Report - oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484

Report Overview

Submitted URL
oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
IP
104.21.90.149
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-30 00:45:36
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	843 B	442 B	216.239.32.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.0 kB	2.2 kB	23.36.77.32
d3kd7yqlh5wy6d.cloudfront.net	unknown	2023-01-29T02:13:59Z	2023-02-07T10:06:21Z	550 B	905 B	54.230.245.213
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.166.224.175
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	484 B	563 B	64.233.165.154
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	1.0 kB	3.3 kB	157.240.205.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	306 B	34 kB	142.250.74.138
d1a3jb5hjny5s4.cloudfront.net	unknown	2021-05-29T18:33:12Z	2023-03-13T08:13:50Z	844 B	37 kB	54.230.245.85
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.8 kB	7.7 kB	142.250.74.163
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.4 kB	105 kB	93.184.220.29
oaxyteek.net	unknown	2022-07-20T11:12:31Z	2023-03-13T09:06:15Z	2.8 kB	16 kB	104.21.90.149
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
coonandeg.xyz	unknown	2023-01-24T07:51:42Z	2023-03-10T02:27:15Z	2.5 kB	4.9 kB	54.230.111.122
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	2.3 kB	19 kB	142.250.74.110
cdn.adf.ly	214923	2012-07-03T16:35:38Z	2023-03-13T05:42:25Z	411 B	4.3 kB	104.20.67.244
dc5k8fg5ioc8s.cloudfront.net	unknown	2021-01-11T12:54:35Z	2023-03-13T05:42:25Z	286 B	52 kB	54.230.245.166
cdn.oaxyteek.net	unknown	2023-01-23T17:54:50Z	2023-03-13T05:42:24Z	7.8 kB	156 kB	172.67.157.221
reerfdfgourgo.xyz	unknown	2023-01-23T13:29:36Z	2023-03-01T02:07:26Z	1.7 kB	2.6 kB	172.67.166.141
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	377 B	42 kB	142.250.74.168
adf.ly	49660	2012-05-22T02:13:31Z	2023-03-13T05:20:32Z	360 B	2.8 kB	104.20.67.244
pogothere.xyz	unknown	2022-09-04T21:11:25Z	2023-03-13T05:42:24Z	1.2 kB	106 kB	172.64.199.35
accounts.google.com	81	2016-03-20T13:44:49Z	2023-03-13T07:05:07Z	2.3 kB	9.0 kB	142.250.74.109

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	pogothere.xyz	Sinkholed
2023-01-30	medium	pogothere.xyz	Sinkholed
2023-01-30	medium	pogothere.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473	184 kB	2023-03-13	2023-03-13
Pretty URL dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 IP 54.230.245.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:19:19 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 8127dd194ade8e54a15387fc7b6f78a4 ca721c7313d142a9e0d0fb9e61261feee8b3cbba f5f8d7d483da8f06dc9ac74a5bd9f997b2d089d5709651580299fbd379ab15d9 Loading...

	oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484	519 B	2023-03-07	2023-03-29
Pretty URL oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:30 Last Seen2023-03-29 23:15:35 Times Seen2 Hash fb6e338c75160ced070580b5e359fdf2 25cd189f2c01a5df077a6f522af82c4264f29e1c a6f37fdc89c06ecc8d259029d96a9dfa97da626c68cbe82e27cd45432d617975 Loading...

	oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484	665 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash aa14b51e4361d4da1792ad6b290f3b5f 904ea9c2a81485ca2eae1d3497313c47f2eb4a8c c5ec1ec9adb40a3e9f8af6630eb9f3f19f7e7e9f4c23d68fb906282b4c833112 Loading...

	coonandeg.xyz/WDl6T085WxkicDkEGGk6KlVHan0eHEgJK2lYSSUtbVEQITZtSk5hLDRWDyspKlYUO2E2XA5qfR4ALwsNEncQKDUAQB4eDSFrIAMeK2kjDiNteA16fQ9TChUZMXg0BgoKUTwhJGBtP381Dl48NyoKTRIMNxp0MSMdaHsSe3cNah4dDQBjLAV+DX8jHRY3bBY/Oxp+QwwcHAAYKwoeezEjKG5sSxYkD0AZHhsMfDQFCTR6NRk4NG8CfiY8Vw0WDBBsOSodbWk1GXssbi93JR5hCQgZMWgsKjgBcyMNem18DTwcHmEJCBsiVR8pOBFdI3wFK3s7KCAaV1d/GxtBMxkqL2MxBScODx44Iz97LSwIHWEvDCoOfx4CfitUPzggD3gUJAcbfjsNKglaHhYoGU8ifyBpbxMVABBuMH0qGWA0KSgaTys4GTAfEDwgNklHJj0BfzM6NS1aHAcIGXIrDQ	3.0 kB	2023-03-13	2023-03-13
Pretty URL coonandeg.xyz/WDl6T085WxkicDkEGGk6KlVHan0eHEgJK2lYSSUtbVEQITZtSk5hLDRWDyspKlYUO2E2XA5qfR4ALwsNEncQKDUAQB4eDSFrIAMeK2kjDiNteA16fQ9TChUZMXg0BgoKUTwhJGBtP381Dl48NyoKTRIMNxp0MSMdaHsSe3cNah4dDQBjLAV+DX8jHRY3bBY/Oxp+QwwcHAAYKwoeezEjKG5sSxYkD0AZHhsMfDQFCTR6NRk4NG8CfiY8Vw0WDBBsOSodbWk1GXssbi93JR5hCQgZMWgsKjgBcyMNem18DTwcHmEJCBsiVR8pOBFdI3wFK3s7KCAaV1d/GxtBMxkqL2MxBScODx44Iz97LSwIHWEvDCoOfx4CfitUPzggD3gUJAcbfjsNKglaHhYoGU8ifyBpbxMVABBuMH0qGWA0KSgaTys4GTAfEDwgNklHJj0BfzM6NS1aHAcIGXIrDQ IP 54.230.111.122 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:51:33 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 1b3acdb231853a254ac896843a932cde b537d7d3cef9bdbf446b3dee35d21a4e332d591f 731c17649baf2660165d72b0c7d0ee693a2acbe2651a78473a989b853cfaea78 Loading...

	d1a3jb5hjny5s4.cloudfront.net/9UDBJNjgzXydQByRZLQsPYAl5Aw52WjpZViANIERhFnk8TE0zVgFxeRthCxBMKlR0Bh48USdRBXZVJ1UFYRYoUlptBG9CSD9bdEFBKlg6U1YkWycQTTENJFlCOVwlVx1idnwYCHUCeR5POV4tWU8jFXsGViQVewYJYB55EwsSFXsGTzlefwIdY3JsBAgoBn-0TCxIVewZKJhV6dwlgBWcGEXUCeVFdM1smEwoWAnkHCGABeQcdYgAvX0o1ViZOHWJ2eAYNfgBvQwVh	596 B	2023-03-13	2023-03-13
Pretty URL d1a3jb5hjny5s4.cloudfront.net/9UDBJNjgzXydQByRZLQsPYAl5Aw52WjpZViANIERhFnk8TE0zVgFxeRthCxBMKlR0Bh48USdRBXZVJ1UFYRYoUlptBG9CSD9bdEFBKlg6U1YkWycQTTENJFlCOVwlVx1idnwYCHUCeR5POV4tWU8jFXsGViQVewYJYB55EwsSFXsGTzlefwIdY3JsBAgoBn-0TCxIVewZKJhV6dwlgBWcGEXUCeVFdM1smEwoWAnkHCGABeQcdYgAvX0o1ViZOHWJ2eAYNfgBvQwVh IP 54.230.245.85 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:51:33 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 65fa48886ddbb960098f1b7ac1250942 a49b0503207a5a99d0e36ee10ce5a6468c19ff7e 154f5d05ae24ecedd743cf21d6bb55541aba9934a01d327bc80f8a86ece58192 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js	94 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-24 01:16:50 Times Seen10467 Hash ddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Loading...

	cdn.oaxyteek.net/static/js/view118_bidshow.js	11 kB	2023-03-07	2023-05-14
Pretty URL cdn.oaxyteek.net/static/js/view118_bidshow.js IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen122 Hash 7bd8a9fa85fffef9db565180d148b73e 487360f168864d7b56d45ce03e8962e9eb2d6c6e 38fea38c82addf11b3a9a703649451db83bb5af7645594afe9025ae84bd70311 Loading...

	oaxyteek.net/js/display.js	16 kB	2023-03-07	2023-07-09
Pretty URL oaxyteek.net/js/display.js IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2023-07-09 10:24:48 Times Seen188 Hash 31c9f8c6a12dfa956f8bd76d130c7d0b cbb32bfcd93a2f76f2bc66ec651ac27824082dab 4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259 Loading...

	oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484	143 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash e4d2d45eb91b8f26c33f3ea334ae617d 6506b7ae7ba8c41c2e0148a69098fd7333bd294a 56aaee9dedf8c077bd5c9dd25dc214f2c09e4b715f81904e7c361122c5825487 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ	105 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:19:19 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 431b6f00760301224200c4eec96f736e d139e71edcd2c718896e012479476b3ba1283f01 3ff26a5b3fc91796a48ae97f91bb7c1f3641164f9934c7aa2b3c1c17e34c0d43 Loading...

	www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c	232 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:37:49 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 6e34732a1d2b9bb51fb75ca736481616 17ba644919fc140ce5b6da72c6588d0a224ee020 52fb73b487cf6a0eb3d9cbe6d2dfacb83e6c9fd4a3c6b17d81226e5b833b95b2 Loading...

	www.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL www.google-analytics.com/ga.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484	341 B	2023-03-10	2023-05-14
Pretty URL oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:49:27 Last Seen2023-05-14 09:10:31 Times Seen85 Hash 85fc9111b0ef7e154a67d8191eeb2ab8 cc2fc4aab1abffb44c72cd144f8435ce74531659 c62af88944f869e1f462cb666048f6e430c684e1ef43882e4486b95790e8ec62 Loading...

	d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056	108 kB	2023-03-13	2023-03-13
Pretty URL d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056 IP 54.230.245.85 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:51:33 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 6da9a09d7c9ed650584f415122a1ec38 1a196a9e036712565944b7ab01e3c2415cd150e8 2604b78368c567ad79c854ea0c6aca163806db3a71e510c6ae725c71047c3acd Loading...

	oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484	549 B	2023-03-13	2023-03-13
Pretty URL oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:51:33 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 1d3f770d108d8242f6d9d122a25a8d74 3582a3cda9f679635107f597bb5afa2abdaff110 feeb3077c29a7697a85b9906f536a78bc7e8dc9475d9b0868038c4c504d84b29 Loading...

	oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484	1.7 kB	2023-03-07	2023-03-29
Pretty URL oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:30 Last Seen2023-03-29 23:15:35 Times Seen2 Hash e10aefd8a31a77187f93d8e8e426cabc a77629faa8cd3d5a76cc1c7171d4d0e03c802a1f b7438b940b4be2c4ca8c77f8df728d12b3261fb57ebbcdd9d7b066933b50760c Loading...

	cdn.oaxyteek.net/static/js/main.js?v=2022052901	2.0 kB	2023-03-07	2023-05-14
Pretty URL cdn.oaxyteek.net/static/js/main.js?v=2022052901 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen104 Hash 9dccb8ccd8da2bae23d4a71b2f3d884b e375888187278462254e305c498959eb2745c49e 29d8741f9be753192c4ad99e21b22089a10952a10c2092dcfa1532edf58c3f68 Loading...

	coonandeg.xyz/UkFiM3YzIwFeSTN8ABUDIC1fFkQUZFB1EmEqBgQPIy0KBgErdwYdFT4uF1cQIC4MR1g8JBYWRBR2B2QaEBU3RBcQKFpBFSVxI3kuEHcxZUcrJFFbEBM7K1o/NS03eQE5NCtyIxQkG34EHgARBRARdSBpDDlzKmUkKiAbci8QODhEFzo2KnoYEHg6RBE+DVF1OAY7Nwo/Kgs3eR8DLSpEASARJlQvEXMBBzoHECd/HDEtJGIjNSAqB1NgBzp0T2sgN0csMxUNXzAlcRd8HGsiNQAzOA4kSxQxGRoLIGMtCVURZyI1ADNkCzBXEDYWChZEFA5SSww0FTBjLgVsMBZEEAUOSxQxFVoFLhQuI1U+KgwwADA5IDdHLBgoBUUzNRsJVQEiDTVrNGsnJ1ssMQYKFkQQEjMLGQI4CVU0OC0NVRxrGAFrHjsSNwtGMQlSFRwhLgxDSzQFAGoaFncNYTMYNlJkHg	3.0 kB	2023-03-13	2023-03-13
Pretty URL coonandeg.xyz/UkFiM3YzIwFeSTN8ABUDIC1fFkQUZFB1EmEqBgQPIy0KBgErdwYdFT4uF1cQIC4MR1g8JBYWRBR2B2QaEBU3RBcQKFpBFSVxI3kuEHcxZUcrJFFbEBM7K1o/NS03eQE5NCtyIxQkG34EHgARBRARdSBpDDlzKmUkKiAbci8QODhEFzo2KnoYEHg6RBE+DVF1OAY7Nwo/Kgs3eR8DLSpEASARJlQvEXMBBzoHECd/HDEtJGIjNSAqB1NgBzp0T2sgN0csMxUNXzAlcRd8HGsiNQAzOA4kSxQxGRoLIGMtCVURZyI1ADNkCzBXEDYWChZEFA5SSww0FTBjLgVsMBZEEAUOSxQxFVoFLhQuI1U+KgwwADA5IDdHLBgoBUUzNRsJVQEiDTVrNGsnJ1ssMQYKFkQQEjMLGQI4CVU0OC0NVRxrGAFrHjsSNwtGMQlSFRwhLgxDSzQFAGoaFncNYTMYNlJkHg IP 54.230.111.122 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:51:33 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 71b3fd55310a8c30f7b21d71e4579c0f 3658f76d6868ce8e01c38cd9b62b122213ec579a b2af4a4c32c92cb0d07e41ccada76452b2e03b667820787afd77a4688c6af3b2 Loading...

	d3kd7yqlh5wy6d.cloudfront.net/7eWlBTUwaBi8rcw0AJXB6SV1ye3hfAzIiIglUJwkuIAUFeyMrLAs6fC4BZzk2HVRxayAYByZwahwHInB9XwglL3FNTzU9IxJUJiQlHwwrPDgYC2c4LUQELjclFQUgaH4/XG99aUtZaTolFw0uOj9cW3EjOFxbcXx8V1lkfg5cW3E6JRdfdWh/O0xzfTRPXW-R+DlxbcT86XFoAfHxMR3FkaUtZJigvEgZkfwpLWXB9fEhZcGh+SQ8oPykfBjlofj9YcXhiSU80cH0	707 B	2023-03-13	2023-03-13
Pretty URL d3kd7yqlh5wy6d.cloudfront.net/7eWlBTUwaBi8rcw0AJXB6SV1ye3hfAzIiIglUJwkuIAUFeyMrLAs6fC4BZzk2HVRxayAYByZwahwHInB9XwglL3FNTzU9IxJUJiQlHwwrPDgYC2c4LUQELjclFQUgaH4/XG99aUtZaTolFw0uOj9cW3EjOFxbcXx8V1lkfg5cW3E6JRdfdWh/O0xzfTRPXW-R+DlxbcT86XFoAfHxMR3FkaUtZJigvEgZkfwpLWXB9fEhZcGh+SQ8oPykfBjlofj9YcXhiSU80cH0 IP 54.230.245.213 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:51:33 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 0fcf1fb2d09214def0049b22b0a2bc23 8f76a3294f213884159adb61114826f81d457ba8 63e68b5aeb5efa1bd916cc0e02cf1b5b35bdd736dbbd2f6aa7e78fc71b7e2400 Loading...

	oaxyteek.net/funcript1675039536199.php?pub=11374213&v=MM3xNoDjIIxkMVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc23Y92GIZ0uOlW2UV5oYAzCkM4uYUWzFLkhMxTGgb1pNpj3Mb0NZJDikO5iMQTnQb5lNdWWJYiyZVG2Jcl1IJny0eT=	0 B	2023-03-07	2024-04-24
Pretty URL oaxyteek.net/funcript1675039536199.php?pub=11374213&v=MM3xNoDjIIxkMVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc23Y92GIZ0uOlW2UV5oYAzCkM4uYUWzFLkhMxTGgb1pNpj3Mb0NZJDikO5iMQTnQb5lNdWWJYiyZVG2Jcl1IJny0eT= IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 04:06:28 Times Seen37030269 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484	551 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash 103e92d5ca4c353a7dcdc13362c2fe33 bbb91319966840711530f6c9efb68e279f199fe5 5a0b18bc519fbbe151ecab7b393685ee314b75379d50579bfe931d020349b2a1 Loading...

	cdn.oaxyteek.net/static/js/amvn.js	259 kB	2023-03-13	2023-03-13
Pretty URL cdn.oaxyteek.net/static/js/amvn.js IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:51:33 Last Seen2023-03-13 11:51:33 Times Seen1 Hash af866b555506372e59cb8949ef5eed98 6bbf01541ebb13579ae03c8e8179858ad05efeb4 90432de7ca91d0e16c0402807cbc8b3cb1c4ebff353e75c55d4a2d2274edb205 Loading...

		Size	First Seen	Last Seen
	#1 Write - c5639dd33c003902bcb9563f1e09337d	82 B	2023-03-07	2023-05-14
Pretty Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen67 Hash c5639dd33c003902bcb9563f1e09337d 3d8a9f2173ae1e9e9cd21be7eb9cd6999befb486 ede59fa13aaed1cae74b3d5451084369b1c25b6fbc3c2b467f7ed1bbd2ad8206 Loading...

	#2 Write - 6aa5e278d233208e4ac00e025ca72a9f	4.4 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:51:33 Last Seen2023-03-13 11:51:33 Times Seen1 Hash 6aa5e278d233208e4ac00e025ca72a9f f49dea1d9102c0c3f058bf46dc2bfea5fd288ef5 e3e4a30ec8ec9d27e7680b851f64714bca8202f9b0e62ec75e2a52f53aa462c1 Loading...

HTTP Transactions (84)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Mon, 30 Jan 2023 01:55:28 GMT
Date: Mon, 30 Jan 2023 00:45:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21337
Expires: Mon, 30 Jan 2023 06:41:02 GMT
Date: Mon, 30 Jan 2023 00:45:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 00:35:38 GMT
content-type: application/json
age: 587
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Mon, 30 Jan 2023 02:51:28 GMT
Date: Mon, 30 Jan 2023 00:45:26 GMT
Connection: keep-alive

oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484

104.21.90.149

200 OK

5.7 kB

URL HTTP/1.1
oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (552), with CRLF, LF line terminators
Size
5.7 kB (5711 bytes)
Hash
6fd683bfb2571ab5d3aa2cf2a8459b76
5ef71c961acc810b2439d4fdc3b05fd875102e77
154d92d8e53bf3694dca8b84d7c5c7a6fadfd16ec8c4dee9722c05faab7f476d

HTTP Headers

GET /rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=ev8i2fet0tvaaic8jq4nk0ije1; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Tue, 31-Jan-2023 00:45:25 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Tue, 31-Jan-2023 00:45:25 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp3=1532635802; expires=Tue, 31-Jan-2023 00:45:25 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 30 Jan 2023 00:45:25 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fi06SkBxKpinDks0WUEWQh5SME42QaIWIeT3kU%2FaslkLABCm%2Fmaj5vl7ZGkdYHIxoH7%2FcPOBzGk5Km0onKb6GlLVoypMYwbEaXXScNOTikG2YyETeTjM%2Bwl7qlt976A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79162f4bebbd0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: RXKIzradqMRpPAdHhgO5dcPEW74baxg4kFzSG/f/5y+y0RowCVjXdOb37PtllXCtgPcgOIBC35s=
x-amz-request-id: RCQGME9CPSBBPGJS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 23:50:31 GMT
age: 3295
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 00:45:26 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn.oaxyteek.net/static/css/adfly_7.css

172.67.157.221

200 OK

875 B

URL HTTP/1.1
cdn.oaxyteek.net/static/css/adfly_7.css
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2735), with no line terminators
Size
875 B (875 bytes)
Hash
f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a

HTTP Headers

GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-a94c583d5cffa0cf;gz"
expires: Mon, 06 Feb 2023 00:02:21 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2584
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGr3B7Dl9dBkAB9XFs%2BHbS1lWTMm2jW5dlr2uPj2TCH0lLmxGl3TXZVDD%2FiU8xeE5ItJcrjdDHEPRDSMYJL7fa20WDcYXxLFuIOSjvBLmwpWkcNaApZetRl0AH61eJOvJvR8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79162f4e6900b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/js/amvn.js

172.67.157.221

200 OK

84 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/js/amvn.js
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (15948)
Size
84 kB (84301 bytes)
Hash
efd571bbbc89ca484754996eb8bd8a7f
611165bfb08ef78c667a21c4a69e005ac2228998
b707ebbdcde89a51a2caa595b331d07d574bbdbee452b5635a51059558c9ae72

HTTP Headers

GET /static/js/amvn.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: application/x-javascript
Content-Length: 84301
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:20:56 GMT
last-modified: Mon, 30 Jan 2023 00:20:02 GMT
etag: "3f2ab-63d70d32-ccd5e8b18858c9f2;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1469
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Fkf7JkKWJBlb6n7wtASzjmrlHxoyG1W4MAaAThw489H9AbnxWP3tmr8DpVYXo7GzDG3ZL1HrkeEYG28jhs28SpY%2BztmAdI8Hk6XEZY9r69qlQmtzMI2yGMSHHGfPkN2Qn6B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79162f4e6bcdb51d-OSL
alt-svc: h2=":443"; ma=60

ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

142.250.74.138

200 OK

33 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
33 kB (33333 bytes)
Hash
18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0

HTTP Headers

GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 26 Jan 2023 08:57:11 GMT
Expires: Fri, 26 Jan 2024 08:57:11 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 316095

cdn.oaxyteek.net/static/js/view118_bidshow.js

172.67.157.221

200 OK

4.0 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/js/view118_bidshow.js
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10991), with no line terminators
Size
4.0 kB (4024 bytes)
Hash
966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9

HTTP Headers

GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:11 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-5c74f9ea89cd6c48;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2595
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsPfjsLukA1YsQ61hQwor1D69dbcydiJ7usglZoou3tGP8es9Hb4TU15%2FalPeqIIUxCwkY25AwB956twiIpm23xvMD35Qi2uHvVhDFzNA1qoFRCTd0OcpWqjlRREWjCOGUg0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79162f4e891ab4fd-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/js/main.js?v=2022052901

172.67.157.221

200 OK

705 B

URL HTTP/1.1
cdn.oaxyteek.net/static/js/main.js?v=2022052901
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
705 B (705 bytes)
Hash
5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d

HTTP Headers

GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: application/x-javascript
Content-Length: 705
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:12:12 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-5a0b6a8c1f70ff01;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vCyEy5CmLS0zqzce8sLNSNt5kwoDPX29FLPmcz%2Ber8dWMiBjpKZLUFBMM8Ed0NSPnbCYB04rVf17D2bd93DfX%2BCuZiH2MJFCjdPBob0R6Im4Z%2Bg7TzvruJzgyRaJmXVtJdO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79162f4e6c26b527-OSL
alt-svc: h2=":443"; ma=60

d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056

54.230.245.85

200 OK

36 kB

URL HTTP/1.1
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP
54.230.245.85:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (15481)
Size
36 kB (36017 bytes)
Hash
45e3ab61eb95468401182314172e4fdb
e8895d3b6f70966fc2beaa23e1444caffe6b6470
869b7aee529cfd77b4ca18057fb952f9ccb47a046ac11cdfbd3c2dd344f63749

HTTP Headers

GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Content-Length: 36017
Connection: keep-alive
Date: Mon, 30 Jan 2023 00:45:26 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ShXyDOVEgljl5e4fal9tEZva_TiGPsT6dZsVr-gmsB6oRU-HyiBXsA==

cdn.oaxyteek.net/static/image/delete2.png

172.67.157.221

200 OK

577 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/delete2.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
577 B (577 bytes)
Hash
3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43

HTTP Headers

GET /static/image/delete2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:50 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2556
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th6wDwN76mNcEs9QWp4Pgml%2B8znsLRGmYn0UWhErjlZ9May7Gbn35YyOJk1XiE1jmz9eJNiwGlAIB0AoeQ8lvp%2BXOS4MxgdtcT%2F4qcRnmj2UweAiEhGgR3Bq5bcqtlbLnQPK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f5039d7b4fd-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/spinner.gif

172.67.157.221

200 OK

36 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/spinner.gif
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 39 x 39\012- data
Size
36 kB (35453 bytes)
Hash
2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157

HTTP Headers

GET /static/image/spinner.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-abbbac75116acc85;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2593
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lio3fgEnb7mQjqNtoEvewEWZuewuhI1i7PeYFT4ubUsUmq1DOU%2BzFSqIx6jRawyaPJ6IvY%2FutrAr3s7pghZhYX5k%2BLrv1Kryfaujs68vdmQbzd6YO2VVjJRJC1s7Hyjo4mB%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f503d05b527-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/skip_ad/en_tran.png

172.67.157.221

200 OK

5.1 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/skip_ad/en_tran.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5076 bytes)
Hash
a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29

HTTP Headers

GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:13 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-d082b40bd28384ce;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2593
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZyKEfD9GeT6JpG7hotin26fWbnnpkIbEHFQEu5%2F3nQbP1OTdMRUZPhsiAt4Df5lYMZitaYMapgjjzzzmP485D1T3YoiybR7wAoNbr2UyUJpDtUOC0AM4u5NFAks8ypwkQLZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f503cbeb51d-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/logo_fb2.png

172.67.157.221

200 OK

6.3 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/logo_fb2.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Size
6.3 kB (6283 bytes)
Hash
84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3

HTTP Headers

GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:12 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-50f7a0a7015a0140;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2594
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbhLg0q%2BWELv7c%2FZNvgDci1PnK4wzlnaIrKpf8%2FxQR8TzHsBhXVJbLHn2Sb%2F3t2vaEprnEyDVLU6AGFMXJ6aN1f4y3qJBk%2B%2BioDFsYjBs0BE%2FIBaSbsr38wA68Eqk0BSYiLZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f503db4b50f-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/ahl6532.gif

172.67.157.221

200 OK

3.2 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/ahl6532.gif
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 166 x 58\012- data
Size
3.2 kB (3229 bytes)
Hash
48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15

HTTP Headers

GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:22 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2584
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOM8R8gOx2NK3cfD%2F%2FzbOwJhn0QWt6SknkOJU5RRTNApv0K%2F0z1HlSwCLkEopglfnUVcr26G8cSQdkp0FbVU8gSE1%2F28mscGFcJOLRZvqbTPuO1MoCUGMB9FkGutsqtJvvH7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f50399a0b39-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

oaxyteek.net/js/display.js

104.21.90.149

200 OK

5.8 kB

URL HTTP/1.1
oaxyteek.net/js/display.js
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15999)
Size
5.8 kB (5775 bytes)
Hash
e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27

HTTP Headers

GET /js/display.js HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: FLYSESSID=ev8i2fet0tvaaic8jq4nk0ije1; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:22 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2584
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Sinwtb%2FuSrD2nKj4%2F4opJ7W4hJ8Y3FHY9nO5MTE5tWe2eDJ6l0DVXoHkyQnf%2Ffacs40VMeilebUFo%2FoP%2BjjxyvEBi6hGu42EadLi7s1djHm9Qdk%2FH0IRIv7BGED%2Fs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79162f509d4e0b49-OSL
alt-svc: h2=":443"; ma=60

reerfdfgourgo.xyz/popunder.gif

172.67.166.141

301 Moved Permanently

0 B

URL HTTP/1.1
reerfdfgourgo.xyz/popunder.gif
IP
172.67.166.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 00:45:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Jan 2023 01:45:26 GMT
Location: https://reerfdfgourgo.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsLLxw1s2xe7Vd7Eb%2FHAobCqZQRl0UYst7KP6Dp0cakjJbgafHr%2FzJ5AcJotSk3p0bZFdm3y0B65%2B6C4CBEHoxIuIASMy6wfqoX5Ms5%2FcG%2BzTYzngkhFBQYF3DbK0BElePPQnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f509be8b4ee-OSL
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ

142.250.74.168

200 OK

41 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
41 kB (40930 bytes)
Hash
13a08d1ac6c9fff88b685dfa7ce86cf6
edc9ff6cdfeff2e550d4bc09109dbef6fd3511e1
a4452a79e0978408837f3835052b231d5687f0a3800d16f112fba58cf770238d

HTTP Headers

GET /gtm.js?id=GTM-5NL9VFJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 00:45:26 GMT
expires: Mon, 30 Jan 2023 00:45:26 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/SrfVchP6P8U

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
795f17a4efb2573fc585ba0a9588f99a
028c0c3aa8b4a8074a8f7be528327d35ee299b7e
84ab72e30738f6c2870d2785435469d42888484bc666b6d02569f2ce870c2728

HTTP Headers

POST /s/gts1p5/SrfVchP6P8U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 00:41:41 GMT
age: 225
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.oaxyteek.net/static/image/d_top_bg.png

172.67.157.221

200 OK

156 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/d_top_bg.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
156 B (156 bytes)
Hash
106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

HTTP Headers

GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:17 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-6bfb178d8ae4aca5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2589
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbvgNRuXl9lMnqD%2BlcBPImVJZjEZfBjkiuD1OslbjTTnDqhZd5DMC9uOrb67bOlyUYPq0uHCZ1jmFHvQucV2gXB6z1%2BTTDUPZrDsM82Qc0752fycAsjX1rzAwLKmuGOVgYG3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f514d4bb51d-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7a38cf33ae66edc3a74cce832404c913
19291526ed481dca4824dab82607d4b0a33da751
88eb4b46e1f4ea3ea3d445438bb610eeba26184814492a3a348c116a42e3b3c9

HTTP Headers

POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.oaxyteek.net/static/image/d_bottom_bg2.png

172.67.157.221

200 OK

2.8 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/d_bottom_bg2.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Size
2.8 kB (2829 bytes)
Hash
765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a

HTTP Headers

GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:02:17 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-47ec8d363413ae2c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2589
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15p4YxNQml08k%2F6p3NjhurdLj8uXw2N%2FgkxJOXj1abHy3S4UWhiMFUM3dGrvEVAsxDPj5ejVmEk1tiL%2B%2BWRq2hnWs2RgjHxxR7iaxS6tJaIvbnbEIXYQ%2BKWHHeEku5DWKcx3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f515dc3b527-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3874
Expires: Mon, 30 Jan 2023 01:50:00 GMT
Date: Mon, 30 Jan 2023 00:45:26 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3874
Expires: Mon, 30 Jan 2023 01:50:00 GMT
Date: Mon, 30 Jan 2023 00:45:26 GMT
Connection: keep-alive

cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1

172.67.157.221

200 OK

156 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
156 B (156 bytes)
Hash
106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

HTTP Headers

GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:45:26 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-95f251b8bd8ef212;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNcE25%2Fcf3mmW%2FATprSsna25tq7eetdc5UBmzJcy%2Fla8h9Z2jwSIXgs7tX1PaV9DWqKIwSHIv%2BTqaOUiP4iT7GZC8vDRLSfHElD%2FX%2Bw9SOcdc50250zPL4MaLMXW3dcEMBfp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f503c52b511-OSL
alt-svc: h2=":443"; ma=60

oaxyteek.net/2market_bidshow.php?user_id=11374213&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild&url_id=0&t=a7df35e61be3e9a5e5270fe81782b1ba&w=f062a8af671515d86895b9c328efee73

104.21.90.149

200 OK

82 B

URL HTTP/1.1
oaxyteek.net/2market_bidshow.php?user_id=11374213&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild&url_id=0&t=a7df35e61be3e9a5e5270fe81782b1ba&w=f062a8af671515d86895b9c328efee73
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
82 B (82 bytes)
Hash
d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c

HTTP Headers

GET /2market_bidshow.php?user_id=11374213&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild&url_id=0&t=a7df35e61be3e9a5e5270fe81782b1ba&w=f062a8af671515d86895b9c328efee73 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: FLYSESSID=ev8i2fet0tvaaic8jq4nk0ije1; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heFRjL%2B8UObj01nzfX6NfOZM59nn%2FSoM7bBGBmBJf3V64NfxWHqvPAWvWvZjOqnQ1qoT3Ta33Xd0fk9B7xahU1%2F63MG1lVgptVScGdCaIgZqqJOl%2BUk%2FweS9GllwTAc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79162f50fd710b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

coonandeg.xyz/UkFiM3YzIwFeSTN8ABUDIC1fFkQUZFB1EmEqBgQPIy0KBgErdwYdFT4uF1cQIC4MR1g8JBYWRBR2B2QaEBU3RBcQKFpBFSVxI3kuEHcxZUcrJFFbEBM7K1o/NS03eQE5NCtyIxQkG34EHgARBRARdSBpDDlzKmUkKiAbci8QODhEFzo2KnoYEHg6RBE+DVF1OAY7Nwo/Kgs3eR8DLSpEASARJlQvEXMBBzoHECd/HDEtJGIjNSAqB1NgBzp0T2sgN0csMxUNXzAlcRd8HGsiNQAzOA4kSxQxGRoLIGMtCVURZyI1ADNkCzBXEDYWChZEFA5SSww0FTBjLgVsMBZEEAUOSxQxFVoFLhQuI1U+KgwwADA5IDdHLBgoBUUzNRsJVQEiDTVrNGsnJ1ssMQYKFkQQEjMLGQI4CVU0OC0NVRxrGAFrHjsSNwtGMQlSFRwhLgxDSzQFAGoaFncNYTMYNlJkHg

54.230.111.122

200 OK

1.2 kB

URL HTTP/1.1
coonandeg.xyz/UkFiM3YzIwFeSTN8ABUDIC1fFkQUZFB1EmEqBgQPIy0KBgErdwYdFT4uF1cQIC4MR1g8JBYWRBR2B2QaEBU3RBcQKFpBFSVxI3kuEHcxZUcrJFFbEBM7K1o/NS03eQE5NCtyIxQkG34EHgARBRARdSBpDDlzKmUkKiAbci8QODhEFzo2KnoYEHg6RBE+DVF1OAY7Nwo/Kgs3eR8DLSpEASARJlQvEXMBBzoHECd/HDEtJGIjNSAqB1NgBzp0T2sgN0csMxUNXzAlcRd8HGsiNQAzOA4kSxQxGRoLIGMtCVURZyI1ADNkCzBXEDYWChZEFA5SSww0FTBjLgVsMBZEEAUOSxQxFVoFLhQuI1U+KgwwADA5IDdHLBgoBUUzNRsJVQEiDTVrNGsnJ1ssMQYKFkQQEjMLGQI4CVU0OC0NVRxrGAFrHjsSNwtGMQlSFRwhLgxDSzQFAGoaFncNYTMYNlJkHg
IP
54.230.111.122:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Size
1.2 kB (1195 bytes)
Hash
751dd9e7e0999507c3b753163b8737f5
85b549d43d919299487e9afe3c7f0c3a1c0b3765
499d161f19b7d381edb974a0524c6bf3d4682d87f1c2630a9bac1b0b79f8d694

HTTP Headers

GET /UkFiM3YzIwFeSTN8ABUDIC1fFkQUZFB1EmEqBgQPIy0KBgErdwYdFT4uF1cQIC4MR1g8JBYWRBR2B2QaEBU3RBcQKFpBFSVxI3kuEHcxZUcrJFFbEBM7K1o/NS03eQE5NCtyIxQkG34EHgARBRARdSBpDDlzKmUkKiAbci8QODhEFzo2KnoYEHg6RBE+DVF1OAY7Nwo/Kgs3eR8DLSpEASARJlQvEXMBBzoHECd/HDEtJGIjNSAqB1NgBzp0T2sgN0csMxUNXzAlcRd8HGsiNQAzOA4kSxQxGRoLIGMtCVURZyI1ADNkCzBXEDYWChZEFA5SSww0FTBjLgVsMBZEEAUOSxQxFVoFLhQuI1U+KgwwADA5IDdHLBgoBUUzNRsJVQEiDTVrNGsnJ1ssMQYKFkQQEjMLGQI4CVU0OC0NVRxrGAFrHjsSNwtGMQlSFRwhLgxDSzQFAGoaFncNYTMYNlJkHg HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1195
Connection: keep-alive
Date: Mon, 30 Jan 2023 00:45:26 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dh2WecYY83IUfznfqfWF4RWihRaMaEym67h_Zz-LFF4V9dJ3xpNqHg==

reerfdfgourgo.xyz/TDNQREJjDDM3fx5ZHgsNCmkqBiwjfAoMAwBWNwYqL0QWcgZ+ZnYwKygOZ3R7fAZmYjIlV212e2pAJCU2OUBtdWQlXTYrf2pFbXVsfB1mdGx9FSV5c2pHICUlcQJ2NDY4X211dHsGYHd7eQBmdXR1

172.67.166.141

204 No Content

0 B

URL HTTP/2
reerfdfgourgo.xyz/TDNQREJjDDM3fx5ZHgsNCmkqBiwjfAoMAwBWNwYqL0QWcgZ+ZnYwKygOZ3R7fAZmYjIlV212e2pAJCU2OUBtdWQlXTYrf2pFbXVsfB1mdGx9FSV5c2pHICUlcQJ2NDY4X211dHsGYHd7eQBmdXR1
IP
172.67.166.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /TDNQREJjDDM3fx5ZHgsNCmkqBiwjfAoMAwBWNwYqL0QWcgZ+ZnYwKygOZ3R7fAZmYjIlV212e2pAJCU2OUBtdWQlXTYrf2pFbXVsfB1mdGx9FSV5c2pHICUlcQJ2NDY4X211dHsGYHd7eQBmdXR1 HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 30 Jan 2023 00:45:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdGYYe8fh2NMqd4ek1Cd%2FPtf27uSW5Csh3Lgh24PSO0xSkrD0XMmaK5xZhfggWRZum2LQ3IencUWMBEdFcu2jpfS3LWV704ncCPfM%2FI6OSz8TpB0DhAbQ%2FmfbYgg6t%2BzEbdk2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79162f516f54b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

coonandeg.xyz/utx?cb=lRuuZsHLolvc&top=oaxyteek.net&tid=709056

54.230.111.122

204 No Content

0 B

URL HTTP/2
coonandeg.xyz/utx?cb=lRuuZsHLolvc&top=oaxyteek.net&tid=709056
IP
54.230.111.122:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=lRuuZsHLolvc&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 30 Jan 2023 00:45:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 30 Jan 2023 00:46:26 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nWXQpIfWgKGFBu0tvewZHsJSgqZzzja-Uk3ucwiejlvq6QCN0kTRCA==
X-Firefox-Spdy: h2

coonandeg.xyz/utx?cb=YFHel9phpwy8&top=oaxyteek.net&tid=604364

54.230.111.122

204 No Content

0 B

URL HTTP/2
coonandeg.xyz/utx?cb=YFHel9phpwy8&top=oaxyteek.net&tid=604364
IP
54.230.111.122:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=YFHel9phpwy8&top=oaxyteek.net&tid=604364 HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 30 Jan 2023 00:45:26 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 30 Jan 2023 00:46:26 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KIDfDc21ykxqP1pKZ5qgVj3nCKh-OPoswKHod4G-ilKW9n4kYew9Zg==
X-Firefox-Spdy: h2

coonandeg.xyz/WDl6T085WxkicDkEGGk6KlVHan0eHEgJK2lYSSUtbVEQITZtSk5hLDRWDyspKlYUO2E2XA5qfR4ALwsNEncQKDUAQB4eDSFrIAMeK2kjDiNteA16fQ9TChUZMXg0BgoKUTwhJGBtP381Dl48NyoKTRIMNxp0MSMdaHsSe3cNah4dDQBjLAV+DX8jHRY3bBY/Oxp+QwwcHAAYKwoeezEjKG5sSxYkD0AZHhsMfDQFCTR6NRk4NG8CfiY8Vw0WDBBsOSodbWk1GXssbi93JR5hCQgZMWgsKjgBcyMNem18DTwcHmEJCBsiVR8pOBFdI3wFK3s7KCAaV1d/GxtBMxkqL2MxBScODx44Iz97LSwIHWEvDCoOfx4CfitUPzggD3gUJAcbfjsNKglaHhYoGU8ifyBpbxMVABBuMH0qGWA0KSgaTys4GTAfEDwgNklHJj0BfzM6NS1aHAcIGXIrDQ

54.230.111.122

200 OK

1.2 kB

URL HTTP/1.1
coonandeg.xyz/WDl6T085WxkicDkEGGk6KlVHan0eHEgJK2lYSSUtbVEQITZtSk5hLDRWDyspKlYUO2E2XA5qfR4ALwsNEncQKDUAQB4eDSFrIAMeK2kjDiNteA16fQ9TChUZMXg0BgoKUTwhJGBtP381Dl48NyoKTRIMNxp0MSMdaHsSe3cNah4dDQBjLAV+DX8jHRY3bBY/Oxp+QwwcHAAYKwoeezEjKG5sSxYkD0AZHhsMfDQFCTR6NRk4NG8CfiY8Vw0WDBBsOSodbWk1GXssbi93JR5hCQgZMWgsKjgBcyMNem18DTwcHmEJCBsiVR8pOBFdI3wFK3s7KCAaV1d/GxtBMxkqL2MxBScODx44Iz97LSwIHWEvDCoOfx4CfitUPzggD3gUJAcbfjsNKglaHhYoGU8ifyBpbxMVABBuMH0qGWA0KSgaTys4GTAfEDwgNklHJj0BfzM6NS1aHAcIGXIrDQ
IP
54.230.111.122:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Size
1.2 kB (1200 bytes)
Hash
d4482f687c5a26146aaee63888fe9e5d
3bf1858dd14c24d117f6771afdde09b8eaa62acb
1cbb399f393099a970d723d76c3624664b7cc4e4e270de4513c421fdd3fac095

HTTP Headers

GET /WDl6T085WxkicDkEGGk6KlVHan0eHEgJK2lYSSUtbVEQITZtSk5hLDRWDyspKlYUO2E2XA5qfR4ALwsNEncQKDUAQB4eDSFrIAMeK2kjDiNteA16fQ9TChUZMXg0BgoKUTwhJGBtP381Dl48NyoKTRIMNxp0MSMdaHsSe3cNah4dDQBjLAV+DX8jHRY3bBY/Oxp+QwwcHAAYKwoeezEjKG5sSxYkD0AZHhsMfDQFCTR6NRk4NG8CfiY8Vw0WDBBsOSodbWk1GXssbi93JR5hCQgZMWgsKjgBcyMNem18DTwcHmEJCBsiVR8pOBFdI3wFK3s7KCAaV1d/GxtBMxkqL2MxBScODx44Iz97LSwIHWEvDCoOfx4CfitUPzggD3gUJAcbfjsNKglaHhYoGU8ifyBpbxMVABBuMH0qGWA0KSgaTys4GTAfEDwgNklHJj0BfzM6NS1aHAcIGXIrDQ HTTP/1.1
Host: coonandeg.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1200
Connection: keep-alive
Date: Mon, 30 Jan 2023 00:45:26 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: n64VJi7n7lrX23GeT2AmPj5IaxMhAHzQy2S5SWrKj1jNPHyPG2VzJw==

reerfdfgourgo.xyz/dnBkTmdZTwc9WhMaPgkxMSovDwksHTJ+ACYUVhwzIjFdNj4wIUI6DhJNUn5TRUZQaBcfFFl/QQUEBToSBU1VaA4YFgtzQQBNVWBUQl5Xf0lEVhFzVlAEFC8AS0FCPhMCHFl/UUFFVH1eQ0NSfFZE

172.67.166.141

204 No Content

0 B

URL HTTP/2
reerfdfgourgo.xyz/dnBkTmdZTwc9WhMaPgkxMSovDwksHTJ+ACYUVhwzIjFdNj4wIUI6DhJNUn5TRUZQaBcfFFl/QQUEBToSBU1VaA4YFgtzQQBNVWBUQl5Xf0lEVhFzVlAEFC8AS0FCPhMCHFl/UUFFVH1eQ0NSfFZE
IP
172.67.166.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dnBkTmdZTwc9WhMaPgkxMSovDwksHTJ+ACYUVhwzIjFdNj4wIUI6DhJNUn5TRUZQaBcfFFl/QQUEBToSBU1VaA4YFgtzQQBNVWBUQl5Xf0lEVhFzVlAEFC8AS0FCPhMCHFl/UUFFVH1eQ0NSfFZE HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 30 Jan 2023 00:45:26 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4i15qJq5p7uMe57tBWd8KhlpKDfJWyV2ZSwyFa2iHly68LNkhA4Hhu1axB0vZScWGPgixCubxr4pz21HSBrKl7eqehbDRVUHi4UDfCE22dkC1EbpJiwqHoIIh%2FVWbioc7G4Ggg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79162f51af76b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
7241647da541f672b155263e9b22eff1
bc41fc4d6497d154ed4d4fe9d079357bbe1028c6
a69c539a138bc99adf7b08838da4b139aa59d58ce81651504993e80996620d97

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A69C539A138BC99ADF7B08838DA4B139AA59D58CE81651504993E80996620D97"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3874
Expires: Mon, 30 Jan 2023 01:50:00 GMT
Date: Mon, 30 Jan 2023 00:45:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Mon, 30 Jan 2023 01:32:19 GMT
Date: Mon, 30 Jan 2023 00:45:26 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/SrfVchP6P8U

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/SrfVchP6P8U
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
795f17a4efb2573fc585ba0a9588f99a
028c0c3aa8b4a8074a8f7be528327d35ee299b7e
84ab72e30738f6c2870d2785435469d42888484bc666b6d02569f2ce870c2728

HTTP Headers

POST /s/gts1p5/SrfVchP6P8U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d3kd7yqlh5wy6d.cloudfront.net/7eWlBTUwaBi8rcw0AJXB6SV1ye3hfAzIiIglUJwkuIAUFeyMrLAs6fC4BZzk2HVRxayAYByZwahwHInB9XwglL3FNTzU9IxJUJiQlHwwrPDgYC2c4LUQELjclFQUgaH4/XG99aUtZaTolFw0uOj9cW3EjOFxbcXx8V1lkfg5cW3E6JRdfdWh/O0xzfTRPXW-R+DlxbcT86XFoAfHxMR3FkaUtZJigvEgZkfwpLWXB9fEhZcGh+SQ8oPykfBjlofj9YcXhiSU80cH0

54.230.245.213

200 OK

520 B

URL HTTP/1.1
d3kd7yqlh5wy6d.cloudfront.net/7eWlBTUwaBi8rcw0AJXB6SV1ye3hfAzIiIglUJwkuIAUFeyMrLAs6fC4BZzk2HVRxayAYByZwahwHInB9XwglL3FNTzU9IxJUJiQlHwwrPDgYC2c4LUQELjclFQUgaH4/XG99aUtZaTolFw0uOj9cW3EjOFxbcXx8V1lkfg5cW3E6JRdfdWh/O0xzfTRPXW-R+DlxbcT86XFoAfHxMR3FkaUtZJigvEgZkfwpLWXB9fEhZcGh+SQ8oPykfBjlofj9YcXhiSU80cH0
IP
54.230.245.213:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (707), with no line terminators
Size
520 B (520 bytes)
Hash
946ac953bb5ccc98cabe6abc9252caf0
111486e940caea65931b91b0e2afc8130707d062
f825ae83c57b51abee9fecaa3e726d9ad816713cd5249073bd1bfc39ef623c24

HTTP Headers

GET /7eWlBTUwaBi8rcw0AJXB6SV1ye3hfAzIiIglUJwkuIAUFeyMrLAs6fC4BZzk2HVRxayAYByZwahwHInB9XwglL3FNTzU9IxJUJiQlHwwrPDgYC2c4LUQELjclFQUgaH4/XG99aUtZaTolFw0uOj9cW3EjOFxbcXx8V1lkfg5cW3E6JRdfdWh/O0xzfTRPXW-R+DlxbcT86XFoAfHxMR3FkaUtZJigvEgZkfwpLWXB9fEhZcGh+SQ8oPykfBjlofj9YcXhiSU80cH0 HTTP/1.1
Host: d3kd7yqlh5wy6d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coonandeg.xyz/

HTTP/1.1 200 OK
Content-Length: 520
Connection: keep-alive
Date: Mon, 30 Jan 2023 00:45:26 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8YoLReWxYnr2iPj0vPcKmLGX4j7r-ElVfCEO3wK-S8-3RV_bTICTbw==

cdn.oaxyteek.net/static/image/favicon.ico

172.67.157.221

200 OK

766 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/favicon.ico
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
766 B (766 bytes)
Hash
1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a

HTTP Headers

GET /static/image/favicon.ico HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1675039536.1.0.1675039536.0.0.0; _ga=GA1.1.1056823690.1675039537

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 00:03:57 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2489
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fD9fR51sV5FkUXpfTgRt98XNXTODTAn%2B3t8eqxL2%2B06JvinCbggXNO4hNTZx2yZ7BPpxZ2%2Fw%2Fzt0dxJTXyhpUrIf7X%2BcWAndFnTj7PY3LnGolQBqgUK71FqJL%2FJmoaGjvqXv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f537f05b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.google-analytics.com/ga.js

142.250.74.110

200 OK

17 kB

URL HTTP/1.1
www.google-analytics.com/ga.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 29 Jan 2023 23:07:48 GMT
Expires: Mon, 30 Jan 2023 01:07:48 GMT
Cache-Control: public, max-age=7200
Age: 5858
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript

adf.ly/static/other/main.html

104.20.67.244

200 OK

2.4 kB

URL HTTP/1.1
adf.ly/static/other/main.html
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Size
2.4 kB (2397 bytes)
Hash
b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e

HTTP Headers

GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 00:45:26 GMT
Content-Type: text/html
Content-Length: 2397
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-8936a98b6e2a0431;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79162f52ebf31c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

d1a3jb5hjny5s4.cloudfront.net/9UDBJNjgzXydQByRZLQsPYAl5Aw52WjpZViANIERhFnk8TE0zVgFxeRthCxBMKlR0Bh48USdRBXZVJ1UFYRYoUlptBG9CSD9bdEFBKlg6U1YkWycQTTENJFlCOVwlVx1idnwYCHUCeR5POV4tWU8jFXsGViQVewYJYB55EwsSFXsGTzlefwIdY3JsBAgoBn-0TCxIVewZKJhV6dwlgBWcGEXUCeVFdM1smEwoWAnkHCGABeQcdYgAvX0o1ViZOHWJ2eAYNfgBvQwVh

54.230.245.85

200 OK

449 B

URL HTTP/1.1
d1a3jb5hjny5s4.cloudfront.net/9UDBJNjgzXydQByRZLQsPYAl5Aw52WjpZViANIERhFnk8TE0zVgFxeRthCxBMKlR0Bh48USdRBXZVJ1UFYRYoUlptBG9CSD9bdEFBKlg6U1YkWycQTTENJFlCOVwlVx1idnwYCHUCeR5POV4tWU8jFXsGViQVewYJYB55EwsSFXsGTzlefwIdY3JsBAgoBn-0TCxIVewZKJhV6dwlgBWcGEXUCeVFdM1smEwoWAnkHCGABeQcdYgAvX0o1ViZOHWJ2eAYNfgBvQwVh
IP
54.230.245.85:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (596), with no line terminators
Size
449 B (449 bytes)
Hash
3c28a91390b78407cb382400f124f93b
5cdac1d9dcfad00d5640425ccdf5a246fcdab37a
4dccdf22ab8677f7da42469309edc4b20bbbef5e3f0d7de0d7af353a35a998e9

HTTP Headers

GET /9UDBJNjgzXydQByRZLQsPYAl5Aw52WjpZViANIERhFnk8TE0zVgFxeRthCxBMKlR0Bh48USdRBXZVJ1UFYRYoUlptBG9CSD9bdEFBKlg6U1YkWycQTTENJFlCOVwlVx1idnwYCHUCeR5POV4tWU8jFXsGViQVewYJYB55EwsSFXsGTzlefwIdY3JsBAgoBn-0TCxIVewZKJhV6dwlgBWcGEXUCeVFdM1smEwoWAnkHCGABeQcdYgAvX0o1ViZOHWJ2eAYNfgBvQwVh HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://coonandeg.xyz/

HTTP/1.1 200 OK
Content-Length: 449
Connection: keep-alive
Date: Mon, 30 Jan 2023 00:45:26 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TmuawZ_Bq5BoPw4gA3gtYnY2dpwv0odqBffwxGaP1hD0IUtHV1Drbw==

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4832b523537a23be2360a60f80b19115
67c7281621269de7f8c1b6c4aecef7eb19f04bfe
8282b65e611998c30f7a9fbace9effbd192d3792dcdd1ade71f1f23032d7a434

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6165
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:27 GMT
Last-Modified: Sun, 29 Jan 2023 23:02:43 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4832b523537a23be2360a60f80b19115
67c7281621269de7f8c1b6c4aecef7eb19f04bfe
8282b65e611998c30f7a9fbace9effbd192d3792dcdd1ade71f1f23032d7a434

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7a38cf33ae66edc3a74cce832404c913
19291526ed481dca4824dab82607d4b0a33da751
88eb4b46e1f4ea3ea3d445438bb610eeba26184814492a3a348c116a42e3b3c9

HTTP Headers

POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=815599299&utmhn=oaxyteek.net&utme=8(User)9(11374213)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1853548048&utmr=-&utmp=%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&utmht=1675039536691&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1056823690.1675039537.1675039537.1675039537.1%3B%2B__utmz%3D198071217.1675039537.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1093728419&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~

142.250.74.110

302 Found

369 B

URL HTTP/1.1
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=815599299&utmhn=oaxyteek.net&utme=8(User)9(11374213)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1853548048&utmr=-&utmp=%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&utmht=1675039536691&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1056823690.1675039537.1675039537.1675039537.1%3B%2B__utmz%3D198071217.1675039537.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1093728419&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
369 B (369 bytes)
Hash
6338b2f8a997d824d47711d7c703da22
92350a0c2a9dd56bd16a151c2898c644ccd4555c
93edbc57d3b3095a59cd425aa866ab5d38af5e0e6e59557289d468c3dcfd2e89

HTTP Headers

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=815599299&utmhn=oaxyteek.net&utme=8(User)9(11374213)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1853548048&utmr=-&utmp=%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&utmht=1675039536691&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1056823690.1675039537.1675039537.1675039537.1%3B%2B__utmz%3D198071217.1675039537.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1093728419&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1056823690.1675039537&jid=1093728419&_v=5.7.2&z=815599299
Access-Control-Allow-Origin: *
Date: Mon, 30 Jan 2023 00:45:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 369

pogothere.xyz/asd100.bin

172.64.199.35

200 OK

102 kB

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.199.35:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:45:26 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 365
last-modified: Mon, 30 Jan 2023 00:39:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ7TrrBhiYEU4bBaJj4z089BLxZ%2F7vmskXE253rMeT%2FeJrLllYmnJRzhz1PznU3D2DbzigrzIaLB6CBiTVGuzQJSPXqGWQg6RUoPMPXMLo%2BKviFIOkivjD%2F0XWvkiVdJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79162f51ddfe75b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/

172.64.199.35

200 OK

1.6 kB

URL HTTP/2
pogothere.xyz/
IP
172.64.199.35:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
1.6 kB (1579 bytes)
Hash
7af0d1544dccd40324314bb55897f7a5
fa365a96613dab3e9972dca84b8796ce4cbd2d7c
b10cca021081099e334b2c990bfbd4523d32077c042437f6bbc3a7b3f1a10587

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:45:26 GMT
content-type: text/plain
set-cookie: csu=1598483612392454@1@1675039526; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2zd4NHn9IJPCe7rdVdDvDVm44mTfAmUy%2B%2FERtCk%2B8ArLHx6p0uT80D3R0mOPWFHcKjl8cKHcxXP%2Ff41cMG2rG9fIYbbVUplY4dpsx87DDnjpKS%2B21io%2Fwh1ii1s9WgU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79162f51fe0d75b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

142.250.74.109

302 Found

397 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Size
397 B (397 bytes)
Hash
2663ae0831adce7aa5fba56531a1fd79
5f8f30db43d3555ec9be7688f2309d47deacaf41
fe1b5efc1fc1f81fa0303124fe17e80fed811144de33c8dad7c820cd06f8cae5

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Jan 2023 00:45:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-837846537%3A1675039527054848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcymAJH1UBfFnq-yuFT25ygc6eHLN__fWoV-gPg-xBsgUub0Di2zOqDqNlL6d0A_WmHt1W_
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Lbk70z0gubgVIKA5k35kYA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:G8vgbMYJddhZiru0zwm1HPbcSPv6MA:ia7o0xOD1hfCWrld;Path=/;Expires=Wed, 29-Jan-2025 00:45:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

103 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
103 kB (102678 bytes)
Hash
b8abc9c29a3cdb25d02afbf64f1bf6cd
491cc9a37aeed5236ffc3ec9f3b889ced71837bc
97da55f48d5e747bf886a8c68230bb85d9d36b58abaa4940a328075a120ede6a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:27 GMT
Last-Modified: Mon, 30 Jan 2023 00:22:32 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278

push.services.mozilla.com/

35.166.224.175

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.166.224.175:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ih9XVl78QceRx3Zc6bOw+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3I7JlZjZCHUIKuShGXCYhlAyXuk=

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
37a7e4543bfa980df584424707613510
1452110174300b256629d2358c0c34845afde889
37ade9e696a04ae304658159835cc38da1ba90a326c5ae4bccfd6850caba7e13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6001
Cache-Control: max-age=148802
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:27 GMT
Etag: "63d69df8-116"
Expires: Tue, 31 Jan 2023 18:05:29 GMT
Last-Modified: Sun, 29 Jan 2023 16:25:28 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

142.250.74.109

302 Found

391 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Size
391 B (391 bytes)
Hash
66ed328804642f8a959d43af586d961e
08e0c3af5aabfaec4803c6609504af2d2a308145
56b57b37d7a0d1a30319da6ab2646da22001b165637b1938f10bf0cf3b81f8ee

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Jan 2023 00:45:27 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1946585550%3A1675039527107932&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfsCSuV7HRkH6D41jvVZAV6mk2hq22Jr6v-J32cu4CFL4ewBbbejHPeHymHn4b4MAbR-0Nb
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-_pVeYZG77YPT2WJNoBTWoA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:YgmazNGopx_8_zItl5PvnnHVTvTkPQ:ebJaxGKX9jCy3_-0;Path=/;Expires=Wed, 29-Jan-2025 00:45:27 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
37a7e4543bfa980df584424707613510
1452110174300b256629d2358c0c34845afde889
37ade9e696a04ae304658159835cc38da1ba90a326c5ae4bccfd6850caba7e13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6567
Cache-Control: max-age=149368
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:27 GMT
Etag: "63d69df8-116"
Expires: Tue, 31 Jan 2023 18:14:55 GMT
Last-Modified: Sun, 29 Jan 2023 16:25:28 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1056823690.1675039537&jid=1093728419&_v=5.7.2&z=815599299

64.233.165.154

200 OK

35 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1056823690.1675039537&jid=1093728419&_v=5.7.2&z=815599299
IP
64.233.165.154:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=1056823690.1675039537&jid=1093728419&_v=5.7.2&z=815599299 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 00:45:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css

104.20.67.244

200 OK

3.8 kB

URL HTTP/2
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.8 kB (3772 bytes)
Hash
07c6c73b79eecf781b141a7d9481fac5
4a6fadf227b794f912b92d6eb6183ae3f2561fd5
8b145d49254d0c04392cf1fcea1c42bdc6f54d94209189b9731feff282214167

HTTP Headers

GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:45:27 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=25476
cache-control: public, max-age=604800
etag: W/"6384-5faa60e6-2ce8da3c9d76af49;gz"
expires: Mon, 06 Feb 2023 00:18:56 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1591
server: cloudflare
cf-ray: 79162f549871b50f-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.oaxyteek.net/static/image/apple-touch-icon.png

172.67.157.221

403 Forbidden

436 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/apple-touch-icon.png
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
436 B (436 bytes)
Hash
b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a

HTTP Headers

GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1675039536.1.0.1675039536.0.0.0; _ga=GA1.1.1056823690.1675039537

HTTP/1.1 403 Forbidden
Date: Mon, 30 Jan 2023 00:45:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0K6wBTOwgPD%2FeiyREudNFT82dWXNIjvlgBT76Pp9SLvY1u7DZuE6ApEgiUBUwmc2rdOnvFNXXqU9wx32nhaEyp8l5xUJuYkvEsumbkYdmv1J7sdiXBWyvxq9DeC4LT5I4zon"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79162f537e76b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

accounts.google.com/v3/signin/identifier?dsh=S-837846537%3A1675039527054848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcymAJH1UBfFnq-yuFT25ygc6eHLN__fWoV-gPg-xBsgUub0Di2zOqDqNlL6d0A_WmHt1W_

142.250.74.109

403 Forbidden

1.3 kB

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S-837846537%3A1675039527054848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcymAJH1UBfFnq-yuFT25ygc6eHLN__fWoV-gPg-xBsgUub0Di2zOqDqNlL6d0A_WmHt1W_
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1280 bytes)
Hash
a4534a24367d827bc318290e130c9502
295ad0b979f199c9e1bdcb327edd0608294468f7
8ca20b51e740b34730765e1ec5a19915dddf1f2f113466b66ec72ea7e3446cea

HTTP Headers

GET /v3/signin/identifier?dsh=S-837846537%3A1675039527054848&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcymAJH1UBfFnq-yuFT25ygc6eHLN__fWoV-gPg-xBsgUub0Di2zOqDqNlL6d0A_WmHt1W_ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Jan 2023 00:45:27 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-IgTQdX0ynmBMVxgl92yLDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?dsh=S1946585550%3A1675039527107932&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfsCSuV7HRkH6D41jvVZAV6mk2hq22Jr6v-J32cu4CFL4ewBbbejHPeHymHn4b4MAbR-0Nb

142.250.74.109

403 Forbidden

1.3 kB

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S1946585550%3A1675039527107932&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfsCSuV7HRkH6D41jvVZAV6mk2hq22Jr6v-J32cu4CFL4ewBbbejHPeHymHn4b4MAbR-0Nb
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1277 bytes)
Hash
0d81a559a0ec7da312941456d864da49
96964c0025e7fbd6446022e5e8faf9c3f474dbeb
505e95ae95a28e4810e65c247d87dff36d3712fd424455361ede63679741251c

HTTP Headers

GET /v3/signin/identifier?dsh=S1946585550%3A1675039527107932&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfsCSuV7HRkH6D41jvVZAV6mk2hq22Jr6v-J32cu4CFL4ewBbbejHPeHymHn4b4MAbR-0Nb HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Jan 2023 00:45:27 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-jJQG0sXlBsTaszRgcOJZwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473

54.230.245.166

200 OK

52 kB

URL HTTP/1.1
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP
54.230.245.166:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (15955)
Size
52 kB (51503 bytes)
Hash
a7a47489a7e7bc1f89d140854a8dc930
b3ea7337f9af0c558ef4e0e61ae96bc5bdf8d950
d6ce4f06c994d095f9d0b79f0a2fcf10b003dd4a62305441ae981f6279da89ff

HTTP Headers

GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/

HTTP/1.1 200 OK
Content-Length: 51503
Connection: keep-alive
Date: Mon, 30 Jan 2023 00:45:27 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: itETvJQmkMJxmrFVtDTmfmarCCtQSrpORO7eY0LyS5F5EY5z9aU8wQ==

www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152

157.240.205.35

301 Moved Permanently

0 B

URL HTTP/1.1
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP
157.240.205.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Mon, 30 Jan 2023 00:45:27 GMT
Connection: keep-alive
Content-Length: 0

region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=2oe1p0&_p=1853548048&cid=1056823690.1675039537&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675039536&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=2oe1p0&_p=1853548048&cid=1056823690.1675039537&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675039536&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GT41R23D5L&gtm=2oe1p0&_p=1853548048&cid=1056823690.1675039537&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675039536&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&dt=Shrink%20your%20URLs%20and%20get%20paid!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://oaxyteek.net
date: Mon, 30 Jan 2023 00:45:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14640
Expires: Mon, 30 Jan 2023 04:49:28 GMT
Date: Mon, 30 Jan 2023 00:45:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14640
Expires: Mon, 30 Jan 2023 04:49:28 GMT
Date: Mon, 30 Jan 2023 00:45:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14640
Expires: Mon, 30 Jan 2023 04:49:28 GMT
Date: Mon, 30 Jan 2023 00:45:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11095 bytes)
Hash
bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UuPN6Nq84hFgUDMbvpLTysWfU1JcRiecGH3tkdqDOOXBo9hVhmpMBA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:52 GMT
age: 9936
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5764 bytes)
Hash
546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 9223
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5934 bytes)
Hash
8fce79ef35b4c943c2b60d5092d17b6f
d29ce982633d0cc50b2a968ea22893d92b9663e3
297e951e4ab09c3465deb222cbe8f66579f9154d4e8806eec3a52350e577fded

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5934
x-amzn-requestid: 75aeb64a-1ba1-4349-84f3-b94aabeccc9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFUMIAMF3nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-56d6fb7b337769986c5c567b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MFuKQ8m9sOQ2Cc0kXzMaJzUBbB5hEUQ8gpr7rYT4vwh8CYs5oqZQfA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:30:54 GMT
age: 8074
etag: "d29ce982633d0cc50b2a968ea22893d92b9663e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10997 bytes)
Hash
65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 9391
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 25772
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6646 bytes)
Hash
f49153c1aade8aa30bc6c84db4fa09d7
5cce4e085c87e7fbe82907694a36a91cc1bc9bfc
3285916959352e77cdbea34515dad3b3a0315b74bca7f45a8e5a2de4661203e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6646
x-amzn-requestid: c8a7d4b9-1a13-41c1-8391-853f03f3150c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRsHiaIAMF4Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49271-634529cc6844e70829b5750f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PXMbaFBZrgdsIRduRmCb8ALPII3zv7dTT4Ikn2B_Waxz3wLcp2giKQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:40:24 GMT
age: 75904
etag: "5cce4e085c87e7fbe82907694a36a91cc1bc9bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=698065591&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(11374213)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1853548048&utmr=-&utmp=%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&utmht=1675039541203&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1056823690.1675039537.1675039537.1675039537.1%3B%2B__utmz%3D198071217.1675039537.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~

142.250.74.110

200 OK

35 B

URL HTTP/1.1
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=698065591&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(11374213)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1853548048&utmr=-&utmp=%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&utmht=1675039541203&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1056823690.1675039537.1675039537.1675039537.1%3B%2B__utmz%3D198071217.1675039537.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=698065591&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(11374213)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1853548048&utmr=-&utmp=%2Frweasy%2F-1BCWU%2F11374213%2Fhttps%3A%2Fgitlab.com%2FAristois%2FInstaller%2Fbuilds%2Fartifacts%2Fmaster%2Fraw%2Fpackager%2FAristois-Free.jar%3Fjob%3Dbuild%26rndad%3D1439075827-1675039484&utmht=1675039541203&utmac=UA-6469700-9&utmcc=__utma%3D198071217.1056823690.1675039537.1675039537.1675039537.1%3B%2B__utmz%3D198071217.1675039537.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sun, 29 Jan 2023 02:07:06 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 81505
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif

reerfdfgourgo.xyz/popunder.gif

172.67.166.141

200 OK

0 B

URL HTTP/2
reerfdfgourgo.xyz/popunder.gif
IP
172.67.166.141:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: reerfdfgourgo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:45:26 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 98934
last-modified: Sat, 28 Jan 2023 21:16:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RotlYP3r41m64t3bP26Gh97lZkAZsNrtH%2BQJytC2ZpJDVKu7z2TvCx7kzoDPWMkhlBkBbGX8X003A3gEPiUX%2Bt77KvbCubQCEG2q%2B79yQHb%2Bc9Tp2WxKk%2BAiEebFXMJ6Nc7Rsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79162f51bf8bb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.199.35

200 OK

0 B

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.199.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:45:26 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 365
last-modified: Mon, 30 Jan 2023 00:39:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ty6GBAQTx1mh8xK79GF4RTaZ8AgS5u%2Ft0RTyMyC8uAmZjftUqn3X7u67XCCGg5dz7KRn7W%2FsanAZsdKODVDYz2F2unjCmB1KhLwXcyVU4i2YC5z3g9xX7CEI%2FGG6DEdW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79162f51ddff75b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oaxyteek.net/funcript1675039536199.php?pub=11374213&v=MM3xNoDjIIxkMVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc23Y92GIZ0uOlW2UV5oYAzCkM4uYUWzFLkhMxTGgb1pNpj3Mb0NZJDikO5iMQTnQb5lNdWWJYiyZVG2Jcl1IJny0eT=

104.21.90.149

200 OK

0 B

URL HTTP/2
oaxyteek.net/funcript1675039536199.php?pub=11374213&v=MM3xNoDjIIxkMVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc23Y92GIZ0uOlW2UV5oYAzCkM4uYUWzFLkhMxTGgb1pNpj3Mb0NZJDikO5iMQTnQb5lNdWWJYiyZVG2Jcl1IJny0eT=
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /funcript1675039536199.php?pub=11374213&v=MM3xNoDjIIxkMVynwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBmyIc23Y92GIZ0uOlW2UV5oYAzCkM4uYUWzFLkhMxTGgb1pNpj3Mb0NZJDikO5iMQTnQb5lNdWWJYiyZVG2Jcl1IJny0eT= HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/rweasy/-1BCWU/11374213/https:/gitlab.com/Aristois/Installer/builds/artifacts/master/raw/packager/Aristois-Free.jar?job=build&rndad=1439075827-1675039484
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 00:45:26 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72qBFcawaVBQnetq5S8i%2B3bWJwqfaTo6Pm%2Bi7%2FW3F5I0lzTIO9FD0YqSymWEwkx6YmNPyVuGAJsYGR10tz%2FVhJNvKWFygX4V9QPeswN%2Bb6XzGMKSzbvaFxujbAOb840%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79162f51bb34b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

157.240.205.35

200 OK

0 B

URL HTTP/2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
157.240.205.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: t6Q2DNRp11g053BL8cq7B24zmXIwRu5ApjWNMkycHiVDjV94J3GvhftSGYl2aVuTVp+d/uzGw4If5yIHc8NUUg==
date: Mon, 30 Jan 2023 00:45:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML