GET oko.sh/cloud_theme/build/css/styles.min.css?ver=6.6.1
200 OK 33 kB URL GET HTTP/3 oko.sh/cloud_theme/build/css/styles.min.css?ver=6.6.1
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
File type ASCII text, with very long lines (65369)
Hash 179be71d42df03ea58d6ea2785217085
82001a88284463f8e04172b8395f5a9eced37df6
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
GET /cloud_theme/build/css/styles.min.css?ver=6.6.1 HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/n1saox0DDm
Cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: text/css
content-length: 33385
cache-control: public, max-age=2592000
expires: Sat, 30 Sep 2023 13:58:46 GMT
last-modified: Wed, 04 Jan 2023 23:14:18 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1501299
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blQPFBWHLsKWxqTunXUActSdpaUDjaR20aihjAs0mPlE1VE4yqCIzH8F1mQxuM7hiPXO%2FFjj41FkQYjr7r8FyPI7jT8%2BLWLmL2CMCg6p7fGWrRiQp4qbdck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f725acc156c9-OSL
GET oko.sh/main/logo.png
200 OK 9.8 kB IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
File type PNG image data, 177 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 100e3de1958caa7253abfb802c583042
c72019ae8001e0b3a253f9bd29d5b5249d49ab7b
b565424f97756150afd0cb043870e580409df4b758a3a6fca74b88fb2c167bf3
GET /main/logo.png HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/n1saox0DDm
Cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: image/png
content-length: 9760
cache-control: public, max-age=31536000
expires: Fri, 30 Aug 2024 13:58:46 GMT
last-modified: Sat, 21 Jan 2023 03:55:10 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1501299
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQ%2Fvvw0ziKzTp%2FHmK6Hqx5gGZ%2F6VFGhsHxyVQ%2BLIxvXtNHbY4o2wOs8JiLV2I9fKSHbN3VFW%2FhD0WTgSRsjh%2Fivzcj7Lyy0PsNtb1wzKE3kV1frS9A53hoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f725acc256c9-OSL
GET oko.sh/webroot/modern_theme/img/freeHostinglist.jpg
200 OK 48 kB URL GET HTTP/3 oko.sh/webroot/modern_theme/img/freeHostinglist.jpg
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 700x251, components 3\012- data
Hash bdc65e22c8f5d6324032ce7d744eb9f3
977a87995528d69d19e4dbc0eaf0552ab0f9d8b1
64b31571aa31997dbf09478f11e0a4122cc02c268f1e4f851a4771222828316f
GET /webroot/modern_theme/img/freeHostinglist.jpg HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/n1saox0DDm
Cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: image/jpeg
content-length: 48487
cache-control: public, max-age=31536000
expires: Fri, 30 Aug 2024 12:25:42 GMT
last-modified: Wed, 14 Jun 2023 16:06:48 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1506883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwO80wBbpE%2FhxRk4brYprfol%2FPSRjWoJlLW7EwR3tfnGAf9qekQXKtPSIM28cxHQCyN0en6ZMC8jq5zrtV%2BG3SMVPERYiwoeumLNY%2Fn8zEHlm6IFvQURjRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f725bcc356c9-OSL
200 OK 209 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63094), with CRLF, LF line terminators
Size 209 kB (209161 bytes)
Hash b7677f30df317e4ef51c8a416ac23b07
96670f3490ed9b7646cb67fba8d66d31e6f0f7c3
e718716cf1d4e42dd06a99e4073ffd2a225a8467f69ffab30aba1fa8ec87401d
GET /n1saox0DDm HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 23:00:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; path=/; HttpOnly; secure
refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; expires=Sun, 17-Sep-2023 23:05:24 GMT; Max-Age=300; path=/; HttpOnly; secure
csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC5Ml7tEh%2Bi3bV03uCvpxMxguWJJfxLmWEPuaGqLaMI1l4Prxm5g1Bj55CmqG3h%2BE%2FAMhhYHXoeNeVgCvolLbCcG2GXRKK1bCcTJCZlP58Mi2LN5Rb%2BvaTc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f71f5a1d56a2-OSL
content-encoding: br
X-Firefox-Spdy: h2
472 B IP
Hash e218b14de90ae059485baf54fc9345b7
d7039dc945e952c6054d4e6fc4b9f2f5669d481f
154b09a04af2379aa40757e9799893f48647eceee6bcaf49b7ebb067c015f15e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 23:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
472 B IP
Hash 02b7f1d031ad9eae6a2d929024adf5e0
8e2eac5ee85d6e09f018ef95564752dfd726a7d9
947d80bc46b261a32ffc16b739e33d8749bb3d9f08d25aae7e3d0077e17017f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 23:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET www.google.com/recaptcha/api.js
200 OK 557 B URL GET HTTP/2 www.google.com/recaptcha/api.js
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint46:10:6A:3E:F0:E9:34:E0:79:83:32:6E:2E:D8:2A:57:15:BD:AC:4C
ValidityMon, 14 Aug 2023 08:23:03 GMT - Mon, 06 Nov 2023 08:23:02 GMT
File type ASCII text, with very long lines (850), with no line terminators
Hash 9e51bdc614c58c6521151feac3e4eece
16d6911155608a64a2bd6cb09075b99b042cafd4
7fe94eb1ebdbb40e05943a38ab7ae8241c909d3e730e806aca7d724be70366a8
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sun, 17 Sep 2023 23:00:27 GMT
date: Sun, 17 Sep 2023 23:00:27 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=UA-113561579-2
200 OK 51 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-113561579-2
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (2271)
Hash 30b9d1e8190b6d5bb7fe9b7dd0fd4634
9d6d9619714b099febf636d1de77567a1ba88dbe
e15351c6227c3ff407cb31f236dd72c594b51cc0f195696686f8db5a4ead6915
GET /gtag/js?id=UA-113561579-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 17 Sep 2023 23:00:27 GMT
expires: Sun, 17 Sep 2023 23:00:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
471 B IP
Hash 6d0836de7378bcfe6c380aa7242c582f
6832a56b6ce5feccce7175e29a381d3479e68c36
b7a6a07e3bfb203265ec8e732702ea913a5e70d7e9395c1a3652d0fff5e25af0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 23:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
472 B IP
Hash e218b14de90ae059485baf54fc9345b7
d7039dc945e952c6054d4e6fc4b9f2f5669d481f
154b09a04af2379aa40757e9799893f48647eceee6bcaf49b7ebb067c015f15e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 23:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET clk.sh/modern_theme/img/dwndbnr1.png?id=64
200 OK 38 kB URL GET HTTP/2 clk.sh/modern_theme/img/dwndbnr1.png?id=64
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint11:62:6D:C3:77:60:6A:04:90:95:39:65:BA:69:4F:54:53:AE:7C:57
ValidityTue, 18 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type PNG image data, 238 x 154, 8-bit/color RGB, non-interlaced\012- data
Hash 354b9af6d03bb735680fb354f5f88cb1
60c20e33b857c860b7a52a3cce282d6efd64c00a
35f7fc18aaaa04440564a057bf4574e17f0ffa64f782f9ecadf75991abcb261e
GET /modern_theme/img/dwndbnr1.png?id=64 HTTP/1.1
Host: clk.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: image/png
content-length: 37909
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=47787, status=vary_header_present
expires: Fri, 30 Aug 2024 15:09:59 GMT
last-modified: Wed, 25 Jan 2023 11:06:50 GMT
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1497026
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0Sr1v8yzdg2DHj3pa7MNZ5kcZJaSNysY2DlKDSA1wTpEZeZqKsWaOm8zZSZKhmPAY6k%2Fe1GORl%2BRSWBTyWQcXvhT%2FQN8zXRSzS04Krs0Vj1oROqT9MQvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f7282fa6568f-OSL
X-Firefox-Spdy: h2
GET zunsoach.com/5/6144830/?oo=1&aab=1
200 OK 97 B URL GET HTTP/2 zunsoach.com/5/6144830/?oo=1&aab=1
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerLet's Encrypt
Subjectzunsoach.com
Fingerprint84:47:43:D8:1B:CD:3E:E7:52:EE:0C:FD:61:AC:C0:DB:74:19:7B:0D
ValidityTue, 11 Jul 2023 05:42:45 GMT - Mon, 09 Oct 2023 05:42:44 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash e5e3fef5fcb8579018c02e6e559a0b73
d50eda303c3cb7dc886ace9dd1c71731f5f5655b
0ce507432b9faf8118cf7985ff78098f6a5219e337ed578f94072c10706031d0
GET /5/6144830/?oo=1&aab=1 HTTP/1.1
Host: zunsoach.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oko.sh
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: application/json
content-length: 97
x-trace-id: 379aec49b7370217d25bed8eac3e596a
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://oko.sh
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=998174bb6b5e4353af29cc2abeee6644; expires=Mon, 16 Sep 2024 23:00:27 GMT; path=/; secure; SameSite=None
oaidts=1694991627; expires=Mon, 16 Sep 2024 23:00:27 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
GET zunsoach.com/tag.min.js
200 OK 25 kB IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerLet's Encrypt
Subjectzunsoach.com
Fingerprint84:47:43:D8:1B:CD:3E:E7:52:EE:0C:FD:61:AC:C0:DB:74:19:7B:0D
ValidityTue, 11 Jul 2023 05:42:45 GMT - Mon, 09 Oct 2023 05:42:44 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash fe5f4818bd4bd9ad628384bf9dfb09cd
07b9a77a52d7f71252c34e1f90921b0173a925e3
2c7ffff003f51d9b82e0132a6eb03e0b2c676048ed8c23e96df5c62e413be6a3
GET /tag.min.js HTTP/1.1
Host: zunsoach.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: text/javascript; charset=utf-8
content-length: 25218
content-encoding: br
x-trace-id: fbcc2ecdd2a65aab69e49913df7c0129
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 11 Sep 2023 11:46:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
200 OK 0 B URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /n1saox0DDm HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/n1saox0DDm
Cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 17 Sep 2023 23:00:28 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FbP8d7S0sYhNLMVUgH0LUwhUUttME3lQGuze08hHfEyB5mjpWpPPvNKmi7T2LzMr5EGx%2FdB0h9QdPEKonRWOG6nLkAm6Xv1qJaZYt6dkAQvXwA%2BqFYsyaM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f7282df356c9-OSL
content-encoding: br
GET oko.sh/main/favicon.png
200 OK 14 kB IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 14b1825447d6bfc65c1779aac74e57f2
ca27229395b4fe0ff4f2e9a5116e153e6b8f3dae
151d56425b5c8c9f884f9164d46e8b8f7fb2b2440d609f29b54607ea3379ee53
GET /main/favicon.png HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/n1saox0DDm
Cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 17 Sep 2023 23:00:28 GMT
content-type: image/png
content-length: 14479
cache-control: public, max-age=31536000
expires: Thu, 04 Jul 2024 05:34:28 GMT
last-modified: Sat, 21 Jan 2023 03:55:10 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 6456359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNlDu21fXeZIM1c1z5fz2iv5ifOyObd%2F5%2B4QOvWxHiATHxIFXcz0OrvQgTzPohzreCDBcDHlzuT%2FkgP0wA9%2FrX%2F9Ste883Ig%2BKF8%2BV7fNbSiK5eGnspnoIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f72fb9b356c9-OSL
471 B IP
Hash 041ceb30d81abf654ca5b4ff821158a2
08cdf7844d7cb2ec87c8e3178071c93c99312538
bbe73d7765211b81e50c19dee2a344997fab3f30a261c087a4e418c93421a6a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 23:00:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
200 OK 587 B URL GET HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintBA:3B:4D:23:E2:DE:35:B9:21:72:22:77:50:93:3A:F3:38:C4:0A:89
ValidityMon, 14 Aug 2023 08:18:15 GMT - Mon, 06 Nov 2023 08:18:14 GMT
File type ASCII text, with very long lines (921), with no line terminators
Hash 97f1ef202ab0c81073fd1e45ecbf1791
6e1ec9ff479920a4677e04dad5a8ecaebb99c4d1
eb2371753b47dc225aed2dcd8e3893e313198ae44aa91f8de9ae231e4ba41a24
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sun, 17 Sep 2023 23:00:28 GMT
date: Sun, 17 Sep 2023 23:00:28 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 587
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
471 B IP
Hash 041ceb30d81abf654ca5b4ff821158a2
08cdf7844d7cb2ec87c8e3178071c93c99312538
bbe73d7765211b81e50c19dee2a344997fab3f30a261c087a4e418c93421a6a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 17 Sep 2023 23:00:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET oko.sh/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
200 OK 209 kB URL GET HTTP/3 oko.sh/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
File type ASCII text, with very long lines (670)
Size 209 kB (209216 bytes)
Hash 0aec173e27fe2509b282ebca08fc9173
7ddf608375d5abd1b0ee126ae4c58aa4f40ec908
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
GET /main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/n1saox0DDm
Cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
expires: Tue, 03 Oct 2023 05:44:54 GMT
last-modified: Sat, 21 Jan 2023 03:55:10 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1271733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOMzHcw0weZYXlKOnsx7jTurTd9j8OByFZAlACiW2CLD9f%2FoH%2FIWSC3gvCtbeKVQ3B23W%2FfIzQnzns09ZrHIAIJtVqtAIyJLvH7CiuODpHIsNOIwwDZFZsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f725bcc656c9-OSL
content-encoding: br
GET oko.sh/cloud_theme/ads/load.js
200 OK 78 kB URL GET HTTP/3 oko.sh/cloud_theme/ads/load.js
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9e8d51d813359cb0f59632d4aa8976dc
b0d76c0b74f00b63f355418902a76062ddc19fcb
3d4c373ebde4db6d3c03110f252efc6abfc891affa07e13d50a6a448db98811f
GET /cloud_theme/ads/load.js HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oko.sh/n1saox0DDm
DNT: 1
Connection: keep-alive
Cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Oct 2023 05:44:54 GMT
last-modified: Wed, 05 Jul 2023 05:27:04 GMT
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1271732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uP8oPbdg14ANslSCGANYVEqpTEKHjUxGTYdwrMCdn7o8UgEkQ5i0BVi6GUku1IygWFzk7I0vWUqiK%2FrqLkW4hF0X06lvz9W88vZT6mb%2FQektQF9zNtNsN7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f7289e3356c9-OSL
content-encoding: br
GET oko.sh/cloud_theme/build/js/script.min.js?ver=16.6.1
200 OK 280 kB URL GET HTTP/3 oko.sh/cloud_theme/build/js/script.min.js?ver=16.6.1
IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerGoogle Trust Services LLC
Subjectoko.sh
FingerprintF5:00:27:64:4B:C4:DF:D8:7B:BD:D7:F3:53:77:FA:FA:3D:28:31:19
ValiditySun, 06 Aug 2023 12:48:59 GMT - Sat, 04 Nov 2023 12:48:58 GMT
Size 280 kB (280165 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cloud_theme/build/js/script.min.js?ver=16.6.1 HTTP/1.1
Host: oko.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/n1saox0DDm
Cookie: AppSession=0c5b770c5f21fd707916eb205bfa0282; refn1saox0DDm=YmYxOTA2MmNlMzg4ZDgxNzkyOGE3ZWYwNGZmNDNhMmJlNjJjNzVhZDk4MTBiZDM4OWIzZmUwMTgyN2MzZmIyY3Ui1UmE0tH8HnTm98bDrWN0jhQGh3a4V3SVW%2BnFIEp9; csrfToken=5f423ff85d01870a0238a2307287dd2c47b376c46efbda6ed42de0fa20066b2b9d4f97969a58b83fafc493eab56f935af9eaf8b6250146a4c005c3679a0bbb3e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: application/javascript
content-length: 90527
cache-control: public, max-age=2592000
expires: Sat, 30 Sep 2023 12:25:42 GMT
last-modified: Mon, 10 Jul 2023 08:07:35 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1506884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkJV519bc1elh4%2Fq7n8DQsz8gZ0EAoLinMgSISlTT%2FmA93PX5qcCs2pyKHFlNatqK7FbEDgxAQWeuoKaf7v%2BmA2mCTF5uiIKbU%2FBIzSHmGNXWMkxiiPNxgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8084f725bcc856c9-OSL
GET ophoacit.com/1?z=5324394
200 OK 42 kB IP
Requested by https://oko.sh/n1saox0DDm
Certificate IssuerLet's Encrypt
Subjectophoacit.com
FingerprintBA:22:E5:6C:16:E2:40:EC:4F:D5:BC:70:BD:70:0F:C0:76:C0:39:8F
ValidityWed, 16 Aug 2023 07:14:02 GMT - Tue, 14 Nov 2023 07:14:01 GMT
File type ASCII text, with very long lines (41880)
Hash 27ad5599305abd948c84254b048d4997
58002c2ad1a54f583ddc40caa96da890f9a9b90b
83caf6022c37177e02be5a05371d3a7161ec433860c1358cdf547ecbcf172394
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /1?z=5324394 HTTP/1.1
Host: ophoacit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oko.sh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 17 Sep 2023 23:00:27 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 61f960c4b46fc8669ced848af521ad5f
access-control-expose-headers: X-Sc
x-sc: Z7DvMUmhzVi5kx2vpW_4H8E5EFHRiqAneWJ6N-nn6i7M_Xs7TnljmJBAYCMN7RX7vFbKs2-45zpFKu8NnPYJyBpVPoU=
set-cookie: scm=1; expires=Mon, 16 Sep 2024 23:00:27 GMT; secure; SameSite=None
OAID=489022fb9c294ed2b06557e98d65b10e; expires=Mon, 16 Sep 2024 23:00:27 GMT; secure; SameSite=None
oaidts=1694991627; expires=Mon, 16 Sep 2024 23:00:27 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
172.67.138.65
139.45.197.248