urlscan.io logo urlscan.io
SecurityTrails logo

sk.ayga.xyz Open in urlscan Pro
2606:4700:3035::ac43:a242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/Vg8LDiPQ21
Effective URL: https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Submission: On May 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::ac43:a242, located in United States and belongs to CLOUDFLARENET, US. The main domain is sk.ayga.xyz.
TLS certificate: Issued by E1 on March 14th 2024. Valid for: 3 months.
This is the only time sk.ayga.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.5 13414 (TWITTER)
1 7 139.45.197.245 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 1 188.114.96.3 13335 (CLOUDFLAR...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
6 172.67.162.66 13335 (CLOUDFLAR...)
15 6
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
7    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
keewoach.net
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.cfdy.online
2    2606:4700:3035::ac43:a242 (United States)

ASN13335 (CLOUDFLARENET, US)
sk.ayga.xyz
6    172.67.162.66 (United States)

ASN13335 (CLOUDFLARENET, US)
sk.ayga.xyz
Apex Domain
Subdomains		 Transfer
8 ayga.xyz
sk.ayga.xyz
80 KB
7 keewoach.net
keewoach.net — Cisco Umbrella Rank: 672580
18 KB
1 cfdy.online
www.cfdy.online
607 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11492
491 B
1 t.co
t.co — Cisco Umbrella Rank: 717
626 B
15 5
Domain Requested by
8 sk.ayga.xyz 1 redirects keewoach.net
sk.ayga.xyz
7 keewoach.net 1 redirects t.co
keewoach.net
1 www.cfdy.online 1 redirects
1 my.rtmark.net keewoach.net
1 t.co
15 5

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
Subject Issuer Validity Valid
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
keewoach.net
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
ayga.xyz
E1		 2024-03-14 -
2024-06-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Frame ID: 6B57FB336D3CBB98CF64F4933B68612A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/Vg8LDiPQ21 Page URL
  2. http://keewoach.net/4/6495813 HTTP 307
    https://keewoach.net/4/6495813 Page URL
  3. https://keewoach.net/?z=6495813&syncedCookie=true&rhd=false HTTP 302
    https://keewoach.net/4/6118780/?var=6495813&btz=Europe/Berlin&bto=-120&bar=x Page URL
  4. http://www.cfdy.online/?s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403 HTTP 307
    https://www.cfdy.online/?s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403 HTTP 302
    http://sk.ayga.xyz/verify.php?xx=100263&s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=81182... HTTP 307
    https://sk.ayga.xyz/verify.php?xx=100263&s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=81182... HTTP 302
    http://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visito... HTTP 307
    https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visito... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

15
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

97 kB
Transfer

398 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/Vg8LDiPQ21 Page URL
  2. http://keewoach.net/4/6495813 HTTP 307
    https://keewoach.net/4/6495813 Page URL
  3. https://keewoach.net/?z=6495813&syncedCookie=true&rhd=false HTTP 302
    https://keewoach.net/4/6118780/?var=6495813&btz=Europe/Berlin&bto=-120&bar=x Page URL
  4. http://www.cfdy.online/?s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403 HTTP 307
    https://www.cfdy.online/?s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403 HTTP 302
    http://sk.ayga.xyz/verify.php?xx=100263&s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403 HTTP 307
    https://sk.ayga.xyz/verify.php?xx=100263&s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403 HTTP 302
    http://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403 HTTP 307
    https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://keewoach.net/4/6495813 HTTP 307
  • https://keewoach.net/4/6495813
Request Chain 5
  • https://keewoach.net/?z=6495813&syncedCookie=true&rhd=false HTTP 302
  • https://keewoach.net/4/6118780/?var=6495813&btz=Europe/Berlin&bto=-120&bar=x

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Vg8LDiPQ21
t.co/ 		282 B
626 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/Vg8LDiPQ21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
203
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Tue, 07 May 2024 21:49:41 GMT
expires
Tue, 07 May 2024 21:54:41 GMT
perf
7402827104
referrer-policy
unsafe-url
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
ab2a6795e106020a57ba0f3bae338ca5d0205839485ec1bca7ccbf3cd9907831
x-response-time
123
x-transaction-id
4788478f4fdbb452
x-xss-protection
0
6495813
keewoach.net/4/
Redirect Chain
  • http://keewoach.net/4/6495813
  • https://keewoach.net/4/6495813
33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://keewoach.net/4/6495813
Requested by
Host: t.co
URL: https://t.co/Vg8LDiPQ21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0738cfe08403212684f82e2c3b217abee32f70fe2f895b28113964fdd07eace4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://t.co/Vg8LDiPQ21
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Tue, 07 May 2024 21:49:42 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
0f821e56dfa985e5db28cd4bd273fee7

Redirect headers

Location
https://keewoach.net/4/6495813
Non-Authoritative-Reason
HttpsUpgrades
sftouch
keewoach.net/ 		2 B
603 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://keewoach.net/sftouch?userId=008055fd968d4c90f2e7622980bec31e&z=6495813&p_rid=932fafe0-1799-4a2c-9b78-7dcc54800b3c&p_src=sf&branchId=0&rb=K96u7v9VHxepmqIYw3fKZDcl--QEdixdpM0J5hnDSBnQ6mWw8Q6K3QriePiEwclqK9qCSwL8qYDUXFfBVvVIMPHRsxsRWQH8Cq6Y-kkaMRu5ynWLf38HwofbN4Fszzw47_BQH4ngSTtBdZOqydtzQR6zCTq3xSPf4-NCybIBl02S2B-qMKdRzezXnlXAfPTaCleIp-WYkuchVrH3OU20urgj5zN-FQqWD1SSY7nSGR5HAffuOse5gxfNLn8utQbTaiVnUtFqMp-2TzBXHEvVLq2bP1-nUrx6iAKnZThKRhY5k6WxCoJkjOQzpEK1k8yYguN2-w==
Requested by
Host: keewoach.net
URL: https://keewoach.net/4/6495813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.118"
Referer
https://keewoach.net/4/6495813
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:42 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
041fab5b0aac63531329cb7606487762
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://keewoach.net
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008055fd968d4c90f2e7622980bec31e&z=6495813&p_rid=932fafe0-1799-4a2c-9b78-7dcc54800b3c&p_src=sf
Requested by
Host: keewoach.net
URL: https://keewoach.net/4/6495813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://keewoach.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:42 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
keewoach.net/log/ 		12 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://keewoach.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=932fafe0-1799-4a2c-9b78-7dcc54800b3c
Requested by
Host: keewoach.net
URL: https://keewoach.net/4/6495813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.118"
Content-Type
text/plain;charset=UTF-8
Referer
https://keewoach.net/4/6495813
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:42 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://keewoach.net
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
/
keewoach.net/4/6118780/
Redirect Chain
  • https://keewoach.net/?z=6495813&syncedCookie=true&rhd=false
  • https://keewoach.net/4/6118780/?var=6495813&btz=Europe/Berlin&bto=-120&bar=x
997 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://keewoach.net/4/6118780/?var=6495813&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://keewoach.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"124.0.6367.118"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
997
content-type
text/html; charset=utf8
date
Tue, 07 May 2024 21:49:42 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <http://www.cfdy.online>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
beadd6dfb90d691a962d1cc05fc1c1b1

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://keewoach.net
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Tue, 07 May 2024 21:49:42 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://keewoach.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://keewoach.net/4/6118780/?var=6495813&btz=Europe/Berlin&bto=-120&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
77c6105c7d103d136e8f819c9ea108f3
favicon.ico
keewoach.net/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://keewoach.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.118"
Referer
https://keewoach.net/afu.php?zoneid=6495813&var=6495813&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.118
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 07 May 2024 21:49:42 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
favicon.ico
keewoach.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://keewoach.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.118"
Referer
https://keewoach.net/afu.php?zoneid=6495813&var=6495813&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.118
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 07 May 2024 21:49:42 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request /
sk.ayga.xyz/oxford/
Redirect Chain
  • http://www.cfdy.online/?s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403
  • https://www.cfdy.online/?s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403
  • http://sk.ayga.xyz/verify.php?xx=100263&s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403
  • https://sk.ayga.xyz/verify.php?xx=100263&s=fc0b44fce543a79eff7d9a6d8d539b37e571&visitor_id=811828776534282403
  • http://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
  • https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Requested by
Host: keewoach.net
URL: https://keewoach.net/4/6118780/?var=6495813&btz=Europe/Berlin&bto=-120&bar=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e883fb25f11207483690504bf063ef370b982d79b1bd74e3f5ea0584e5a790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://keewoach.net/partitial/5117854?var=6118780&ab2r=0&prfrev=false&rhd=false&sf=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88046bebf9716946-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 07 May 2024 21:49:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jApCMIYFF%2BQ2sl9rPAfKza6ia1F4JY7ODdHEpzCJDjlMw0ZWy4%2B2KO18b0Eh5VZfN7VuWTsxsn2ZJaGb9F0Mxk3Ep48sJxfsJBXfPVdWGZPv6%2FQ%2FaSpDaCZFXkTt4JHuaKBR0uY82kp8w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403#
Non-Authoritative-Reason
HSTS
bootstrap.min.css
sk.ayga.xyz/templates/ThisError/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sk.ayga.xyz/templates/ThisError/css/bootstrap.min.css
Requested by
Host: sk.ayga.xyz
URL: https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:44 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13712
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Feb 2024 06:20:42 GMT
server
cloudflare
etag
W/"65dc2dba-260c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9Uhj1PT7XsVxTCxTHqrYqsOFvz1obZPkQTTGbsYY0gkL1AjzRSq2EVhVjjbkG2JfN8r0RFHd5VDL8DVxyrX%2BbxcNkJu7sQBjzzBVODL%2FoalI4UpHbuKfV1%2BVZjx%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
88046bf02c5a8ed9-FRA
expires
Wed, 08 May 2024 02:16:21 GMT
bootstrap-icons.css
sk.ayga.xyz/templates/ThisError/css/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sk.ayga.xyz/templates/ThisError/css/bootstrap-icons.css
Requested by
Host: sk.ayga.xyz
URL: https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:44 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5797
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 29 Feb 2024 05:38:10 GMT
server
cloudflare
etag
W/"65e01842-13a7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBfJNt43lAJGIvSYnz4bRFeus%2BK5dMST%2FglchBIFomrZUS28T3Y8lOu%2FvYPjDKaPewL0Bxp5n6wahEArn9XKulkyc97dmO30Il2L%2B40wlqygt1gFaVUWw8tVR%2Ft3wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
88046bf02c5c8ed9-FRA
expires
Wed, 08 May 2024 02:16:21 GMT
bootstrap.bundle.min.js
sk.ayga.xyz/templates/ThisError/js/ 		88 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sk.ayga.xyz/templates/ThisError/js/bootstrap.bundle.min.js
Requested by
Host: sk.ayga.xyz
URL: https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dad540da6323def87188b0c6869b7b61b6e7a6bc35abbd2ff6f6a6a8a7f0d3bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:44 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5797
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 01 Mar 2024 04:31:51 GMT
server
cloudflare
etag
W/"65e15a37-15fc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w9YvNjiT25U6D8f7XJgFmGdvLKMZaPHPVWGhXCbaB6Y6SG%2Brmw1U8vtgw%2Bxpjbp8juox0rQ987CjUloTNi1Y62lAiYgx8uWsaWHnJ%2F3OaKeQizg3cZk9A8%2ByMwb8Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
88046bf02c5e8ed9-FRA
expires
Wed, 08 May 2024 02:16:21 GMT
ua-parser.min.js
sk.ayga.xyz/templates/ThisError/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sk.ayga.xyz/templates/ThisError/js/ua-parser.min.js
Requested by
Host: sk.ayga.xyz
URL: https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3539c2ff17af5449b8a543fd47a1a074e381db615f380fc02a03e2d1c78da7c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:44 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13712
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 01 Mar 2024 04:31:01 GMT
server
cloudflare
etag
W/"65e15a05-3ed2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CEWlBxcBPI3KA%2FFHd69KLr6NUtjnLwsIzTLdXIj3pdtE6c0Egqi7VxKrU7mUHmwBPkCszgQBstEs8Ash2BoWofXBKDkRFriOtkwk2EtoBfu2j%2BEpVvyn58otORFTEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
88046bf02c618ed9-FRA
expires
Wed, 08 May 2024 02:16:21 GMT
chrome_48x48.png
sk.ayga.xyz/templates/ThisError/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sk.ayga.xyz/templates/ThisError/images/chrome_48x48.png
Requested by
Host: sk.ayga.xyz
URL: https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:44 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
761061
alt-svc
h3=":443"; ma=86400
content-length
3166
last-modified
Thu, 29 Feb 2024 05:38:12 GMT
server
cloudflare
etag
"65e01844-c5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1kVX%2Fwy2iv3GPIBSQ9ynhRYGltg3iGGPlhtrxgEkSyqR3wAqlCjgMd5jaPUbsBaXWwasCrOUaxAjeq9tTayhNAQVjpj1FD0dZbDcIDEHS1Oyi515RylT4uwqcm0JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
88046bf02c638ed9-FRA
expires
Wed, 29 May 2024 02:05:09 GMT
truncated
/ 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
sk.ayga.xyz/ 		548 B
545 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sk.ayga.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sk.ayga.xyz/oxford/?id=1715118583568&v=40602184101e1ef8adc4eff8811a5650678bac855c&visitor_id=811828776534282403
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 21:49:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPMGJ1GiJOmp49Igq2UllB18gfi95mPnzh3bbdhtN6pcz0n5IzpMmnRruMDffpV5R7JfKtyfDI0RX7T8TPOjUes3EM0JsURxO8zJCYhxEPmHA1CXj6tbET5H46dCxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
88046bf12d548ed9-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap function| UAParser string| offer_url boolean| blnk function| installExtension function| checkIncognito function| followme

16 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 9efd18bb-4cbb-48f7-9cda-9648ca492c3c
keewoach.net/ Name: OAID
Value: 008055fd968d4c90f2e7622980bec31e
keewoach.net/ Name: oaidts
Value: 1715118582
my.rtmark.net/ Name: ID
Value: 008055fd968d4c90f2e7622980bec31e
keewoach.net/ Name: syncedCookie
Value: true
.www.cfdy.online/ Name: uid
Value: u15118583663aa1f73b04e684540478
.sk.ayga.xyz/ Name: vt
Value: 40602184101e1ef8adc4eff8811a5650678bac855c
.ayga.xyz/ Name: storeid
Value: ehdeapjcahjenapmdohhbdnpheddcnab
.ayga.xyz/ Name: refurl
Value: http%3A%2F%2Fsk.ayga.xyz%2Fverify.php%3Fxx%3D100263%26s%3Dfc0b44fce543a79eff7d9a6d8d539b37e571%26visitor_id%3D811828776534282403
.ayga.xyz/ Name: taskid
Value: 100263
.sk.ayga.xyz/ Name: subid
Value: ppl4
.sk.ayga.xyz/ Name: uid
Value: u15118584663aa1f839dff629922666
.sk.ayga.xyz/ Name: ts
Value: 4d500673bc00f41536f0a65g4meg7wfgdgdbew8baz
.sk.ayga.xyz/ Name: p
Value: 100082
.ayga.xyz/ Name: rqp
Value: %7B%22id%22%3A%221715118583568%22%2C%22v%22%3A%2240602184101e1ef8adc4eff8811a5650678bac855c%22%2C%22visitor_id%22%3A%22811828776534282403%22%7D
.sk.ayga.xyz/ Name: vs
Value: sk.ayga.xyz

3 Console Messages

Source Level URL
Text
security error URL: https://t.co/Vg8LDiPQ21
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
other warning URL: https://keewoach.net/4/6495813
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://sk.ayga.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0