modified: Sun, 05 Feb 2023 08:30:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97aeAmGczGfhwgZaLBa8t5wdIesV48UL%2BDVWInWjEEdC7%2B3MJSJm6fTRSp87jh85XdjH76iGFllI%2FaoivvxUS7ChhcF46DMwSj2b9VIwUpOdyqmKttz8yQMsAjyaYsay"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af64c89c0745b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML