Report - oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287

Report Overview

Submitted URL
oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
IP
172.67.157.221
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-09 12:31:07
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	484 B	563 B	173.194.220.157
cdn.adf.ly	214923	2012-07-03T16:35:38Z	2023-03-13T05:42:25Z	1.2 kB	7.3 kB	104.20.67.244
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.4 kB	2.6 kB	93.184.220.29
oaxyteek.net	unknown	2022-07-20T11:12:31Z	2023-03-13T09:06:15Z	2.4 kB	53 kB	172.67.157.221
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ldimnveryldgitwe.xyz	unknown	2023-02-08T23:12:51Z	2023-03-11T11:58:25Z	1.7 kB	2.6 kB	172.67.216.229
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.5 kB	9.2 kB	142.250.74.131
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	377 B	42 kB	142.250.74.168
narenrosrow.com	unknown	2023-01-31T11:25:37Z	2023-03-02T04:55:43Z	3.3 kB	7.2 kB	54.230.111.65
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	719 B	442 B	216.239.32.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.2 kB	45 kB	34.120.237.76
adf.ly	49660	2012-05-22T02:13:31Z	2023-03-13T05:20:32Z	360 B	2.8 kB	104.20.66.244
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.77.32
cdn.oaxyteek.net	unknown	2023-01-23T17:54:50Z	2023-03-13T05:42:24Z	6.5 kB	156 kB	104.21.90.149
d1a3jb5hjny5s4.cloudfront.net	unknown	2021-05-29T18:33:12Z	2023-03-13T08:13:50Z	838 B	37 kB	54.230.245.125
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.4 kB	2.9 kB	23.36.76.226
d2oy22m6xey08r.cloudfront.net	unknown	2023-02-09T05:45:17Z	2023-03-04T09:22:40Z	552 B	912 B	54.230.245.166
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	2.0 kB	19 kB	142.250.74.110
pogothere.xyz	unknown	2022-09-04T21:11:25Z	2023-03-13T05:42:24Z	1.6 kB	226 kB	172.64.132.29
dc5k8fg5ioc8s.cloudfront.net	unknown	2021-01-11T12:54:35Z	2023-03-13T05:42:25Z	286 B	52 kB	54.230.245.39
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	306 B	34 kB	142.250.74.138
accounts.google.com	81	2016-03-20T13:44:49Z	2023-03-13T07:05:07Z	1.1 kB	20 kB	216.58.207.237
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.40.68.141
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	1.0 kB	8.4 kB	157.240.205.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-09	medium	ldimnveryldgitwe.xyz	Sinkholed
2023-02-09	medium	ldimnveryldgitwe.xyz	Sinkholed
2023-02-09	medium	ldimnveryldgitwe.xyz	Sinkholed
2023-02-09	medium	pogothere.xyz	Sinkholed
2023-02-09	medium	pogothere.xyz	Sinkholed
2023-02-09	medium	pogothere.xyz	Sinkholed
2023-02-09	medium	ldimnveryldgitwe.xyz	Sinkholed
2023-02-09	medium	pogothere.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c	232 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash 443d7cf24ac33ba5e5ea3bf19ca42808 5a2321f5092ed6e151e05b5a6b77357d3b32c0d2 e6ad6d5fb3f79e9d102f1333b79202ae0b2c0842439760f5e5e047f6ddbe679c Loading...

	d2oy22m6xey08r.cloudfront.net/JVGVYeDU3CjYeCiAMPEUDZFFrTgFyDysXWyRYFzZ+OVMTEwRhKy9NQzw9fgxPMFhoXlk1Cz9FEzELO0UEcgQ8GghgQywIWj9YNhtMJQsrDkE7EH4NVGkINwJcOAk5XQcSUHZIEGZVcA9cOgE3D0ZxV2gWQXFXaEkFelV9S3dxV2gPXDpTbF0GFkBqSE1iUX-1Ld3FXaApDcVYZSQVhS2hREGZVPx1WPwp9SnNmVWlIBWVVaV0HZAMxClAyCiBdBxJUaE0bZEMtRQQ	719 B	2023-03-13	2023-03-13
Pretty URL d2oy22m6xey08r.cloudfront.net/JVGVYeDU3CjYeCiAMPEUDZFFrTgFyDysXWyRYFzZ+OVMTEwRhKy9NQzw9fgxPMFhoXlk1Cz9FEzELO0UEcgQ8GghgQywIWj9YNhtMJQsrDkE7EH4NVGkINwJcOAk5XQcSUHZIEGZVcA9cOgE3D0ZxV2gWQXFXaEkFelV9S3dxV2gPXDpTbF0GFkBqSE1iUX-1Ld3FXaApDcVYZSQVhS2hREGZVPx1WPwp9SnNmVWlIBWVVaV0HZAMxClAyCiBdBxJUaE0bZEMtRQQ IP 54.230.245.166 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash 3372e7cd272d686bcb153cac81426de6 ce1544a0b72dc32100f66bed1929d7211c2d5e94 e73c8c1290fb73b7193b5ffc35fb74e307ef8e6a494ca0e545b60cdb36bafd6e Loading...

	oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287	551 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash 103e92d5ca4c353a7dcdc13362c2fe33 bbb91319966840711530f6c9efb68e279f199fe5 5a0b18bc519fbbe151ecab7b393685ee314b75379d50579bfe931d020349b2a1 Loading...

	cdn.oaxyteek.net/static/js/view118_bidshow.js	11 kB	2023-03-07	2023-05-14
Pretty URL cdn.oaxyteek.net/static/js/view118_bidshow.js IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen122 Hash 7bd8a9fa85fffef9db565180d148b73e 487360f168864d7b56d45ce03e8962e9eb2d6c6e 38fea38c82addf11b3a9a703649451db83bb5af7645594afe9025ae84bd70311 Loading...

	oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287	519 B	2023-03-13	2023-03-13
Pretty URL oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash 3a888f32169bd783cb94d88928397dfc 2775e978a8b1aea58a5509a183bfe8e519ca4af7 5a6d215a865efe2c119ae3ce7b46c0010fbebcc09119ff5edba2efbbf3b9de78 Loading...

	narenrosrow.com/ZVNYS2kEMTsmVgRuOm0cFz9lblsjdmoNDVQyayELUDsyJRBQIGxlCgk8LS8PFzw2P0cLNixuWyMDOiEzLQYdEicyADN5DDcjPgJbVCsALFBWCQAJID0XCW5bIxgafyUoFD8uKFUSYQEQNDIBDCwOAxkkJQFgATotVDQ/KT4kHw8IOxE3aCMxLCkSfD4NEiICKg4VGzE4UxgKIzEpF2whKgkjMAE6AQcPMg4UHy8BCC89DnsiJB0oEi4rMBomUQsfLwk6LhA7ejoSAWsbAy8fGgMNDTczCi48PhUOOhIBawEQXRIZAydUNws8PQEEGW5bJwQZAQA8JAoHKy1+OyIkICAeCQQjYQ8zAVY2DwUKJzoZeiM0BQISBCwSAAozVwoQEQ8nPQJ6DSNmCQcALDkbDQJAYR4vMTQ8GngNCTIefzgoPml4Tw8gNyUZWCRgEwQTKS8pHTM	3.0 kB	2023-03-13	2023-03-13
Pretty URL narenrosrow.com/ZVNYS2kEMTsmVgRuOm0cFz9lblsjdmoNDVQyayELUDsyJRBQIGxlCgk8LS8PFzw2P0cLNixuWyMDOiEzLQYdEicyADN5DDcjPgJbVCsALFBWCQAJID0XCW5bIxgafyUoFD8uKFUSYQEQNDIBDCwOAxkkJQFgATotVDQ/KT4kHw8IOxE3aCMxLCkSfD4NEiICKg4VGzE4UxgKIzEpF2whKgkjMAE6AQcPMg4UHy8BCC89DnsiJB0oEi4rMBomUQsfLwk6LhA7ejoSAWsbAy8fGgMNDTczCi48PhUOOhIBawEQXRIZAydUNws8PQEEGW5bJwQZAQA8JAoHKy1+OyIkICAeCQQjYQ8zAVY2DwUKJzoZeiM0BQISBCwSAAozVwoQEQ8nPQJ6DSNmCQcALDkbDQJAYR4vMTQ8GngNCTIefzgoPml4Tw8gNyUZWCRgEwQTKS8pHTM IP 54.230.111.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash e55cf069a9a161a0301d345d03d9761e b6d82c18e377da06e3ab6bf4b2e694571745099b 67eb5cb3e920b71dd5f229fade50f7f48ef86de8a400ec7c53bb5298f297cd0b Loading...

	oaxyteek.net/funcript1675945916193.php?pub=19024711&v=AOyxNoDjcIxkMVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjyQc13N9WGRZkuNlW2ZVjoOADCFMluNUGzMLxhMxTGNbmpYpz3gb2NNJjiMO2iMQjnIb0lMdDWUY3yNVm2Ycx1IJny0eT=	109 kB	2023-03-13	2023-03-13
Pretty URL oaxyteek.net/funcript1675945916193.php?pub=19024711&v=AOyxNoDjcIxkMVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjyQc13N9WGRZkuNlW2ZVjoOADCFMluNUGzMLxhMxTGNbmpYpz3gb2NNJjiMO2iMQjnIb0lMdDWUY3yNVm2Ycx1IJny0eT= IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash a8534d927561cee879981352ba607fcc 24e7e271966ac82575bb2a1914113875e07ff453 697e3c96342b12e8236146670b532402c72742a6700a9cda5a410b21679e6d47 Loading...

	www.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL www.google-analytics.com/ga.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473	185 kB	2023-03-13	2023-03-13
Pretty URL dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 IP 54.230.245.39 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash ffab1fea656cb6fd26a505e6f1cc47cf be7dbb3cd416baa953e03e09d4168589c3659583 1c77caa9f6e753355fbade07fadcea2e46d466e8d34ff66eda6aeafdbefdf55f Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js	94 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-19 00:18:18 Times Seen10420 Hash ddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Loading...

	oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287	1.7 kB	2023-03-13	2023-03-13
Pretty URL oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash dc7c63777f75b06c6f842a9708b602b8 48fd374ea19549c9bb2d49c08e3f9f966d1e6d1f c61f896b31c24fe7cd97fed3e17de69f7adca6042bf17a787f5459555eef44be Loading...

	oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287	143 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash e4d2d45eb91b8f26c33f3ea334ae617d 6506b7ae7ba8c41c2e0148a69098fd7333bd294a 56aaee9dedf8c077bd5c9dd25dc214f2c09e4b715f81904e7c361122c5825487 Loading...

	narenrosrow.com/VUpqQ1g0KAkuZzR3CGUtJyZXZmoTb1gFPGclE3FqOHwSJiFlchhtOzklHyc+JyUEN3Y7Lx5mahMAPAQODC8uFmsWIDMmGzwLJxMdAA4wBR4nHg0FIREzGRsPLBgzBSIPb1gBFwMHPgYvByIhOmEbGxA0YTMtEhMVEyIFGzQ+eyk5YRMPEAYUGno/BjsyG1IEPz0tOzovHB0AegEbIh4OEgQ5GAczEH0vC2wbHC0oERs9ICAXFCFfGwk2GT8LAhwPLRkONgtTIBcyD1kHaA8yPHE/AhsyBQA0DwEFPTkcUxBrMTI8cT8FEi4zDDcMWgQePggbEB1kIz8bdWQGDnAeDSsrMxw2HDMZCwQcAhBqPRgvBAIDGhJyDwU9GnoLOwQHFQ85AygUDgMrPHMQDwsnOxs5CxMAMRcuKDsSACsvczoPDyc3CgQbTCkrOiQafhcbAQd1Ez57Xw0vYDwCGw	3.0 kB	2023-03-13	2023-03-13
Pretty URL narenrosrow.com/VUpqQ1g0KAkuZzR3CGUtJyZXZmoTb1gFPGclE3FqOHwSJiFlchhtOzklHyc+JyUEN3Y7Lx5mahMAPAQODC8uFmsWIDMmGzwLJxMdAA4wBR4nHg0FIREzGRsPLBgzBSIPb1gBFwMHPgYvByIhOmEbGxA0YTMtEhMVEyIFGzQ+eyk5YRMPEAYUGno/BjsyG1IEPz0tOzovHB0AegEbIh4OEgQ5GAczEH0vC2wbHC0oERs9ICAXFCFfGwk2GT8LAhwPLRkONgtTIBcyD1kHaA8yPHE/AhsyBQA0DwEFPTkcUxBrMTI8cT8FEi4zDDcMWgQePggbEB1kIz8bdWQGDnAeDSsrMxw2HDMZCwQcAhBqPRgvBAIDGhJyDwU9GnoLOwQHFQ85AygUDgMrPHMQDwsnOxs5CxMAMRcuKDsSACsvczoPDyc3CgQbTCkrOiQafhcbAQd1Ez57Xw0vYDwCGw IP 54.230.111.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash 22b2cc02534bdded0a6b95311e22480c 51557640cf7e03f8927ba95585d8ff294995f666 aee86b9af86d63cdb68dac040c1a8ed012bfa2e5015e30988012d0fb7f1e5302 Loading...

	oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287	341 B	2023-03-10	2023-05-14
Pretty URL oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:49:27 Last Seen2023-05-14 09:10:31 Times Seen85 Hash 85fc9111b0ef7e154a67d8191eeb2ab8 cc2fc4aab1abffb44c72cd144f8435ce74531659 c62af88944f869e1f462cb666048f6e430c684e1ef43882e4486b95790e8ec62 Loading...

	d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056	108 kB	2023-03-13	2023-03-13
Pretty URL d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056 IP 54.230.245.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash 9ef6934f0c882eea8a1672d605713770 8501f63d2b2b07639f76c9be791026bb841bd6ff bcad235d211fe5015df78233ee1b5c986b331650bcf41a2b93339b782e1b9da3 Loading...

	oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287	665 B	2023-03-07	2023-05-14
Pretty URL oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen71 Hash aa14b51e4361d4da1792ad6b290f3b5f 904ea9c2a81485ca2eae1d3497313c47f2eb4a8c c5ec1ec9adb40a3e9f8af6630eb9f3f19f7e7e9f4c23d68fb906282b4c833112 Loading...

	d1a3jb5hjny5s4.cloudfront.net/PbjZHUEYNWSk2eRpfI21xXg93ZXBIXDQ/KB4LMGgeA0A9JyQaYGEkPAoLd3YqD1ggbWALWCRtd0hXIzJ7WhAzICkFCzQ6KRhXLD4jClphJSdTWygqLwJaJnV0KANpYGNcBm8nLwBSKCc1SwR3PjJLBHdhdkAGYmMESwR3Jy8AAHN1dSwTdWA+WAJiYwRLBH-ciMEsFBmF2Wxh3eWNcBiA1JQVZYmIAXAZ2YHZfBnZ1dF5QLiIjCFk/dXQoB3dlaF4QMm13	594 B	2023-03-13	2023-03-13
Pretty URL d1a3jb5hjny5s4.cloudfront.net/PbjZHUEYNWSk2eRpfI21xXg93ZXBIXDQ/KB4LMGgeA0A9JyQaYGEkPAoLd3YqD1ggbWALWCRtd0hXIzJ7WhAzICkFCzQ6KRhXLD4jClphJSdTWygqLwJaJnV0KANpYGNcBm8nLwBSKCc1SwR3PjJLBHdhdkAGYmMESwR3Jy8AAHN1dSwTdWA+WAJiYwRLBH-ciMEsFBmF2Wxh3eWNcBiA1JQVZYmIAXAZ2YHZfBnZ1dF5QLiIjCFk/dXQoB3dlaF4QMm13 IP 54.230.245.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash fc1f5876033f73cb5bfcb820e1d445d7 a9576e6fd7e274abc65babc94c8f076605f193ad 05865b8ddd5e62d75a8bf170294a334d5f95dfd3a64011f7444cd8ba13aa3b7f Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ	106 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash 81187aedc2e66e597c81690b4e21c11a f24637f05c3f4d3e514649282c90ad603fa62574 daf8e7e93fe4ca260d24dd45040eaf067cc86e84b9017b004a353fd5c09748f3 Loading...

	cdn.oaxyteek.net/static/js/amvn.js	259 kB	2023-03-13	2023-03-13
Pretty URL cdn.oaxyteek.net/static/js/amvn.js IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:16:23 Last Seen2023-03-13 20:29:17 Times Seen1 Hash 698c2747868f79c2138529f03d9ba3ec dc4a8b93f480f9944578cb2a7f0d735a004e6ec8 73376a92471158e96fbdfd9a5098fff249e784f146b9dcf3caba18d4bc576ff1 Loading...

	oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287	554 B	2023-03-13	2023-03-13
Pretty URL oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287 IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash c719ef04e03b958132df1dda041ede44 b201ccae8d16db68a6a83a22f5dbdf34759b7180 d7aff54351ab5aec591bff5fb5162d5898872d405fb7b1d40ff6e455e9c901e3 Loading...

	oaxyteek.net/js/display.js	16 kB	2023-03-07	2023-07-09
Pretty URL oaxyteek.net/js/display.js IP 172.67.157.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2023-07-09 10:24:48 Times Seen188 Hash 31c9f8c6a12dfa956f8bd76d130c7d0b cbb32bfcd93a2f76f2bc66ec651ac27824082dab 4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259 Loading...

	cdn.oaxyteek.net/static/js/main.js?v=2022052901	2.0 kB	2023-03-07	2023-05-14
Pretty URL cdn.oaxyteek.net/static/js/main.js?v=2022052901 IP 104.21.90.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen104 Hash 9dccb8ccd8da2bae23d4a71b2f3d884b e375888187278462254e305c498959eb2745c49e 29d8741f9be753192c4ad99e21b22089a10952a10c2092dcfa1532edf58c3f68 Loading...

		Size	First Seen	Last Seen
	#1 Write - 62a7e087058979dd7f570fd697b97097	4.4 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 20:29:17 Last Seen2023-03-13 20:29:17 Times Seen1 Hash 62a7e087058979dd7f570fd697b97097 bb60f3cfe38a740963d6d9aae56de0332b90d4c4 f992ca9579d8759923b4952bbfb9f1d25bd0c1801f091f76a756f760daed1585 Loading...

	#2 Write - c5639dd33c003902bcb9563f1e09337d	82 B	2023-03-07	2023-05-14
Pretty Observations First Seen2023-03-07 01:03:13 Last Seen2023-05-14 09:10:31 Times Seen67 Hash c5639dd33c003902bcb9563f1e09337d 3d8a9f2173ae1e9e9cd21be7eb9cd6999befb486 ede59fa13aaed1cae74b3d5451084369b1c25b6fbc3c2b467f7ed1bbd2ad8206 Loading...

HTTP Transactions (89)

URL IP Response Size

oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287

172.67.157.221

200 OK

5.7 kB

URL HTTP/1.1
oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (552), with CRLF, LF line terminators
Size
5.7 kB (5675 bytes)
Hash
710a77a19b321e8c7ef659a0fdf7e691
54623d741ba74974b5d841284bb7b3e096f53752
71d169f0cd8b7184f5a4e6dffa81eb5b2678ac4cd74dcf6248e5ea025ab4f588

HTTP Headers

GET /-75432VLUK/1gHb?rndad=3118590511-1675847287 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=vod5krks23696gtbmn4b9f1i31; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Fri, 10-Feb-2023 12:30:56 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Fri, 10-Feb-2023 12:30:56 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
yp3=1532635802; expires=Fri, 10-Feb-2023 12:30:56 GMT; Max-Age=86400; path=/; domain=.oaxyteek.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 09 Feb 2023 12:30:56 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47gJa7F6VpI5D2YNtlc%2Btrh6ZxRfsFAx%2BqwUDS7%2Fv05NA4sCK5Yi0qL9AOjel2WZNmmoQWzrFPBgkpSJj1OuT%2Fr3STcSGMPy%2BMDZK9ky4Xk35aLuvuhtCuKJBJWSwXE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 796c9e82b89ab527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4973
Expires: Thu, 09 Feb 2023 13:53:49 GMT
Date: Thu, 09 Feb 2023 12:30:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6865
Expires: Thu, 09 Feb 2023 14:25:21 GMT
Date: Thu, 09 Feb 2023 12:30:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 11:36:48 GMT
content-type: application/json
age: 3248
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2260
Expires: Thu, 09 Feb 2023 13:08:36 GMT
Date: Thu, 09 Feb 2023 12:30:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: G4oR/b7MIKCnRBpC2ZEBZjI6fY14ywFicltjzU7lSLqaCNrVS1rCCD3AZIDn2KWHe46kQ0W82NfSfJiN9RR48Q==
x-amz-request-id: HVXQ6E65K995D6QM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 11:36:21 GMT
age: 3275
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

cdn.oaxyteek.net/static/css/adfly_7.css

104.21.90.149

200 OK

875 B

URL HTTP/1.1
cdn.oaxyteek.net/static/css/adfly_7.css
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2735), with no line terminators
Size
875 B (875 bytes)
Hash
f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a

HTTP Headers

GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:56 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-a94c583d5cffa0cf;gz"
expires: Thu, 16 Feb 2023 12:01:46 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FXoMgnKSl6MdbT3CjnSUDm%2FQL%2B3uee6Q3oAKjHazvYpx%2FI3hu2%2FAozUqi0fxualhPC6e9kE3Vs3Uxare1ka7TUqge7SHiSutKEhybT1KWSD7sbDFJoENbcMr8SnEOMiBH%2Fr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 796c9e853cdeb51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/js/amvn.js

104.21.90.149

200 OK

84 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/js/amvn.js
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (15948)
Size
84 kB (84307 bytes)
Hash
bded38d12f96d620e2ce81d6ba4c254d
ae4b045c17ed1a4b94d03648bbd29ff889df3d88
224870f24219235e681884172da468c6665985a2270ba6a57d75f876cdb0ba07

HTTP Headers

GET /static/js/amvn.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:56 GMT
Content-Type: application/x-javascript
Content-Length: 84307
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:01:47 GMT
last-modified: Thu, 09 Feb 2023 00:20:03 GMT
etag: "3f2bb-63e43c33-c945075f81241061;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 620
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23ayXtvOEVYE57Mo7fx14NKJlElADpbuTMP42%2FCL%2B%2FSzS4dL0ZZmBAY9MQBYka8WGxs2qIvCLZB5bviM0dhwKSwQQTcCVeCbQYqdkaqq%2BCbXbunGZeNfi6qRRRZY7gO7wCM3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 796c9e853ec5fab8-OSL
alt-svc: h2=":443"; ma=60

ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

142.250.74.138

200 OK

33 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
33 kB (33333 bytes)
Hash
18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0

HTTP Headers

GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 05 Feb 2023 13:52:16 GMT
Expires: Mon, 05 Feb 2024 13:52:16 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 340720

cdn.oaxyteek.net/static/js/view118_bidshow.js

104.21.90.149

200 OK

4.0 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/js/view118_bidshow.js
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10991), with no line terminators
Size
4.0 kB (4024 bytes)
Hash
966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9

HTTP Headers

GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:56 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:09 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-3bacd69da000f03;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3P9IT%2FvIRu8Xp5T3%2FjzbuBI53uJqk4q54jdGg3OuhDBYV%2BdwJl0TYr7zb9fWxFTyem%2FHIxQnP4CQ7KHJ6ffY1zIJvb7PESaOFkQn0%2BnvkgMBXbrPIZ2mjakMUI8QG6J0WZE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 796c9e854a0ab512-OSL
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:30:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn.oaxyteek.net/static/js/main.js?v=2022052901

104.21.90.149

200 OK

705 B

URL HTTP/1.1
cdn.oaxyteek.net/static/js/main.js?v=2022052901
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
705 B (705 bytes)
Hash
5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d

HTTP Headers

GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:56 GMT
Content-Type: application/x-javascript
Content-Length: 705
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:30:43 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-5a0b6a8c1f70ff01;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sywgA6SyBuf7Fap22h3ABJpdty2rJeGynDtCA7A7efczKoXjWmYqaQi0qACoiB2zBPa2Hd5ZfohW0%2BaNAnssxAbz8DwH6eQuscEHZAIbd%2FfTHyymb85DoVpUVvm9ZP%2BOMfO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 796c9e8538790b31-OSL
alt-svc: h2=":443"; ma=60

d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056

54.230.245.125

200 OK

36 kB

URL HTTP/1.1
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP
54.230.245.125:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (15481)
Size
36 kB (36019 bytes)
Hash
ff83bf867b2973bf07ad267f7661ef2b
76d251a98fdae556dd70a93208273714824859e4
a4f5a2097e7353c8c2f3afac03d398cccb31d550ed948794e6e52cf1079203df

HTTP Headers

GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Content-Length: 36019
Connection: keep-alive
Date: Thu, 09 Feb 2023 12:30:57 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zN3H9wM-zOSUXg3tcTdCQSW-KqpLyYjSDrE7fmTQqveU0nhGcHAg-w==

cdn.oaxyteek.net/static/image/skip_ad/en_tran.png

104.21.90.149

200 OK

5.1 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/skip_ad/en_tran.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5076 bytes)
Hash
a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29

HTTP Headers

GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:10 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-eb24f435e560d3dd;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDPgViFyrfLqrkC4A40ZDF483Fjp%2FFmQOsbFmyOa1%2BxfOZTsOaUSoIDM%2BQuPYbHeIuBD%2FPp%2Bqj0g8DGPyxh97fOiiD5XT7yBk2T9Zd3ty6x%2F%2Fydmuey4%2BRSk6DpOriIBBMDB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e869fe6b51e-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/delete2.png

104.21.90.149

200 OK

577 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/delete2.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
577 B (577 bytes)
Hash
3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43

HTTP Headers

GET /static/image/delete2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:10 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-657b5e5638f6aacc;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwf%2FtnDOIYAkzdMn4IhDhzMagGvZbbknZorXJ%2BLLbdXSUX3qm2ddRTFbvSXhrL49qYo0qXRPeaTJccM6tn4dPC6aoF%2BP2Vkp2P%2FylP%2FlD04vNbDGq0thEwbw5piAQe%2BLdcca"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e869c22b512-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/ahl6532.gif

104.21.90.149

200 OK

3.2 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/ahl6532.gif
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 166 x 58\012- data
Size
3.2 kB (3229 bytes)
Hash
48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15

HTTP Headers

GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:10 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uDQpCMt9FsOjjdbl6NNGNDftE8iMCKr8AZm%2F4Lpr5mOTCiOE9cCip497WRANf2qMF9ia1BX3STSThvKWQJhQgN7vbu2S1BG7Jw9Z8kML5wv3pDQShSyiEjE9GGzNWc56b3t"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e869dde1bfe-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/spinner.gif

104.21.90.149

200 OK

36 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/spinner.gif
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 39 x 39\012- data
Size
36 kB (35453 bytes)
Hash
2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157

HTTP Headers

GET /static/image/spinner.gif HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:10 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-3361a662be6e6961;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Axx7A8MWE8%2FMun%2BhJXUCjZPQBM%2BzNj5AazuGlJGfP1KRkDFp683X5ck3dvjupc8VaoOC6AFqhksQ73eqLLpOLXcBlEedlWEnap7%2FYAdwrAAN090LNVYaS15yk%2BW%2Bd02ZpTue"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e869c6bb4fd-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/logo_fb2.png

104.21.90.149

200 OK

6.3 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/logo_fb2.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Size
6.3 kB (6283 bytes)
Hash
84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3

HTTP Headers

GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:10 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-48354ceeda0c07b3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv0xD5IuVVRQUboZueYsdGnrFKhdi25J0u4XOpoXNLpKLiEItUtaMEl%2BMjE0%2FawMZuTcQgVnr4yioB1WJZCbPIBHseGyWL0WrTO6EfVbfyPZbtoqLIyLoVbpeSN%2B0mV6KN7S"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e8699af0b31-OSL
alt-svc: h2=":443"; ma=60

ldimnveryldgitwe.xyz/popunder.gif

172.67.216.229

301 Moved Permanently

0 B

URL HTTP/1.1
ldimnveryldgitwe.xyz/popunder.gif
IP
172.67.216.229:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: ldimnveryldgitwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Feb 2023 12:30:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Feb 2023 13:30:57 GMT
Location: https://ldimnveryldgitwe.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FroI4Dn0eFLpxnd3Xbnd5jqdumhLshmV6nhEnrawRcwZpMQiJi3eMwM8Wf16jEy%2BGg7WQVHLJsv7zhRQJE0R6S%2FhaoL%2BvkjnL7crkVqM1q56vhxe%2BCpZXm4dYzlCKPuD9yIe35DRA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e870ceab500-OSL
alt-svc: h2=":443"; ma=60

oaxyteek.net/js/display.js

172.67.157.221

200 OK

5.8 kB

URL HTTP/1.1
oaxyteek.net/js/display.js
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15999)
Size
5.8 kB (5775 bytes)
Hash
e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27

HTTP Headers

GET /js/display.js HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: FLYSESSID=vod5krks23696gtbmn4b9f1i31; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:09 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1728
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2a0IGZXEukMBg1AG7jIQcQZ2H5YaXJSZJhefBCa85ceBfRbXW%2BLau005ol%2BJDggpJNFf85zRhx1c84LK%2BUiedGpy3zBT0oPPJ%2FgxmvWVf66RsfAsGdF9yIWp6B9OD4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 796c9e871e67b527-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/s/gts1p5/1STJ5vE1k1Y

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/1STJ5vE1k1Y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
914b65b7cb2122a629e90cefb9e72aec
4812b33e1c0d4a25001725e443ff175b77ffa1ba
d3714aa980e5a4f92ba1a01f026f2de650519cecf2e268e949146fae63e6aa4f

HTTP Headers

POST /s/gts1p5/1STJ5vE1k1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/1STJ5vE1k1Y

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/1STJ5vE1k1Y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
914b65b7cb2122a629e90cefb9e72aec
4812b33e1c0d4a25001725e443ff175b77ffa1ba
d3714aa980e5a4f92ba1a01f026f2de650519cecf2e268e949146fae63e6aa4f

HTTP Headers

POST /s/gts1p5/1STJ5vE1k1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff65160dc28d40c4003646dbf7d54ad2
47d1c553f3d70ae73c0720fc0d863674f271158a
48a7e7736594e645a7e7bee214bee2d5c4508c7c2f455fe790f7c401f58d32e2

HTTP Headers

POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.oaxyteek.net/static/image/d_top_bg.png

104.21.90.149

200 OK

156 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/d_top_bg.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
156 B (156 bytes)
Hash
106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

HTTP Headers

GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:10 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-4968c22d9bbfac4c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FKkGnzEu0YNc2O8LrlAKt5K3AD3E8Y2wTBgfPiq3VbNlLXXlGPOf3web6oku9ADhmiULoYyQts4GxoPMwcCn0vMy6NkHAkXhgSwGpS66cyg%2BeZ8MgRQlDBmLI%2BKdb9gfgK1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e87ee2eb4fd-OSL
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.oaxyteek.net/static/image/d_bottom_bg2.png

104.21.90.149

200 OK

2.8 kB

URL HTTP/1.1
cdn.oaxyteek.net/static/image/d_bottom_bg2.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Size
2.8 kB (2829 bytes)
Hash
765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a

HTTP Headers

GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.oaxyteek.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:02:10 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-e40381177193f2ef;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1727
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJDhjVPhagIeM%2FNq0%2BKBeCwKMStJ%2B6QOYDWpJGZN9DMfzDvjs2xK4Ag9Klkl7%2BOsuiVbsNQBN132vJAKJCO4O25yj6Nsat0KEtCx0SKS7Qza94hBie%2Ft1UCoLiBMmDtldW1z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e881e5cb4fd-OSL
alt-svc: h2=":443"; ma=60

cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1

104.21.90.149

200 OK

156 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/ad_top_bg2.png?&ad_box_=1
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Size
156 B (156 bytes)
Hash
106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

HTTP Headers

GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:30:57 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-95f251b8bd8ef212;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khIFtKKvvGV54cyaETj9Ge%2B6avbuPnOaLY66vdOoa%2Fk0lQxIeZhJW8hIbZYCoY4TJxvQWiRfQ1CoghHpea%2BZWmb6ZnnoHLk%2BlGc5DfNmN6yiZRoko0AK5rDJSMs9Bhyg7vPM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e86982ffab8-OSL
alt-svc: h2=":443"; ma=60

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
fa14da68c942a019cdb336cfb7278659
f26dde3da46819864e92857a0aea65555af38e91
f3e94dba9ca6ef22fff623847e8dcb648b475349248916510248f3b1e8f7977b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F3E94DBA9CA6EF22FFF623847E8DCB648B475349248916510248F3B1E8F7977B"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4443
Expires: Thu, 09 Feb 2023 13:45:00 GMT
Date: Thu, 09 Feb 2023 12:30:57 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
fa14da68c942a019cdb336cfb7278659
f26dde3da46819864e92857a0aea65555af38e91
f3e94dba9ca6ef22fff623847e8dcb648b475349248916510248f3b1e8f7977b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F3E94DBA9CA6EF22FFF623847E8DCB648B475349248916510248F3B1E8F7977B"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4443
Expires: Thu, 09 Feb 2023 13:45:00 GMT
Date: Thu, 09 Feb 2023 12:30:57 GMT
Connection: keep-alive

www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ

142.250.74.168

200 OK

41 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
41 kB (41008 bytes)
Hash
a1eb33a8f4870e58dc2c3cfe06b3bd4a
f8d88adb7e0c4acd97d0d14fe69a56b48bd7e1de
8e56f8ee77725fd6242a1c4d5a15b9ad7d511288665dcffc2eceb1b58cb9486c

HTTP Headers

GET /gtm.js?id=GTM-5NL9VFJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 12:30:57 GMT
expires: Thu, 09 Feb 2023 12:30:57 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41008
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
fa14da68c942a019cdb336cfb7278659
f26dde3da46819864e92857a0aea65555af38e91
f3e94dba9ca6ef22fff623847e8dcb648b475349248916510248f3b1e8f7977b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F3E94DBA9CA6EF22FFF623847E8DCB648B475349248916510248F3B1E8F7977B"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4443
Expires: Thu, 09 Feb 2023 13:45:00 GMT
Date: Thu, 09 Feb 2023 12:30:57 GMT
Connection: keep-alive

ldimnveryldgitwe.xyz/UjRsamF9Cw8ZXDBYLVgCGmY0MDAQcj0sBTx2OTgvCmMLKzAXbUoeCDYJW1pYYgFaTBE7UFFYWHRHGAsVJ0dRW0c7WgoFXHRCUVtPYhpaWk9jEhlXUHRAHAsGbwVKGhUmWFFbV2UBVV5UawVaW1Vn

172.67.216.229

204 No Content

0 B

URL HTTP/2
ldimnveryldgitwe.xyz/UjRsamF9Cw8ZXDBYLVgCGmY0MDAQcj0sBTx2OTgvCmMLKzAXbUoeCDYJW1pYYgFaTBE7UFFYWHRHGAsVJ0dRW0c7WgoFXHRCUVtPYhpaWk9jEhlXUHRAHAsGbwVKGhUmWFFbV2UBVV5UawVaW1Vn
IP
172.67.216.229:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /UjRsamF9Cw8ZXDBYLVgCGmY0MDAQcj0sBTx2OTgvCmMLKzAXbUoeCDYJW1pYYgFaTBE7UFFYWHRHGAsVJ0dRW0c7WgoFXHRCUVtPYhpaWk9jEhlXUHRAHAsGbwVKGhUmWFFbV2UBVV5UawVaW1Vn HTTP/1.1
Host: ldimnveryldgitwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 09 Feb 2023 12:30:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlU%2BJyYfSTfUbPApaIjRNbDqtdoE%2BH5whR7P6Acfxh6xEqU3k9E1j2D8VPc%2BvhCShZG1Ihu2gE0r6yJOCbLH5qsReMV69YqXPQZEwG31tfi%2B13Pg%2FushivWJvv0L0vZvvDPqgCqZZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c9e87cd46b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

narenrosrow.com/VUpqQ1g0KAkuZzR3CGUtJyZXZmoTb1gFPGclE3FqOHwSJiFlchhtOzklHyc+JyUEN3Y7Lx5mahMAPAQODC8uFmsWIDMmGzwLJxMdAA4wBR4nHg0FIREzGRsPLBgzBSIPb1gBFwMHPgYvByIhOmEbGxA0YTMtEhMVEyIFGzQ+eyk5YRMPEAYUGno/BjsyG1IEPz0tOzovHB0AegEbIh4OEgQ5GAczEH0vC2wbHC0oERs9ICAXFCFfGwk2GT8LAhwPLRkONgtTIBcyD1kHaA8yPHE/AhsyBQA0DwEFPTkcUxBrMTI8cT8FEi4zDDcMWgQePggbEB1kIz8bdWQGDnAeDSsrMxw2HDMZCwQcAhBqPRgvBAIDGhJyDwU9GnoLOwQHFQ85AygUDgMrPHMQDwsnOxs5CxMAMRcuKDsSACsvczoPDyc3CgQbTCkrOiQafhcbAQd1Ez57Xw0vYDwCGw

54.230.111.65

200 OK

1.2 kB

URL HTTP/1.1
narenrosrow.com/VUpqQ1g0KAkuZzR3CGUtJyZXZmoTb1gFPGclE3FqOHwSJiFlchhtOzklHyc+JyUEN3Y7Lx5mahMAPAQODC8uFmsWIDMmGzwLJxMdAA4wBR4nHg0FIREzGRsPLBgzBSIPb1gBFwMHPgYvByIhOmEbGxA0YTMtEhMVEyIFGzQ+eyk5YRMPEAYUGno/BjsyG1IEPz0tOzovHB0AegEbIh4OEgQ5GAczEH0vC2wbHC0oERs9ICAXFCFfGwk2GT8LAhwPLRkONgtTIBcyD1kHaA8yPHE/AhsyBQA0DwEFPTkcUxBrMTI8cT8FEi4zDDcMWgQePggbEB1kIz8bdWQGDnAeDSsrMxw2HDMZCwQcAhBqPRgvBAIDGhJyDwU9GnoLOwQHFQ85AygUDgMrPHMQDwsnOxs5CxMAMRcuKDsSACsvczoPDyc3CgQbTCkrOiQafhcbAQd1Ez57Xw0vYDwCGw
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Size
1.2 kB (1200 bytes)
Hash
c0418eee1c91be0a7186e641d51cb29c
cd87aa010f7ebdc16f63870a23af426e35f2c89e
0a4b63393ffa308472a0572601de37552ab7a15b30995017d635111b06de0e03

HTTP Headers

GET /VUpqQ1g0KAkuZzR3CGUtJyZXZmoTb1gFPGclE3FqOHwSJiFlchhtOzklHyc+JyUEN3Y7Lx5mahMAPAQODC8uFmsWIDMmGzwLJxMdAA4wBR4nHg0FIREzGRsPLBgzBSIPb1gBFwMHPgYvByIhOmEbGxA0YTMtEhMVEyIFGzQ+eyk5YRMPEAYUGno/BjsyG1IEPz0tOzovHB0AegEbIh4OEgQ5GAczEH0vC2wbHC0oERs9ICAXFCFfGwk2GT8LAhwPLRkONgtTIBcyD1kHaA8yPHE/AhsyBQA0DwEFPTkcUxBrMTI8cT8FEi4zDDcMWgQePggbEB1kIz8bdWQGDnAeDSsrMxw2HDMZCwQcAhBqPRgvBAIDGhJyDwU9GnoLOwQHFQ85AygUDgMrPHMQDwsnOxs5CxMAMRcuKDsSACsvczoPDyc3CgQbTCkrOiQafhcbAQd1Ez57Xw0vYDwCGw HTTP/1.1
Host: narenrosrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1200
Connection: keep-alive
Date: Thu, 09 Feb 2023 12:30:57 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -9LMLSfBGz6QaTJ36Seklssw9jbeG9w8COB2NN8Jv2JF4I67KRzZYA==

oaxyteek.net/2market_bidshow.php?user_id=19024711&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fsimfileshare.net%2Fdownload%2FWoSgsJChw9ET5yfAwIxoeCD74z0ykptDnWNcLtwUow29QpJopy50VHvZF96TQexA%2F&url_id=6312035645&t=04929a912110a87b53f483e9c0bb8b7d&w=2839d582aa6473d217268b6497299ee5

172.67.157.221

200 OK

82 B

URL HTTP/1.1
oaxyteek.net/2market_bidshow.php?user_id=19024711&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fsimfileshare.net%2Fdownload%2FWoSgsJChw9ET5yfAwIxoeCD74z0ykptDnWNcLtwUow29QpJopy50VHvZF96TQexA%2F&url_id=6312035645&t=04929a912110a87b53f483e9c0bb8b7d&w=2839d582aa6473d217268b6497299ee5
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
82 B (82 bytes)
Hash
d597c22e79c772d1f89ed2602adb80ab
50c7c63c9269278ff7aba9b8c5b4810c3570df80
798215a625e276fde8e69c0a79401e406f59e1a30ad0e9113d880b9d566ae61c

HTTP Headers

GET /2market_bidshow.php?user_id=19024711&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Fsimfileshare.net%2Fdownload%2FWoSgsJChw9ET5yfAwIxoeCD74z0ykptDnWNcLtwUow29QpJopy50VHvZF96TQexA%2F&url_id=6312035645&t=04929a912110a87b53f483e9c0bb8b7d&w=2839d582aa6473d217268b6497299ee5 HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: FLYSESSID=vod5krks23696gtbmn4b9f1i31; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRfvQrWEsgjJH1MJKTSyM%2B%2BS%2Bvb%2BBcRdpdxICI6nHPmlR9i%2FnCS1aWfIZKOklbPdm3DrVmx7Lm%2FUZoGeEt%2FUCJKnl7lLIKzRKqfxl8LmE4GHL1C1sVLgVg1IVMZB5PM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 796c9e87bf25b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

narenrosrow.com/utx?cb=oHrPslE2mr8E&top=oaxyteek.net&tid=604364

54.230.111.65

204 No Content

0 B

URL HTTP/2
narenrosrow.com/utx?cb=oHrPslE2mr8E&top=oaxyteek.net&tid=604364
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=oHrPslE2mr8E&top=oaxyteek.net&tid=604364 HTTP/1.1
Host: narenrosrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 09 Feb 2023 12:30:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 09 Feb 2023 12:31:57 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ctAXx--F26Y7NlBgv3M6fDRR0VaHbL4n46ggxQBJjKIH5-xJimtkkw==
X-Firefox-Spdy: h2

narenrosrow.com/utx?cb=L5svdUL1s9W1&top=oaxyteek.net&tid=709056

54.230.111.65

204 No Content

0 B

URL HTTP/2
narenrosrow.com/utx?cb=L5svdUL1s9W1&top=oaxyteek.net&tid=709056
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=L5svdUL1s9W1&top=oaxyteek.net&tid=709056 HTTP/1.1
Host: narenrosrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 09 Feb 2023 12:30:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 09 Feb 2023 12:31:57 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FgZH_7bN0Owm6moGwQxDYwTRpC6eDFnxaM0zzFUlCWNpHLbfovPNYA==
X-Firefox-Spdy: h2

narenrosrow.com/ZVNYS2kEMTsmVgRuOm0cFz9lblsjdmoNDVQyayELUDsyJRBQIGxlCgk8LS8PFzw2P0cLNixuWyMDOiEzLQYdEicyADN5DDcjPgJbVCsALFBWCQAJID0XCW5bIxgafyUoFD8uKFUSYQEQNDIBDCwOAxkkJQFgATotVDQ/KT4kHw8IOxE3aCMxLCkSfD4NEiICKg4VGzE4UxgKIzEpF2whKgkjMAE6AQcPMg4UHy8BCC89DnsiJB0oEi4rMBomUQsfLwk6LhA7ejoSAWsbAy8fGgMNDTczCi48PhUOOhIBawEQXRIZAydUNws8PQEEGW5bJwQZAQA8JAoHKy1+OyIkICAeCQQjYQ8zAVY2DwUKJzoZeiM0BQISBCwSAAozVwoQEQ8nPQJ6DSNmCQcALDkbDQJAYR4vMTQ8GngNCTIefzgoPml4Tw8gNyUZWCRgEwQTKS8pHTM

54.230.111.65

200 OK

1.2 kB

URL HTTP/1.1
narenrosrow.com/ZVNYS2kEMTsmVgRuOm0cFz9lblsjdmoNDVQyayELUDsyJRBQIGxlCgk8LS8PFzw2P0cLNixuWyMDOiEzLQYdEicyADN5DDcjPgJbVCsALFBWCQAJID0XCW5bIxgafyUoFD8uKFUSYQEQNDIBDCwOAxkkJQFgATotVDQ/KT4kHw8IOxE3aCMxLCkSfD4NEiICKg4VGzE4UxgKIzEpF2whKgkjMAE6AQcPMg4UHy8BCC89DnsiJB0oEi4rMBomUQsfLwk6LhA7ejoSAWsbAy8fGgMNDTczCi48PhUOOhIBawEQXRIZAydUNws8PQEEGW5bJwQZAQA8JAoHKy1+OyIkICAeCQQjYQ8zAVY2DwUKJzoZeiM0BQISBCwSAAozVwoQEQ8nPQJ6DSNmCQcALDkbDQJAYR4vMTQ8GngNCTIefzgoPml4Tw8gNyUZWCRgEwQTKS8pHTM
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3037), with no line terminators
Size
1.2 kB (1191 bytes)
Hash
a5be505cff3ab0f00d0864130fec2a51
1c023538ac7104091869bafdab46068ebd8281bd
a9fe3f8550a1d4a86f1f3d9a2190ee0340d9914b0c26c970a68e05e55330d851

HTTP Headers

GET /ZVNYS2kEMTsmVgRuOm0cFz9lblsjdmoNDVQyayELUDsyJRBQIGxlCgk8LS8PFzw2P0cLNixuWyMDOiEzLQYdEicyADN5DDcjPgJbVCsALFBWCQAJID0XCW5bIxgafyUoFD8uKFUSYQEQNDIBDCwOAxkkJQFgATotVDQ/KT4kHw8IOxE3aCMxLCkSfD4NEiICKg4VGzE4UxgKIzEpF2whKgkjMAE6AQcPMg4UHy8BCC89DnsiJB0oEi4rMBomUQsfLwk6LhA7ejoSAWsbAy8fGgMNDTczCi48PhUOOhIBawEQXRIZAydUNws8PQEEGW5bJwQZAQA8JAoHKy1+OyIkICAeCQQjYQ8zAVY2DwUKJzoZeiM0BQISBCwSAAozVwoQEQ8nPQJ6DSNmCQcALDkbDQJAYR4vMTQ8GngNCTIefzgoPml4Tw8gNyUZWCRgEwQTKS8pHTM HTTP/1.1
Host: narenrosrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1191
Connection: keep-alive
Date: Thu, 09 Feb 2023 12:30:57 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jPgMrWuYt4nHWQVdnovy81AnVUnE95Q1pRXmUtzvcZHxHVfdnC3w8Q==

ldimnveryldgitwe.xyz/QW5sMHBuUQ9DTSBfIQMicwoPaSEXXjlmHC0sX2IiFikPdxQtK0pEGSVTWgBEclhYFgAoClEBVjIaDUQFMlNdFhkvCAMNVjdTXR5DdUBfAV5zSBkNQWcaHFEXfF9KQAQ1AlEBRnZbVQRFeF9aAkB5

172.67.216.229

204 No Content

0 B

URL HTTP/2
ldimnveryldgitwe.xyz/QW5sMHBuUQ9DTSBfIQMicwoPaSEXXjlmHC0sX2IiFikPdxQtK0pEGSVTWgBEclhYFgAoClEBVjIaDUQFMlNdFhkvCAMNVjdTXR5DdUBfAV5zSBkNQWcaHFEXfF9KQAQ1AlEBRnZbVQRFeF9aAkB5
IP
172.67.216.229:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /QW5sMHBuUQ9DTSBfIQMicwoPaSEXXjlmHC0sX2IiFikPdxQtK0pEGSVTWgBEclhYFgAoClEBVjIaDUQFMlNdFhkvCAMNVjdTXR5DdUBfAV5zSBkNQWcaHFEXfF9KQAQ1AlEBRnZbVQRFeF9aAkB5 HTTP/1.1
Host: ldimnveryldgitwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 09 Feb 2023 12:30:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iQvUP7zrhZyODB6NZEp5es6QtZJ5E2Zyx3TP53FxIgliiaOFonD0xYZyO7cASKzm05hUo1W0VeaotGt%2BkI7d3UVgaC5ZoEgg1tCp6wu7GTWZB04ht6y3yeml%2B5ickVPZrVWc7wnZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c9e882de9b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/1STJ5vE1k1Y

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/1STJ5vE1k1Y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
914b65b7cb2122a629e90cefb9e72aec
4812b33e1c0d4a25001725e443ff175b77ffa1ba
d3714aa980e5a4f92ba1a01f026f2de650519cecf2e268e949146fae63e6aa4f

HTTP Headers

POST /s/gts1p5/1STJ5vE1k1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
fa14da68c942a019cdb336cfb7278659
f26dde3da46819864e92857a0aea65555af38e91
f3e94dba9ca6ef22fff623847e8dcb648b475349248916510248f3b1e8f7977b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F3E94DBA9CA6EF22FFF623847E8DCB648B475349248916510248F3B1E8F7977B"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4443
Expires: Thu, 09 Feb 2023 13:45:00 GMT
Date: Thu, 09 Feb 2023 12:30:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 11:51:21 GMT
age: 2376
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

d1a3jb5hjny5s4.cloudfront.net/PbjZHUEYNWSk2eRpfI21xXg93ZXBIXDQ/KB4LMGgeA0A9JyQaYGEkPAoLd3YqD1ggbWALWCRtd0hXIzJ7WhAzICkFCzQ6KRhXLD4jClphJSdTWygqLwJaJnV0KANpYGNcBm8nLwBSKCc1SwR3PjJLBHdhdkAGYmMESwR3Jy8AAHN1dSwTdWA+WAJiYwRLBH-ciMEsFBmF2Wxh3eWNcBiA1JQVZYmIAXAZ2YHZfBnZ1dF5QLiIjCFk/dXQoB3dlaF4QMm13

54.230.245.125

200 OK

440 B

URL HTTP/1.1
d1a3jb5hjny5s4.cloudfront.net/PbjZHUEYNWSk2eRpfI21xXg93ZXBIXDQ/KB4LMGgeA0A9JyQaYGEkPAoLd3YqD1ggbWALWCRtd0hXIzJ7WhAzICkFCzQ6KRhXLD4jClphJSdTWygqLwJaJnV0KANpYGNcBm8nLwBSKCc1SwR3PjJLBHdhdkAGYmMESwR3Jy8AAHN1dSwTdWA+WAJiYwRLBH-ciMEsFBmF2Wxh3eWNcBiA1JQVZYmIAXAZ2YHZfBnZ1dF5QLiIjCFk/dXQoB3dlaF4QMm13
IP
54.230.245.125:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (594), with no line terminators
Size
440 B (440 bytes)
Hash
d79cb43bbe35a9a7c1fde5b60ea42b26
abc52a7ad38dfc09f145b0ca6ca183ec0c7100ca
8a0e7469f04647612d443767936fb17ac82bb4915dd017275f54df09230642fc

HTTP Headers

GET /PbjZHUEYNWSk2eRpfI21xXg93ZXBIXDQ/KB4LMGgeA0A9JyQaYGEkPAoLd3YqD1ggbWALWCRtd0hXIzJ7WhAzICkFCzQ6KRhXLD4jClphJSdTWygqLwJaJnV0KANpYGNcBm8nLwBSKCc1SwR3PjJLBHdhdkAGYmMESwR3Jy8AAHN1dSwTdWA+WAJiYwRLBH-ciMEsFBmF2Wxh3eWNcBiA1JQVZYmIAXAZ2YHZfBnZ1dF5QLiIjCFk/dXQoB3dlaF4QMm13 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://narenrosrow.com/

HTTP/1.1 200 OK
Content-Length: 440
Connection: keep-alive
Date: Thu, 09 Feb 2023 12:30:57 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jElcdUYkwRyIPmTKI4eeqQ2VIQx7FjlAdnpFzN2YjC9O5wmnSgytRQ==

d2oy22m6xey08r.cloudfront.net/JVGVYeDU3CjYeCiAMPEUDZFFrTgFyDysXWyRYFzZ+OVMTEwRhKy9NQzw9fgxPMFhoXlk1Cz9FEzELO0UEcgQ8GghgQywIWj9YNhtMJQsrDkE7EH4NVGkINwJcOAk5XQcSUHZIEGZVcA9cOgE3D0ZxV2gWQXFXaEkFelV9S3dxV2gPXDpTbF0GFkBqSE1iUX-1Ld3FXaApDcVYZSQVhS2hREGZVPx1WPwp9SnNmVWlIBWVVaV0HZAMxClAyCiBdBxJUaE0bZEMtRQQ

54.230.245.166

200 OK

527 B

URL HTTP/1.1
d2oy22m6xey08r.cloudfront.net/JVGVYeDU3CjYeCiAMPEUDZFFrTgFyDysXWyRYFzZ+OVMTEwRhKy9NQzw9fgxPMFhoXlk1Cz9FEzELO0UEcgQ8GghgQywIWj9YNhtMJQsrDkE7EH4NVGkINwJcOAk5XQcSUHZIEGZVcA9cOgE3D0ZxV2gWQXFXaEkFelV9S3dxV2gPXDpTbF0GFkBqSE1iUX-1Ld3FXaApDcVYZSQVhS2hREGZVPx1WPwp9SnNmVWlIBWVVaV0HZAMxClAyCiBdBxJUaE0bZEMtRQQ
IP
54.230.245.166:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (719), with no line terminators
Size
527 B (527 bytes)
Hash
fbe6b8eef928dcac77c83c483980135e
e0989d67d8e2e546c849a96419042bc202c86437
1f205966caad2ccb03fdbc4db0ec970472d506b5501cbf638b9c45f3be5669fd

HTTP Headers

GET /JVGVYeDU3CjYeCiAMPEUDZFFrTgFyDysXWyRYFzZ+OVMTEwRhKy9NQzw9fgxPMFhoXlk1Cz9FEzELO0UEcgQ8GghgQywIWj9YNhtMJQsrDkE7EH4NVGkINwJcOAk5XQcSUHZIEGZVcA9cOgE3D0ZxV2gWQXFXaEkFelV9S3dxV2gPXDpTbF0GFkBqSE1iUX-1Ld3FXaApDcVYZSQVhS2hREGZVPx1WPwp9SnNmVWlIBWVVaV0HZAMxClAyCiBdBxJUaE0bZEMtRQQ HTTP/1.1
Host: d2oy22m6xey08r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://narenrosrow.com/

HTTP/1.1 200 OK
Content-Length: 527
Connection: keep-alive
Date: Thu, 09 Feb 2023 12:30:57 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DnZofeSTAFMPy5KSJ6Jr_S85daqixZYwcf3CFoX65z8YI5F8MDqZOw==

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4175
Expires: Thu, 09 Feb 2023 13:40:32 GMT
Date: Thu, 09 Feb 2023 12:30:57 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/ATf3cfjxVCA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff65160dc28d40c4003646dbf7d54ad2
47d1c553f3d70ae73c0720fc0d863674f271158a
48a7e7736594e645a7e7bee214bee2d5c4508c7c2f455fe790f7c401f58d32e2

HTTP Headers

POST /s/gts1p5/ATf3cfjxVCA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.oaxyteek.net/static/image/favicon.ico

104.21.90.149

200 OK

766 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/favicon.ico
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
766 B (766 bytes)
Hash
1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a

HTTP Headers

GET /static/image/favicon.ico HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1675945916.1.0.1675945916.0.0.0; _ga=GA1.1.211187243.1675945917

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 16 Feb 2023 12:10:39 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1218
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVQsCIrm057sp8F9HrBfeKqd3zRRIy3kS%2BKbL%2B1OEwMJ6vuMSKk%2Fwor762vhXnImmy%2F02P4vF%2F%2BRVcwRyg%2FD73h2GrUq7yVROiDrxIktriiCMQwRqDlegC9fMXxxUZjsAGBA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e8a9a63b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.google-analytics.com/ga.js

142.250.74.110

200 OK

17 kB

URL HTTP/1.1
www.google-analytics.com/ga.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Thu, 09 Feb 2023 11:14:03 GMT
Expires: Thu, 09 Feb 2023 13:14:03 GMT
Cache-Control: public, max-age=7200
Age: 4614
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f16eecdd472f99af839e8e6dfc101bc0
33e345a8e9f776920b90dc78acefc457e15da35c
9a819ca8ca6890f29a418e976b224ae9095b72538324800f38eefc4d95050448

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f16eecdd472f99af839e8e6dfc101bc0
33e345a8e9f776920b90dc78acefc457e15da35c
9a819ca8ca6890f29a418e976b224ae9095b72538324800f38eefc4d95050448

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6d5882eafc87e0fd208339050fb4a553
11505fa91a1395b6639120faef4d4350087af794
bed94db046ef3d739b6e1f8f63c9cdc1e42d8e2cb59606fb93902942c1cf8c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3953
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Last-Modified: Thu, 09 Feb 2023 11:25:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1132069803&utmhn=oaxyteek.net&utme=8(User)9(19024711)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&utmhid=1825919134&utmr=-&utmp=%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&utmht=1675945916789&utmac=UA-6469700-9&utmcc=__utma%3D198071217.211187243.1675945917.1675945917.1675945917.1%3B%2B__utmz%3D198071217.1675945917.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1217192010&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~

142.250.74.110

302 Found

369 B

URL HTTP/1.1
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1132069803&utmhn=oaxyteek.net&utme=8(User)9(19024711)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&utmhid=1825919134&utmr=-&utmp=%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&utmht=1675945916789&utmac=UA-6469700-9&utmcc=__utma%3D198071217.211187243.1675945917.1675945917.1675945917.1%3B%2B__utmz%3D198071217.1675945917.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1217192010&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
369 B (369 bytes)
Hash
2b5966dceb3c046802e0f3ef56474270
106f217c33a53b3969249ddf951fc48c8e1995cb
53e53e12f9301a84ee5a07e01bf24ffdfafde12eb955f7f0583af86037bfb6ea

HTTP Headers

GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1132069803&utmhn=oaxyteek.net&utme=8(User)9(19024711)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&utmhid=1825919134&utmr=-&utmp=%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&utmht=1675945916789&utmac=UA-6469700-9&utmcc=__utma%3D198071217.211187243.1675945917.1675945917.1675945917.1%3B%2B__utmz%3D198071217.1675945917.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1217192010&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=211187243.1675945917&jid=1217192010&_v=5.7.2&z=1132069803
Access-Control-Allow-Origin: *
Date: Thu, 09 Feb 2023 12:30:57 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 369

oaxyteek.net/funcript1675945916193.php?pub=19024711&v=AOyxNoDjcIxkMVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjyQc13N9WGRZkuNlW2ZVjoOADCFMluNUGzMLxhMxTGNbmpYpz3gb2NNJjiMO2iMQjnIb0lMdDWUY3yNVm2Ycx1IJny0eT=

172.67.157.221

200 OK

38 kB

URL HTTP/2
oaxyteek.net/funcript1675945916193.php?pub=19024711&v=AOyxNoDjcIxkMVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjyQc13N9WGRZkuNlW2ZVjoOADCFMluNUGzMLxhMxTGNbmpYpz3gb2NNJjiMO2iMQjnIb0lMdDWUY3yNVm2Ycx1IJny0eT=
IP
172.67.157.221:0
ASN
#13335 CLOUDFLARENET

File type
ISO-8859 text, with very long lines (32042)
Size
38 kB (37595 bytes)
Hash
af711fcf88c85cf7f2c2f65c2a589a78
de9a6d36ead9829e82ec01770d7194e9130bced2
0967a093672f9e39895c162fd3506e5b3740aabd48d2a5e28f8070e0c00c9c3b

HTTP Headers

GET /funcript1675945916193.php?pub=19024711&v=AOyxNoDjcIxkMVSnwIisdIiCIM6uMUiDwMixY82CseivOZnWRZyydlWmURsgIEnDBMhxdACDIM6xNADjIMsvI8m2JapjbVm2RRFgbkGCVMtuZUWD5M0xIojjodiycB2ytOp0cYFD9eigdsTDJN02d4GW9auXIBiywOiwa4GCFMzxaACCIV6OIBjyQc13N9WGRZkuNlW2ZVjoOADCFMluNUGzMLxhMxTGNbmpYpz3gb2NNJjiMO2iMQjnIb0lMdDWUY3yNVm2Ycx1IJny0eT= HTTP/1.1
Host: oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ly82NbHGLw45KYF%2BImhXLyayfJYuAPfzofVP6d5M7U99pfFZZlMNOjQ5fVU4z%2BQA%2Ff58929tlaeE0cBgLHCmPSyd79LQk2exEF377HSWNuWySYX4iYUNAgzCZYG304Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c9e881c7eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

narenrosrow.com/multi?cs=ZVJMODhcZ3oNDFxlfwwBVmp6CAo&abt=0&red=1&sm=76&k=file%20share%20filehosting%20simmers%20shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_PrDL=1675945916326&crc=1

54.230.111.65

200 OK

1.6 kB

URL HTTP/2
narenrosrow.com/multi?cs=ZVJMODhcZ3oNDFxlfwwBVmp6CAo&abt=0&red=1&sm=76&k=file%20share%20filehosting%20simmers%20shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_PrDL=1675945916326&crc=1
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3309), with no line terminators
Size
1.6 kB (1561 bytes)
Hash
baea445e31193c22f7c76f7148c9df52
0b897da777854ecc97aa25269d2a844a65f8fffa
82dc248138db0691dc45b8d2ac02042ef57c95937f4bfa9b7e16c2a0f0655aed

HTTP Headers

GET /multi?cs=ZVJMODhcZ3oNDFxlfwwBVmp6CAo&abt=0&red=1&sm=76&k=file%20share%20filehosting%20simmers%20shrink%20your%20urls%20paid&v=1.0.60.1&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Foaxyteek.net%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A105.0)%20gecko%2F20100101%20firefox%2F105.0&tzd=0&uloc=&if=0&_PrDL=1675945916326&crc=1 HTTP/1.1
Host: narenrosrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/plain
content-length: 1561
date: Thu, 09 Feb 2023 12:30:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://oaxyteek.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=06d37d33-67f9-432f-97ef-b95a3a3d9c88
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s6nUjDh7EmS6PPD_tHtO_N-5U_ZBS6zGalGKi-euHWnBr8kt_Pur3w==
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

216.58.207.237

302 Found

398 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Size
398 B (398 bytes)
Hash
237c8a6cce1bdf3fd84cef1efbb89138
0be5605b6330c1c09c52edb281e008313bf346f1
eae6b6b01e8e4f4c1bdf3a5f1eac87196fa1c71968c7ef4abdf99234bff1a441

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 12:30:57 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S370003407%3A1675945857807497&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcxp6jtAPyZqUFIEYy5R668Qc_YjOz-_1wbiu5r8eIxV0SiWwetsj3m_9iu_UrvA0uwSGw3bg
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-tTJvO1GPKli6-PFJVYbjTA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:oh9mBGDOiDSC085RR18VnpkxM7eZOA:tSVS8TLp92QAIjA8;Path=/;Expires=Sat, 08-Feb-2025 12:30:57 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pogothere.xyz/

172.64.132.29

200 OK

423 B

URL HTTP/2
pogothere.xyz/
IP
172.64.132.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
423 B (423 bytes)
Hash
d7cc61ce2ff6df1caa112e0d95d10f69
468f4e214a4c584334f0a4b1a3c97b8b32c98b77
6cf759388ce2de86b62d63673d5ccc418d8f6ad52ebcad1aa19078531b1cd23d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:57 GMT
content-type: text/plain
set-cookie: csu=92327504855636@1@1675945857; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0wHnnu1t300b8FZTkatGQK3T2HF%2BwY1EIXFa2en1cC8m6Fo4TstpYx2w2nBSpfsKZKJ6lBhcbEvFf5LkQpYS2IvtIkKYfAXJoWnfP7%2B%2Be6A4C2ad2micsbgp9bq3HrX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c9e898a427711-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=211187243.1675945917&jid=1217192010&_v=5.7.2&z=1132069803

173.194.220.157

200 OK

35 B

URL HTTP/2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=211187243.1675945917&jid=1217192010&_v=5.7.2&z=1132069803
IP
173.194.220.157:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=211187243.1675945917&jid=1217192010&_v=5.7.2&z=1132069803 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 12:30:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
6d5882eafc87e0fd208339050fb4a553
11505fa91a1395b6639120faef4d4350087af794
bed94db046ef3d739b6e1f8f63c9cdc1e42d8e2cb59606fb93902942c1cf8c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3953
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Last-Modified: Thu, 09 Feb 2023 11:25:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

cdn.oaxyteek.net/static/image/apple-touch-icon.png

104.21.90.149

403 Forbidden

436 B

URL HTTP/1.1
cdn.oaxyteek.net/static/image/apple-touch-icon.png
IP
104.21.90.149:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
436 B (436 bytes)
Hash
b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a

HTTP Headers

GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.oaxyteek.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://oaxyteek.net/-75432VLUK/1gHb?rndad=3118590511-1675847287
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; _ga_GT41R23D5L=GS1.1.1675945916.1.0.1675945916.0.0.0; _ga=GA1.1.211187243.1675945917

HTTP/1.1 403 Forbidden
Date: Thu, 09 Feb 2023 12:30:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJIbQ7a1%2BZ%2FqHr3dpL5kXrsx8edqAnNHDzegUilkCa%2F%2FISClsH3riC1WDmfpx66uZ%2BYnfNzYxvETwF4k%2BcHyPplRgHUzSAvbfzqgsnOZDEgfvZr5DFHTbuWzyIw%2BXoBDR5Bh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796c9e8a9ba8fab8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.40.68.141

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.68.141:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /23NQWnVxWduTtItNeZglA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B8LelIELQfychryPazHSnu0tGBE=

adf.ly/static/other/main.html

104.20.66.244

200 OK

2.4 kB

URL HTTP/1.1
adf.ly/static/other/main.html
IP
104.20.66.244:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (418)
Size
2.4 kB (2397 bytes)
Hash
b20a86b2e91f51d2f7a19eada1de2f51
c240e9c813f8f93d3db499df1cc88984e873e418
44311176f257c7180a0fdc5491f021623ce7a0404369e883e8a6feb1e8d3469e

HTTP Headers

GET /static/other/main.html HTTP/1.1
Host: adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 12:30:58 GMT
Content-Type: text/html
Content-Length: 2397
Connection: keep-alive
last-modified: Fri, 02 Sep 2022 14:31:48 GMT
etag: "1ddf-631213d4-8936a98b6e2a0431;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796c9e8b2bdb1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aa1a487e098f71e1fb29bc23aa3ed660
03559d58a047d0272236d3b7c6500feeac2ac4a2
5f7324283930bbc2febc67c5ceae9e1d5159af11f239753d9c8b01d069585406

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 09 Feb 2023 10:54:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

157.240.205.35

200 OK

5.9 kB

URL HTTP/2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
157.240.205.35:0
ASN
#32934 FACEBOOK

File type
data
Size
5.9 kB (5859 bytes)
Hash
2ba91231d488c8cc9ef2ab915bf68a93
e677d9258e08a37b434b000b7519fc4a8e4ef151
0844238c4217c1af32b816049f922ded2afae5a9c95175f388f06bcfcdd28dd4

HTTP Headers

GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: rt8x6qSQYQ4k05iSi35grq6mK74O+zdhx5bGnvsg9vo2goyoEgDYPf9RFahbbULYzZrDEqZ0xUcXr2vpHOnldQ==
date: Thu, 09 Feb 2023 12:30:57 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aa1a487e098f71e1fb29bc23aa3ed660
03559d58a047d0272236d3b7c6500feeac2ac4a2
5f7324283930bbc2febc67c5ceae9e1d5159af11f239753d9c8b01d069585406

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4831
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:30:58 GMT
Last-Modified: Thu, 09 Feb 2023 11:10:27 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css

104.20.67.244

200 OK

3.8 kB

URL HTTP/2
cdn.adf.ly/static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.8 kB (3773 bytes)
Hash
cee88240feb6f9c9d9a3d265af098dee
03094e17efaf9e2608fec4b2b703aa5186bde21e
b4978f762ab5de5f94e8a0ffbf5c429a74936d6be684e480c65237751a4b92b5

HTTP Headers

GET /static/css/jquery-ui/ui-lightness/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=25476
cache-control: public, max-age=604800
etag: W/"6384-5faa60e6-2ce8da3c9d76af49;gz"
expires: Thu, 16 Feb 2023 12:14:01 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1016
server: cloudflare
cf-ray: 796c9e8d2ce41bfe-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je3280&_p=1825919134&cid=211187243.1675945917&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675945916&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&dt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je3280&_p=1825919134&cid=211187243.1675945917&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675945916&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&dt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GT41R23D5L&gtm=45je3280&_p=1825919134&cid=211187243.1675945917&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675945916&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&dt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://oaxyteek.net
date: Thu, 09 Feb 2023 12:30:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473

54.230.245.39

200 OK

52 kB

URL HTTP/1.1
dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (15955)
Size
52 kB (51544 bytes)
Hash
5f1086573218e2dcf17192b24f7db203
eded932ed3b22199adb62d5f7e7d397f7a7d0581
b5d07eac257ae37691d3f7125b89c3577c14be0edb17f8a5e89ba36b56db0753

HTTP Headers

GET /?gfkcd=824473 HTTP/1.1
Host: dc5k8fg5ioc8s.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/

HTTP/1.1 200 OK
Content-Length: 51544
Connection: keep-alive
Date: Thu, 09 Feb 2023 12:30:58 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8ZGXuS-yxPuGhxMMlmBDQdxLzw87_T-KRAGuF4MEgh6a0qk48ew5ww==

pogothere.xyz/

172.64.132.29

200 OK

117 kB

URL HTTP/2
pogothere.xyz/
IP
172.64.132.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
117 kB (117017 bytes)
Hash
0a59a9c7dda5368d2329f2ff67920c76
1979787bc6bfa6104e6106840042e82cf5608f9b
d0c0f80047b0485aa49085ace39c8f89cc40ac06da1788c2a7a816aeb762297f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:57 GMT
content-type: text/plain
set-cookie: csu=2194609528325332@1@1675945857; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH0tsd%2B4H%2BiWE1KaX7y1oMj5bfZrFBGM3sMOHjozQZcsNFsKfmln1N6kkCH0cnMfjP469%2BxukJTdqhtMWxGk2YhH%2FUdf1BdA%2BlrPgjHs5tkI9ATskB2BkkUWZcnw7IYy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796c9e8898e37711-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152

157.240.205.35

301 Moved Permanently

0 B

URL HTTP/1.1
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
IP
157.240.205.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://adf.ly/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fx19ltd.adfly&width=100&fb_source=homestatic&layout=standard&colorscheme=light&action=like&show_faces=true&share=true&height=80&appId=399141353502152
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 09 Feb 2023 12:30:58 GMT
Connection: keep-alive
Content-Length: 0

cdn.adf.ly/static/css/jquery.loadmask.css

104.20.67.244

200 OK

2.0 kB

URL HTTP/2
cdn.adf.ly/static/css/jquery.loadmask.css
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.0 kB (1990 bytes)
Hash
5aabd32d11681ee6d948a24fd20155a4
63553474da9c6de489164c1d1b8387bc52eb934f
792eb397978f2e707265de84a2d2be372683194915539b74b4fab7286b8ad7ae

HTTP Headers

GET /static/css/jquery.loadmask.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=850
cache-control: public, max-age=604800
etag: W/"352-5faa60e6-ed1d36b7b05a6c35;gz"
expires: Thu, 16 Feb 2023 12:14:01 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1016
server: cloudflare
cf-ray: 796c9e8d3cec1bfe-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5587
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:30:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5587
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:30:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5587
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:30:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5587
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:30:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5587
Expires: Thu, 09 Feb 2023 14:04:06 GMT
Date: Thu, 09 Feb 2023 12:30:59 GMT
Connection: keep-alive

accounts.google.com/v3/signin/identifier?dsh=S370003407%3A1675945857807497&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcxp6jtAPyZqUFIEYy5R668Qc_YjOz-_1wbiu5r8eIxV0SiWwetsj3m_9iu_UrvA0uwSGw3bg

216.58.207.237

403 Forbidden

17 kB

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S370003407%3A1675945857807497&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcxp6jtAPyZqUFIEYy5R668Qc_YjOz-_1wbiu5r8eIxV0SiWwetsj3m_9iu_UrvA0uwSGw3bg
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
data
Size
17 kB (16634 bytes)
Hash
e4f84c1de3cde0720b99cef3695ac7c9
ae106a713a5b0af31e78d03d5fc3b07d7141952b
03f5a73a4548befa63c10c552383b6bf48988b7a05999809c61e4d91a8c2df1a

HTTP Headers

GET /v3/signin/identifier?dsh=S370003407%3A1675945857807497&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHcxp6jtAPyZqUFIEYy5R668Qc_YjOz-_1wbiu5r8eIxV0SiWwetsj3m_9iu_UrvA0uwSGw3bg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 12:30:57 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-KGW7Nn5lh3rXAaPDZxy93Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6061 bytes)
Hash
ea55fd1053c19123cb789a7d14479ccc
45fb06a6feeceff6a06c8c3f37e259ddf6e09820
393290f5ec8379a09da72b2554c30023b688489ffda79f5edfe6f114250ee4c7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6061
x-amzn-requestid: cf552847-17d0-4820-9711-3fb129090686
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f8xbCG8jIAMF7Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1c913-0f2af41d6063340d483c3a55;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 03:44:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AhvgnN4mrezDRzaqcb-O0ZGyjW83OcyZd76sLZByQhZDzZgr8Mg-ZA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:15:18 GMT
age: 51341
etag: "45fb06a6feeceff6a06c8c3f37e259ddf6e09820"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11760 bytes)
Hash
9203cfb9f0c1c958dd008eac55a9d3c4
6bdd1047590dd3fb54c15d5d6d38e7c86274b203
09770229be5ff3037708543e3204c66de84253b3a858a83a0e1672a04c0e9cb1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11760
x-amzn-requestid: b2863a01-4714-4554-a478-5402467b3448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKHc_oAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-1c5a3edf37bc7cc937c800d2;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: euok7HXthk9GEynD8n9wXgf85lD0shxOdtT5VZvj-xHkoxEMxuohmA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:42:38 GMT
age: 53301
etag: "6bdd1047590dd3fb54c15d5d6d38e7c86274b203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec996f6-8867-41f0-9850-ad04d05e22e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10472 bytes)
Hash
464812429ec9f5c766def4ac26e86e4f
170a5d6fcaa69c78896ed8a37442a27c6309c09a
1248df6127626b254420b6ddabba6fba12066c9b7f314386c25ac51781f59060

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec996f6-8867-41f0-9850-ad04d05e22e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10472
x-amzn-requestid: f43c32c6-0bb3-4154-934d-cd0ad1e3edf7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fv73mHmooAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dca696-700ab104674033036aba0878;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 06:15:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2kp0tBfU8v-pe5Tft8WnSQKV5deSlUbRVEGthGejjT4uXlbbv1IiAg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 19:00:11 GMT
age: 63048
etag: "170a5d6fcaa69c78896ed8a37442a27c6309c09a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12811 bytes)
Hash
bb7c8b758fe17f6c06ce2bebb5008495
032d747cf20951f6ca6fd51489fefd7c09c4948d
835d89e028ec4c85a845f2835cb5eddb9653937f6736e2713b671419474608ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12811
x-amzn-requestid: be33f9ef-31cb-4572-9f22-0a433423e195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChzZFiWIAMFgmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4167b-70ed2a756b8da4372ccc1f83;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:39:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HB03bmBiXVTrYbU01OssMQ_EbKhhFPhoUa-qcze2ZgD9Hr48Q8mEbQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:15:23 GMT
age: 51336
etag: "032d747cf20951f6ca6fd51489fefd7c09c4948d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.132.29

200 OK

105 kB

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.132.29:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
105 kB (105442 bytes)
Hash
c176b36a01dc0f33deb0f71332e0b997
1900bc0687c7cd1f841e67428cbb3a88870c3f4e
c421ed06e55cef052ea86961f913e446a719a6d7d4fc66a9b58dfec4da2e1029

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:57 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2836
last-modified: Thu, 09 Feb 2023 11:43:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuzCnNVV%2BIX1FxAQGehEjAUqDmQNXSML3m2LH6kToDNLz%2FyfAxx6r8zT5zIuqBZAj6Cpbhmp0gcbSirJhR6tIsOdjjFM%2FvGlRpZFL%2FKnvQi8Av%2BUWajv%2BwISrQDb6lpV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c9e8888d87711-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=958421874&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(19024711)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&utmhid=1825919134&utmr=-&utmp=%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&utmht=1675945921199&utmac=UA-6469700-9&utmcc=__utma%3D198071217.211187243.1675945917.1675945917.1675945917.1%3B%2B__utmz%3D198071217.1675945917.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~

142.250.74.110

200 OK

35 B

URL HTTP/1.1
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=958421874&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(19024711)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&utmhid=1825919134&utmr=-&utmp=%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&utmht=1675945921199&utmac=UA-6469700-9&utmcc=__utma%3D198071217.211187243.1675945917.1675945917.1675945917.1%3B%2B__utmz%3D198071217.1675945917.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=958421874&utmhn=oaxyteek.net&utmt=event&utme=5(Ad*Paid*Success)(3)8(User)9(19024711)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sim%20File%20Share%20-%20Filehosting%20for%20Simmers&utmhid=1825919134&utmr=-&utmp=%2F-75432VLUK%2F1gHb%3Frndad%3D3118590511-1675847287&utmht=1675945921199&utmac=UA-6469700-9&utmcc=__utma%3D198071217.211187243.1675945917.1675945917.1675945917.1%3B%2B__utmz%3D198071217.1675945917.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAABAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oaxyteek.net/

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Thu, 09 Feb 2023 07:44:50 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 17172
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif

cdn.adf.ly/static/css/core_default.css

104.20.67.244

200 OK

0 B

URL HTTP/2
cdn.adf.ly/static/css/core_default.css
IP
104.20.67.244:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/css/core_default.css HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://adf.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=41418
cache-control: public, max-age=604800
etag: W/"a1ca-5faa60e6-43aa68c40fef0c2b;gz"
expires: Thu, 16 Feb 2023 12:14:02 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1016
server: cloudflare
cf-ray: 796c9e8d3cf01bfe-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ldimnveryldgitwe.xyz/popunder.gif

172.67.216.229

200 OK

0 B

URL HTTP/2
ldimnveryldgitwe.xyz/popunder.gif
IP
172.67.216.229:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: ldimnveryldgitwe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://oaxyteek.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:57 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 52080
last-modified: Wed, 08 Feb 2023 22:02:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgYwrNdM5lpDELyJIdfDFOsY7VRCqTiUcwZATX%2ByCWCMDfqCtF0CQ5aYL62wgZREVi7aMB4qYgr%2F%2F7lB6T5fML953Kfi0Wsgt4VJYJSZ%2Bc90LgGXfPj4cZGeR9QJ3TwMqGLwY5mlLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c9e87cd52b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.132.29

200 OK

0 B

URL HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.132.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://oaxyteek.net
Connection: keep-alive
Referer: http://oaxyteek.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:30:57 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://oaxyteek.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2836
last-modified: Thu, 09 Feb 2023 11:43:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px%2FVvha97lRCwGmKcN0ChIQyL4z6AoM7axueV2SvZhyXwYRH16Es8b9B7hQCraWH6uqMJd5JqJRDSoGAHMa%2BJmxMALL1mkspw6N%2F9LTzJ4Kb29SJoya48ASnWtEfrcVM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796c9e8888d07711-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML