urlscan.io logo urlscan.io
SecurityTrails logo

oaxyteek.net Open in urlscan Pro
172.64.197.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://usfinf.net/-89918OJHF/37Gvn?rndad=1152859062-1638583787
Effective URL: http://oaxyteek.net/not-found.php
Submission Tags: falconsandbox
Submission: On February 20 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 20 HTTP transactions. The main IP is 172.64.197.21, located in United States and belongs to CLOUDFLARENET, US. The main domain is oaxyteek.net. The Cisco Umbrella rank of the primary domain is 194213.
This is the only time oaxyteek.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 188.114.96.12 13335 (CLOUDFLAR...)
1 2 172.64.197.21 13335 (CLOUDFLAR...)
1 4 188.114.97.12 13335 (CLOUDFLAR...)
2 18.66.137.156 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 172.64.106.19 13335 (CLOUDFLAR...)
3 143.204.237.36 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 35.190.71.96 15169 (GOOGLE)
20 12
3    188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
usfinf.net
sewbineukdwi.xyz
2    172.64.197.21 (United States)

ASN13335 (CLOUDFLARENET, US)
oaxyteek.net
4    188.114.97.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.ay.gy
sewbineukdwi.xyz
2    18.66.137.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-156.fra60.r.cloudfront.net
d1nmxiiewlx627.cloudfront.net
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2606:4700::6811:e820 (United States)

ASN13335 (CLOUDFLARENET, US)
fbcdn2.com
2    172.64.106.19 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
3    143.204.237.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-36.cph50.r.cloudfront.net
hathehadin.com
1    2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
Apex Domain
Subdomains		 Transfer
3 sewbineukdwi.xyz
sewbineukdwi.xyz
1 KB
3 hathehadin.com
hathehadin.com
4 KB
3 ay.gy
cdn.ay.gy
22 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 30031
101 KB
2 fbcdn2.com
fbcdn2.com — Cisco Umbrella Rank: 508725
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
119 KB
2 cloudfront.net
d1nmxiiewlx627.cloudfront.net
37 KB
2 oaxyteek.net
oaxyteek.net — Cisco Umbrella Rank: 194213
5 KB
1 onclickgenius.com
onclickgenius.com — Cisco Umbrella Rank: 212295
2 KB
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 182865
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2506
242 B
1 usfinf.net
usfinf.net
982 B
20 12
Domain Requested by
3 sewbineukdwi.xyz 1 redirects oaxyteek.net
3 hathehadin.com d1nmxiiewlx627.cloudfront.net
3 cdn.ay.gy oaxyteek.net
cdn.ay.gy
2 pogothere.xyz d1nmxiiewlx627.cloudfront.net
2 fbcdn2.com oaxyteek.net
fbcdn2.com
2 www.googletagmanager.com oaxyteek.net
www.googletagmanager.com
2 d1nmxiiewlx627.cloudfront.net oaxyteek.net
hathehadin.com
2 oaxyteek.net 1 redirects
1 onclickgenius.com fbcdn2.com
1 ufpcdn.com fbcdn2.com
1 region1.google-analytics.com www.googletagmanager.com
1 usfinf.net 1 redirects
20 12

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.pogothere.xyz
E1		 2022-12-31 -
2023-03-31		 3 months crt.sh
hathehadin.com
Amazon RSA 2048 M01		 2023-02-18 -
2024-03-18		 a year crt.sh
*.sewbineukdwi.xyz
GTS CA 1P5		 2023-02-16 -
2023-05-17		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://oaxyteek.net/not-found.php
Frame ID: E6228C8AC986EFE92D63762D1DCB6B79
Requests: 17 HTTP requests in this frame

Frame: http://hathehadin.com/MzZZTGxSVDohU1ILO2oZQVpkaV51E2sKCAJYNDQFWlMuIBQFBG5iD19ZLCgKQVk3OEJdUy1pXnVhDAQufVQNBRZ7TxQAKGBnAwc6cnAACQAKYRgeXnRcbQ80cHQXDjoCVBsZLWphCCMBYmQIJA90Y2gqXEdxEiQ+RG4LHVR2ZRQHKABvDwUbB2YAGjVAdQ8OGGFxKhY9WQ47Ly0GfRMkKV1+NRUEdWILAD5JcBcFLXl/Fh4bW3IbKAV9WDEILV1gGio5ZXAWHlhDdzIZBmVuYCg0cGQPKl0DcgAKWQplGAk/ZW5gKD5nXTwpXVhuADYmXG4uBQNhWHQgKXUEEw0gcQcaHC5mABoKLQRxDSAlcnQDCgpfWToVXGlZATsmB3EgGTZrTCEaCkoCARUHcl4bCgcCYAF1CGViDBgmVH87KDl5Dx0gA1p+IA0ldQQQfgp1QRoqB3FcDg02XGcOAg9yWxsaCgIHGwE+akURfRgCZz44NXJhPSkKX0UMBjkCDn8mH1xYKXEkA18MfDkHDi99NX90bAle
Frame ID: 1CCD4F4D3248B60F48B0ECB619A3820A
Requests: 2 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 693B0C7F00DD687B151E0746F916B7B9
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 51064728E20DEB2141FCB8D871E34872
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdF.ly - Not Found

Page URL History Show full URLs

  1. http://usfinf.net/-89918OJHF/37Gvn?rndad=1152859062-1638583787 HTTP 301
    http://oaxyteek.net/-104119NFGA/-89918OJHF?rndad=1607714712-1676931667 HTTP 302
    http://oaxyteek.net/not-found.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

40 %
HTTPS

36 %
IPv6

12
Domains

12
Subdomains

12
IPs

3
Countries

305 kB
Transfer

618 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://usfinf.net/-89918OJHF/37Gvn?rndad=1152859062-1638583787 HTTP 301
    http://oaxyteek.net/-104119NFGA/-89918OJHF?rndad=1607714712-1676931667 HTTP 302
    http://oaxyteek.net/not-found.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://sewbineukdwi.xyz/popunder.gif HTTP 301
  • https://sewbineukdwi.xyz/popunder.gif

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request not-found.php
oaxyteek.net/
Redirect Chain
  • http://usfinf.net/-89918OJHF/37Gvn?rndad=1152859062-1638583787
  • http://oaxyteek.net/-104119NFGA/-89918OJHF?rndad=1607714712-1676931667
  • http://oaxyteek.net/not-found.php
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
172.64.197.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
b7e81729bff04d65e440cfed30e6df710c501983ae67b21de586024dc7868274

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
79caa22a6ab02bcf-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Feb 2023 22:21:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BmCXww%2Bzcj%2Fnf%2BJilm%2FMnunfzDuOmLBbxWGMBglXHLzxFVePlA%2Fic6V3QBygrKNgI%2F%2FJNhhEzK1y5QchS0DG9mgC3zAXVRL4HJLRU42RivnONsdUZ6KJAR42lVXGSQ%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
79caa228d8b12bcf-FRA
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Feb 2023 22:21:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBBNr%2BUdgCOp0ps5Czwj6gR2ygO8vhjkR5dwFC3te2Oe3hkRuaWlfbI3GBTjlPxibl%2Fw0Fs1%2Fj3rFsZOeIDettH9ngDEyNHAvGM4RQs8sW1q9ZJdCLo6NQsHmmzj6ZM%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/not-found.php
pragma
no-cache
strict-transport-security
max-age=0
x-powered-by
adfly
x-turbo-charged-by
LiteSpeed
static.css
cdn.ay.gy/static/css/ 		294 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.ay.gy/static/css/static.css
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5053408759f620e648176400c2b59c685e7cea1a0bdb8b41275dee3f00e7fa65

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 22:21:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
861
Cf-Polished
origSize=420
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj
minify
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
W/"1a4-5faa60e6-959389537b65d2c0;gz"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhL3gvNvi9F357FI9%2F0E%2F%2FY8%2Bx0ScMMg%2FOjO8JNQR74Dy0ZslPeFnJL%2FWqUnqzMe8WxT7fNkvSg44RiMgGVcJmpST1RYwKFQ%2FHj7CEUg%2BYwz3yvIbklcKDs8ydg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
CF-RAY
79caa22eafea92b3-FRA
expires
Mon, 27 Feb 2023 22:06:47 GMT
/
d1nmxiiewlx627.cloudfront.net/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
18.66.137.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-156.fra60.r.cloudfront.net
Software
/
Resource Hash
2f2a5ee8c55921c842d8327e39f520196922c53db3ed76925f7145a939883555

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Feb 2023 22:21:08 GMT
content-encoding
gzip
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
36159
X-Amz-Cf-Id
xOTaKcvDfxdmBKo7Xib3rKKjJyJTpa1o63U1WS72JhsbkFGuEP5xuQ==
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4ea98b7acc256f3072c60727ab9a1d24863b874fd471a2986c9c5022bdbb140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 22:21:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40998
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Feb 2023 22:21:07 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a03ca0e37c0864b69569b5d1c5b0899c5fbd7dfb9ea45bf8b17fcba4e19557ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 22:21:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80023
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 Feb 2023 22:21:07 GMT
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je32f0&_p=963027810&cid=1919810678.1676931668&ul=en-us&sr=1600x1200&_s=1&sid=1676931667&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2Fnot-found.php&dt=AdF.ly%20-%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Feb 2023 22:21:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://oaxyteek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
compatibility.js
fbcdn2.com/script/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fbcdn2.com/script/compatibility.js
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
2606:4700::6811:e820 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 22:21:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1468
Transfer-Encoding
chunked
X-GUploader-UploadID
ADPycduJT_qwzdy3rRgqUEUyaQob6IHEiw0Vs05-i1IgG8V147H6ISFJruYuhicD5o5xnjxxvdSRdwZgs9nWRBHpZiIjvUNT0GSP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Tue, 21 Jun 2022 09:08:43 GMT
Server
cloudflare
ETag
W/"946bb9192a14e6dad035a9ec8178f073"
Vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655802523449377
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
Access-Control-Expose-Headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
Cache-Control
public, max-age=14400
x-goog-stored-content-length
14461
CF-RAY
79caa22f495b35ff-FRA
Expires
Tue, 21 Feb 2023 02:21:08 GMT
header_gradient.jpg
cdn.ay.gy/static/image/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.ay.gy/static/image/header_gradient.jpg
Requested by
Host: cdn.ay.gy
URL: http://cdn.ay.gy/static/css/static.css
Protocol
HTTP/1.1
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://cdn.ay.gy/static/css/static.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 22:21:08 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
854
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
8872
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"22a8-5faa60e6-8ea5f64bb41938f5;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BCHM70zvshaqYJiZrvr1%2BmcYiWfHG0h76PvXf21MLkJejNkhd6noUNrUfC1oclejW76lixROkrpzfSD3UOc8jNjkFFljvV3%2FIlrGIHRPsiJQZme9g6Yuvaz%2Ffk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
79caa22ed80d92b3-FRA
expires
Mon, 27 Feb 2023 22:06:54 GMT
logo.png
cdn.ay.gy/static/image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.ay.gy/static/image/logo.png
Requested by
Host: cdn.ay.gy
URL: http://cdn.ay.gy/static/css/static.css
Protocol
HTTP/1.1
Server
188.114.97.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://cdn.ay.gy/static/css/static.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 22:21:08 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1110
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
10726
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
etag
"29e6-5faa60e6-b22ed065d915c717;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LD3XFI5%2B7MOsFYUfxcTCw6CZ6nx9QZriiZfTgD3R4b75RoEEKbZ2sN1VxXmD8ouxvL19PPGijFv0OENdvznJkHvtHuJgwE6fHmCtcbab76NTlPvKxUlkQmbCoi8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
79caa22eff6192c3-FRA
expires
Mon, 27 Feb 2023 22:02:34 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 22:21:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2613
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Feb 2023 21:37:35 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://oaxyteek.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYQ5toYtKI3ChhXeGaanENVvSeoOE3PAi0P%2Fnd3HVCmRSz8BUOrbQN3dW9P3HbILR5pFvWR7lkD3BHm9x23fKwaZIGxQ2hifdjGsYzEwKa%2BpcZIPOVJU5d6KfhGS8WTN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
79caa22f4acb9966-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86387d33d8ac94d7cddeb5869ddf3ff2ece68aeaabd11a0d40045a26f795782b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 22:21:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZE%2BJkffq9XlRjrE0m1qXVV%2FEUzClgCI9%2Fb1en1r721GVDVxjH91BughqwD89xQcMMZHgyas89PbcWN0loAzpzhoSBa7q6chtitQ7MbAyv5ZhEKW%2Bf1iNfXwBn4%2FLomb"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://oaxyteek.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
79caa22f4acc9966-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
hathehadin.com/ 		0
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hathehadin.com/utx?cb=FnwrIEQPXASt&top=oaxyteek.net&tid=709056
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-36.cph50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Feb 2023 22:21:08 GMT
via
1.1 c63e477878535a923916847cfe5704ea.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
CPH50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://oaxyteek.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
hPnB1A__l0krxeaV6RctzWUb1COS2z4RUcsX0aVz4EHChrXjEvgQWA==
ZW5gKD5nXTwpXVhuADYmXG4uBQNhWHQgKXUEEw0gcQcaHC5mABoKLQRxDSAlcnQDCgpfWToVXGlZATsmB3EgGTZrTCEaCkoCARUHcl4bCgcCYAF1CGViDBgmVH87KDl5Dx0gA1p+IA0ldQQQfgp1QRoqB3FcDg02XGcOAg9yWxsaCgIHGwE+akURfRgCZz44NXJhP...
hathehadin.com/MzZZTGxSVDohU1ILO2oZQVpkaV51E2sKCAJYNDQFWlMuIBQFBG5iD19ZLCgKQVk3OEJdUy1pXnVhDAQufVQNBRZ7TxQAKGBnAwc6cnAACQAKYRgeXnRcbQ80cHQXDjoCVBsZLWphCCMBYmQIJA90Y2gqXEdxEiQ+RG4LHVR2ZRQHKABvDwUbB2... Frame 1CCD 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hathehadin.com/MzZZTGxSVDohU1ILO2oZQVpkaV51E2sKCAJYNDQFWlMuIBQFBG5iD19ZLCgKQVk3OEJdUy1pXnVhDAQufVQNBRZ7TxQAKGBnAwc6cnAACQAKYRgeXnRcbQ80cHQXDjoCVBsZLWphCCMBYmQIJA90Y2gqXEdxEiQ+RG4LHVR2ZRQHKABvDwUbB2YAGjVAdQ8OGGFxKhY9WQ47Ly0GfRMkKV1+NRUEdWILAD5JcBcFLXl/Fh4bW3IbKAV9WDEILV1gGio5ZXAWHlhDdzIZBmVuYCg0cGQPKl0DcgAKWQplGAk/ZW5gKD5nXTwpXVhuADYmXG4uBQNhWHQgKXUEEw0gcQcaHC5mABoKLQRxDSAlcnQDCgpfWToVXGlZATsmB3EgGTZrTCEaCkoCARUHcl4bCgcCYAF1CGViDBgmVH87KDl5Dx0gA1p+IA0ldQQQfgp1QRoqB3FcDg02XGcOAg9yWxsaCgIHGwE+akURfRgCZz44NXJhPSkKX0UMBjkCDn8mH1xYKXEkA18MfDkHDi99NX90bAle
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
HTTP/1.1
Server
143.204.237.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-36.cph50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
700edca9d6ee80ae4208fa905750524506c145942350b1b48ce08db88efa0775

Request headers

Referer
http://oaxyteek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
1245
Content-Type
text/html
Date
Mon, 20 Feb 2023 22:21:08 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 e5438140b3bc19de0435cd47ff9426dc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
EgNmVVf18IYNnHYkJ9meHyZNU7veBdd9_ch0CWuraoLNsVVGQqbDKA==
X-Amz-Cf-Pop
CPH50-C1
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
ACskDXAYcHoeZkB7ex5kSDh2AXAaPSpXa19rO0QiAnB6BmFYdHgBYFh1eQll
sewbineukdwi.xyz/Vm5NSzB5US44DQUoCx5hZSR4EXcyFh8TATw3FRl7MAMXIlQ9K2s/WTJTensJZlt7bUA/CnB5CXAdOSpEIx1wehY/ 		0
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sewbineukdwi.xyz/Vm5NSzB5US44DQUoCx5hZSR4EXcyFh8TATw3FRl7MAMXIlQ9K2s/WTJTensJZlt7bUA/CnB5CXAdOSpEIx1wehY/ACskDXAYcHoeZkB7ex5kSDh2AXAaPSpXa19rO0QiAnB6BmFYdHgBYFh1eQll
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 22:21:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA93n6OY3wmmZc8beZODEbRfOA1Cvgt2uP%2B91JoT2Lf80i8nQhZUMCAvaYJK%2B7xwDJZ8OQQhhJb9d2hEI2KkRNRb5awQuE3%2BB5%2BEgYKSvmB1pFdBw%2FqOniDo4Hpfm63OIRjA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79caa22f7b013636-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
identify.html
ufpcdn.com/script/ Frame 693B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Referer
http://oaxyteek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
79caa22fdc75366e-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 20 Feb 2023 22:21:08 GMT
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgfm6hV9x%2F6a5jf5DDM1AZiQsspirWkZNL%2F%2FFs2gK0%2B9jJnlGfNLeYB%2FfaTCJRuPVvs5OLiGnAO4tdek6nbhaUYbDKF%2F8yfuWYCCo4KSy51sEfiOpgnZMGbFtyO1bpRZvPazkVM4kIpb"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
WUHBNbTIzHyMLDSQZKVAFYEl9WAR2Gj4CXCBNBV1bBUAYWQomQRQhcGU1f0tGKhRwXRQ8ESMKD3YVIw4PYVYsCVBtRGsZQj8bcA5KJhEnHlYhFTRLRzFNIAJIORwhDBdiNnhDAnVCfUVFOR4pAkUjVX9dXCRVf10DYF59SAESVX9dRTkee1kXYzJoXwIoRn-lEF2J...
d1nmxiiewlx627.cloudfront.net/ Frame 1CCD 		596 B
846 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d1nmxiiewlx627.cloudfront.net/WUHBNbTIzHyMLDSQZKVAFYEl9WAR2Gj4CXCBNBV1bBUAYWQomQRQhcGU1f0tGKhRwXRQ8ESMKD3YVIw4PYVYsCVBtRGsZQj8bcA5KJhEnHlYhFTRLRzFNIAJIORwhDBdiNnhDAnVCfUVFOR4pAkUjVX9dXCRVf10DYF59SAESVX9dRTkee1kXYzJoXwIoRn-lEF2JALB1CPBU6CFA7GTlIABZFflocY0ZoXwJ4GyUZXzxVfy4XYkAhBFk1VX9dVTUTJgIbdUJ9DloiHyAIF2I2fFwCfkBjWAZoQWNcAmBVf11BMRYsH1t1QgtYAWdeflsUJU18
Requested by
Host: hathehadin.com
URL: http://hathehadin.com/MzZZTGxSVDohU1ILO2oZQVpkaV51E2sKCAJYNDQFWlMuIBQFBG5iD19ZLCgKQVk3OEJdUy1pXnVhDAQufVQNBRZ7TxQAKGBnAwc6cnAACQAKYRgeXnRcbQ80cHQXDjoCVBsZLWphCCMBYmQIJA90Y2gqXEdxEiQ+RG4LHVR2ZRQHKABvDwUbB2YAGjVAdQ8OGGFxKhY9WQ47Ly0GfRMkKV1+NRUEdWILAD5JcBcFLXl/Fh4bW3IbKAV9WDEILV1gGio5ZXAWHlhDdzIZBmVuYCg0cGQPKl0DcgAKWQplGAk/ZW5gKD5nXTwpXVhuADYmXG4uBQNhWHQgKXUEEw0gcQcaHC5mABoKLQRxDSAlcnQDCgpfWToVXGlZATsmB3EgGTZrTCEaCkoCARUHcl4bCgcCYAF1CGViDBgmVH87KDl5Dx0gA1p+IA0ldQQQfgp1QRoqB3FcDg02XGcOAg9yWxsaCgIHGwE+akURfRgCZz44NXJhPSkKX0UMBjkCDn8mH1xYKXEkA18MfDkHDi99NX90bAle
Protocol
HTTP/1.1
Server
18.66.137.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-156.fra60.r.cloudfront.net
Software
/
Resource Hash
c2a7bebef5e9003ec93eddc60991b221bae1332f8e67bb626b0ffe84e8c5ff44

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://hathehadin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 22:21:08 GMT
content-encoding
gzip
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
459
X-Amz-Cf-Id
dMDShT7kYGGc8o-9t_RK2hpe6tCv6RUS8RjHWl2nHgbIjZtkfhCG2Q==
suurl.php
onclickgenius.com/script/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickgenius.com/script/suurl.php?r=2984815&cbrandom=0.6097957153000026&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=AdF.ly%20-%20Not%20Found&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
bf55bab5d6656eeebd55cbda5c5570a38b30c4b495516f8da88d64cc6a67a228

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Feb 2023 22:21:08 GMT
Content-Encoding
gzip
Via
1.1 google
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
chrome.js
fbcdn2.com/script/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fbcdn2.com/script/chrome.js
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
2606:4700::6811:e820 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5887cd65b601571ba60ff7e1b7af9d962582dc3dc249484d31683933f890a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 22:21:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
3225
Transfer-Encoding
chunked
X-GUploader-UploadID
ADPycds-L7RzmaXVfhn-3hEHyXRGImQuwfCDoSE5VbkH1wfFAFxttFEe2OsoEE-Dv48WrwonXB-icshVLpgZxJ-BQQJz_Y4b5lhW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Tue, 21 Jun 2022 09:08:35 GMT
Server
cloudflare
ETag
W/"570f12f75cff1a833ca0c6d20df2d678"
Vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1655802515177297
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=+lXQYg==, md5=Vw8S91z/GoM8oMbSDfLWeA==
Cache-Control
public, max-age=14400
x-goog-stored-content-length
25892
CF-RAY
79caa230bb4235ff-FRA
Expires
Tue, 21 Feb 2023 02:21:08 GMT
popunder.gif
sewbineukdwi.xyz/
Redirect Chain
  • http://sewbineukdwi.xyz/popunder.gif
  • https://sewbineukdwi.xyz/popunder.gif
35 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sewbineukdwi.xyz/popunder.gif
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Feb 2023 22:21:08 GMT
cf-cache-status
HIT
last-modified
Mon, 20 Feb 2023 21:45:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2137
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsN4TEoEasEBLLpEPHlC6zhvNYVU4bK%2Bnz7gtjVnT1Z4MsxZXgx5Qn7aycCz2%2FRrbId7l19IENdtcsFBNaTFpk6HEmma0eFCNqWmRjvAW%2BISDDGsUzWj1wH%2FIYXFvYbrxw%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
79caa231bdc33636-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Mon, 20 Feb 2023 22:21:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6qMLR4B4%2FVHAQ3Zrx7d%2B0ZHeakYAkKgA%2BQsboLv1Q%2Bh%2Fq1fYv%2F4MnWPY7UlTidV6kL0MdtFEzTJ5GB2VH8ADhQdp8NB5EpSklCcQAfbQnRJXl7OE%2FbTQJSo9r2JtLjl7jOL"}],"group":"cf-nel","max_age":604800}
Location
https://sewbineukdwi.xyz/popunder.gif
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
79caa23198f291e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Mon, 20 Feb 2023 23:21:08 GMT
multi
hathehadin.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hathehadin.com/multi?cs=ZlE2TE9XZAV%2BeFNjA3t3UGYAeXw&abt=0&red=1&sm=76&k=&v=1.0.60.2&sts=0&prn=0&emb=0&tid=709056&rxy=1600_1200&u=331718255110513&agec=1676931668&fs=1&mbkb=746.2686567164179&ref=http%3A%2F%2Foaxyteek.net%2Fnot-found.php&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F110.0.5481.100%20safari%2F537.36&tzd=0&uloc=&if=0&_0LTH=1676931668780&crc=1
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-36.cph50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
37b5d4a194ec296ee1d13ff09f61e60381b09dff61a05c72dd0ba08bfafe2f1e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Feb 2023 22:21:08 GMT
content-encoding
gzip
via
1.1 c63e477878535a923916847cfe5704ea.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
CPH50-C1
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
http://oaxyteek.net
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1522
x-amz-cf-id
omn7G5alB4YZcq8TDksuiIPP5V-Ffkxj08KbKXX4wsDIGGITM048Fg==
truncated
/ Frame 5106 		900 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| dataLayer object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu number| LAST_CORRECT_EVENT_TIME number| _2328677372 function| fa function| ufpAttach object| CTAMAT number| delay object| adcashUfp object| Cnac object| stamat function| NqPnfu3691024006094814 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _adas_v211fa function| jonIUBFjnvJDNvluc0.8660748310079822

6 Cookies

Domain/Path Name / Value
usfinf.net/ Name: FLYSESSID
Value: 2vgcmme2nt5gs2nedqedl0cqhc
oaxyteek.net/ Name: FLYSESSID
Value: t1c9al398cb8lbkp0cnite0hsu
.oaxyteek.net/ Name: _ga
Value: GA1.1.1919810678.1676931668
.oaxyteek.net/ Name: _ga_GT41R23D5L
Value: GS1.1.1676931667.1.0.1676931667.0.0.0
pogothere.xyz/ Name: csu
Value: 331718255110513@1@1676931668
oaxyteek.net/ Name: adcashufpv3
Value: 55911494573174501837779631

1 Console Messages

Source Level URL
Text
network error URL: http://oaxyteek.net/not-found.php
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ay.gy
d1nmxiiewlx627.cloudfront.net
fbcdn2.com
hathehadin.com
oaxyteek.net
onclickgenius.com
pogothere.xyz
region1.google-analytics.com
sewbineukdwi.xyz
ufpcdn.com
usfinf.net
www.googletagmanager.com
143.204.237.36
172.64.106.19
172.64.197.21
18.66.137.156
188.114.96.12
188.114.97.12
2001:4860:4802:32::36
2606:4700:3037::ac43:8e31
2606:4700::6811:e820
2a00:1450:4001:810::2008
35.190.71.96
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
2f2a5ee8c55921c842d8327e39f520196922c53db3ed76925f7145a939883555
31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4
37b5d4a194ec296ee1d13ff09f61e60381b09dff61a05c72dd0ba08bfafe2f1e
5053408759f620e648176400c2b59c685e7cea1a0bdb8b41275dee3f00e7fa65
700edca9d6ee80ae4208fa905750524506c145942350b1b48ce08db88efa0775
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86387d33d8ac94d7cddeb5869ddf3ff2ece68aeaabd11a0d40045a26f795782b
a03ca0e37c0864b69569b5d1c5b0899c5fbd7dfb9ea45bf8b17fcba4e19557ad
b7e81729bff04d65e440cfed30e6df710c501983ae67b21de586024dc7868274
bf55bab5d6656eeebd55cbda5c5570a38b30c4b495516f8da88d64cc6a67a228
c2a7bebef5e9003ec93eddc60991b221bae1332f8e67bb626b0ffe84e8c5ff44
cc5887cd65b601571ba60ff7e1b7af9d962582dc3dc249484d31683933f890a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4ea98b7acc256f3072c60727ab9a1d24863b874fd471a2986c9c5022bdbb140
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a