omklefkior.com Open in urlscan Pro
139.45.197.167  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://o.underx.co/nPp-q5A7O5wkyCfPLCLkTMpeq5A8ugpFfgNQ0MqWq2L8y8qJySiaOCuP~gODTcOAYcOKThx-fZJrfDOr_tUQTcY5L5O-~CuaOQwULCYdO5YZIS4QOCfJOCwDLSR-YSHwOtqtItqQLS4PLQIPOCYwIZ1HIQOHYCRZq2kE Page URL
2. https://whautsis.com/4/5879906 Page URL
3. https://ak.deephicy.net/4/6118780/?var=5879906 Page URL
4. https://omklefkior.com/?t=0&ymid=726908363107209511 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	nPp-q5A7O5wkyCfPLCLkTMpeq5A8ugpFfgNQ0MqWq2L8y8qJySiaOCuP~gODTcOAYcOKThx-fZJrfDOr_tUQTcY5L5O-~CuaOQwULCYdO5YZIS4QOCfJOCwDLSR-YSHwOtqtItqQLS4PLQIPOCYwIZ1HIQOHYCRZq2kE Show response o.underx.co/	14 KB 10 KB	107ms 50ms	Document text/html	2606:4700:3035::6815:815 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://o.underx.co/nPp-q5A7O5wkyCfPLCLkTMpeq5A8ugpFfgNQ0MqWq2L8y8qJySiaOCuP~gODTcOAYcOKThx-fZJrfDOr_tUQTcY5L5O-~CuaOQwULCYdO5YZIS4QOCfJOCwDLSR-YSHwOtqtItqQLS4PLQIPOCYwIZ1HIQOHYCRZq2kE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b8f5b6983298e991afc08b1f1caa8aaac2a5284f0b329c675dd497853bd0de5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 80798dfe5efa9b7c-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 16 Sep 2023 13:46:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5BY1HAaD9Q9mnx%2B%2F0s%2Fs%2FeTB5GLtM%2Fvne7nIoh%2BpOAQOr7t53yakQUyjlWPKPJKJnCt8pyGb8cG7PITm%2BUlab0JL0QjOpjcQTovWLZ9EKxtxcWHG6ueZn3z%2FBgbkuZ%2BrGHWtsGpOjA12A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET DATA	200 OK	truncated /	7 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	micro.tag.min.js Show response woudaufe.net/pfe/current/	26 KB 11 KB	169ms 74ms	Script application/javascript	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://woudaufe.net/pfe/current/micro.tag.min.js?z=5948452&ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f&sw=/sw-check-permissions-fc23e.js Requested by Host: o.underx.co URL: https://o.underx.co/nPp-q5A7O5wkyCfPLCLkTMpeq5A8ugpFfgNQ0MqWq2L8y8qJySiaOCuP~gODTcOAYcOKThx-fZJrfDOr_tUQTcY5L5O-~CuaOQwULCYdO5YZIS4QOCfJOCwDLSR-YSHwOtqtItqQLS4PLQIPOCYwIZ1HIQOHYCRZq2kE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 0902f69ebed38e29e2de16ad44c314d1510fc88b2187dee42c506aae7b67aec3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers pragma no-cache date Sat, 16 Sep 2023 13:46:16 GMT content-encoding gzip last-modified Thu, 14 Sep 2023 14:59:22 GMT server nginx etag W/"65031fca-68a0" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET H2	200	sw-check-permissions-fc23e.js o.underx.co/	0 641 B	45ms 43ms	Other application/javascript	2606:4700:3035::6815:815 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://o.underx.co/sw-check-permissions-fc23e.js?ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f Requested by Host: woudaufe.net URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5948452&ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f&sw=/sw-check-permissions-fc23e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:815 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:16 GMT content-encoding br cf-cache-status MISS last-modified Sun, 14 May 2023 00:50:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64603062-236" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFlcK5I5rwIjGg%2BiYUDQOxF00SLJcRbZJ%2FyD6ttW5rZkttcCigE0HPO%2BXfYge%2Fg3%2FJkTNWev9UhI4Sg%2FgiKYrX2gdGeTt1Do6EZ1PRpUommrk8qfODYzPDMGEgOUNIg9hkRPtCWKTxdTuw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 80798e0019719b7c-FRA alt-svc h3=":443"; ma=86400
POST H2	200	zone woudaufe.net/	0 249 B	38ms 37ms	Ping text/plain	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://woudaufe.net/zone?&pub=0&zone_id=5948452&is_mobile=false&domain=o.underx.co&var=&ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f&var_3=&var_4=&dsig=&tg=1&action=prerequest Requested by Host: woudaufe.net URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5948452&ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f&sw=/sw-check-permissions-fc23e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers x-trace-id be72b26d0f9cbd954cfa533f1b34b286 date Sat, 16 Sep 2023 13:46:16 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://o.underx.co access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js Show response my.rtmark.net/	65 B 542 B	143ms 45ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5948452&checkDuplicate=true&ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f&var= Requested by Host: woudaufe.net URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5948452&ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f&sw=/sw-check-permissions-fc23e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1f225277ba15b7ff147a6bb9b2647b3bd7b248ee7fa95d6998818818ada10377 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://o.underx.co access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone Show response woudaufe.net/	804 B 1 KB	151ms 79ms	Fetch application/json	139.45.197.251 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://woudaufe.net/zone?&pub=0&zone_id=5948452&is_mobile=false&domain=o.underx.co&var=&ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f&var_3=&var_4=&dsig=&tg=1&action=settings Requested by Host: woudaufe.net URL: https://woudaufe.net/pfe/current/micro.tag.min.js?z=5948452&ymid=66fa1347549711ee8d7b6cb311236246dbdac3ad1f&sw=/sw-check-permissions-fc23e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 214b52b55f29e4f3bbde612a64145dc0cdc77ce56f8cc7b6cfc42865c2b2f090 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers x-trace-id 6b31db4043a25c50eb4f231435596e6b date Sat, 16 Sep 2023 13:46:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://o.underx.co access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 804
GET H2	200	5879906 whautsis.com/4/	1 KB 2 KB	203ms 47ms	Document text/html	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://whautsis.com/4/5879906 Requested by Host: o.underx.co URL: https://o.underx.co/nPp-q5A7O5wkyCfPLCLkTMpeq5A8ugpFfgNQ0MqWq2L8y8qJySiaOCuP~gODTcOAYcOKThx-fZJrfDOr_tUQTcY5L5O-~CuaOQwULCYdO5YZIS4QOCfJOCwDLSR-YSHwOtqtItqQLS4PLQIPOCYwIZ1HIQOHYCRZq2kE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin * * access-control-max-age 86400 cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=utf8 date Sat, 16 Sep 2023 13:46:17 GMT expires Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT link <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ak.deephicy.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" pragma no-cache no-cache server nginx timing-allow-origin * x-trace-id 0c5ef530684f4930d5aa7f3b251481a9
POST H2	200	img.gif my.rtmark.net/	43 B 504 B	50ms 50ms	Ping image/gif	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/img.gif?f=merge&userId=e48f2b9e730143b0a768e94325b73bdb Requested by Host: whautsis.com URL: https://whautsis.com/4/5879906 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/gif access-control-allow-origin https://whautsis.com access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 43
GET H2	200	/ ak.deephicy.net/4/6118780/	1 KB 2 KB	144ms 38ms	Document text/html	23.32.238.48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ak.deephicy.net/4/6118780/?var=5879906 Requested by Host: whautsis.com URL: https://whautsis.com/4/5879906 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.32.238.48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-32-238-48.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin * * access-control-max-age 86400 cache-control max-age=0, no-cache, no-store content-encoding gzip content-length 603 content-type text/html; charset=utf8 date Sat, 16 Sep 2023 13:46:17 GMT expires Sat, 16 Sep 2023 13:46:17 GMT link <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://omklefkior.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" pragma no-cache timing-allow-origin * vary Accept-Encoding x-trace-id 28b6891a50b26818264985ff4c4447e9
POST H2	200	img.gif my.rtmark.net/	43 B 507 B	44ms 44ms	Ping image/gif	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/img.gif?f=merge&userId=a15b554c408841aaa5777161aae88110 Requested by Host: ak.deephicy.net URL: https://ak.deephicy.net/4/6118780/?var=5879906 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/gif access-control-allow-origin https://ak.deephicy.net access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 43
GET H2	200	Primary Request / Show response omklefkior.com/	20 KB 5 KB	157ms 59ms	Document text/html	139.45.197.167 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://omklefkior.com/?t=0&ymid=726908363107209511 Requested by Host: ak.deephicy.net URL: https://ak.deephicy.net/4/6118780/?var=5879906 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 4ac8c1d09e42e0362fcde9dbfa6baa5127a1a9901a207b030a1736bf4cf3c8f2 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=0 content-encoding br content-type text/html; charset=UTF-8 date Sat, 16 Sep 2023 13:46:18 GMT etag W/"50f6-18a8e452dc8" last-modified Wed, 13 Sep 2023 11:20:13 GMT server nginx strict-transport-security max-age=1 vary Accept-Encoding x-content-type-options nosniff
GET H2	200	animate.css omklefkior.com/Attention_files/	78 KB 4 KB	50ms 49ms	Stylesheet text/css	139.45.197.167 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://omklefkior.com/Attention_files/animate.css Requested by Host: omklefkior.com URL: https://omklefkior.com/?t=0&ymid=726908363107209511 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://omklefkior.com/?t=0&ymid=726908363107209511 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff last-modified Wed, 13 Sep 2023 11:20:13 GMT server nginx content-encoding br etag W/"1361f-18a8e452dc8" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0
GET H2	200	qrcode.js Show response omklefkior.com/	32 KB 9 KB	100ms 100ms	Script application/javascript	139.45.197.167 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://omklefkior.com/qrcode.js Requested by Host: omklefkior.com URL: https://omklefkior.com/?t=0&ymid=726908363107209511 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://omklefkior.com/?t=0&ymid=726908363107209511 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff last-modified Wed, 13 Sep 2023 11:20:13 GMT server nginx content-encoding br etag W/"80f0-18a8e452dc8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0
GET H2	200	new_free.svg omklefkior.com/Attention_files/	2 KB 2 KB	50ms 49ms	Image image/svg+xml	139.45.197.167 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://omklefkior.com/Attention_files/new_free.svg Requested by Host: omklefkior.com URL: https://omklefkior.com/?t=0&ymid=726908363107209511 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://omklefkior.com/?t=0&ymid=726908363107209511 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff last-modified Wed, 13 Sep 2023 11:20:13 GMT server nginx etag W/"609-18a8e452dc8" content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes content-length 1545
GET H2	200	loading.svg omklefkior.com/Attention_files/	386 B 600 B	47ms 47ms	Image image/svg+xml	139.45.197.167 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://omklefkior.com/Attention_files/loading.svg Requested by Host: omklefkior.com URL: https://omklefkior.com/?t=0&ymid=726908363107209511 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://omklefkior.com/?t=0&ymid=726908363107209511 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:18 GMT strict-transport-security max-age=1 x-content-type-options nosniff last-modified Wed, 13 Sep 2023 11:20:13 GMT server nginx etag W/"182-18a8e452dc8" content-type image/svg+xml cache-control public, max-age=0 accept-ranges bytes content-length 386
GET		wxh1jm5rz8 omklefkior.com/w/	0 0
GET DATA	200 OK	truncated /	85 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers Content-Type image/gif
GET H2	404	bg.gif omklefkior.com/assets/	152 B 152 B	50ms 50ms	Image text/html	139.45.197.167 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://omklefkior.com/assets/bg.gif Requested by Host: omklefkior.com URL: https://omklefkior.com/?t=0&ymid=726908363107209511 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ddf752a709ef05084d8373b3a377fe1971fc1338ce81d4ab3a16d00ed5f1a46a Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://omklefkior.com/?t=0&ymid=726908363107209511 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers date Sat, 16 Sep 2023 13:46:18 GMT content-security-policy default-src 'none' x-content-type-options nosniff content-encoding br server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d52c641978bb13c28871284e1948353ee622ef61744ee30dbaecbee207cfcecc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

omklefkior.com

URL

https://omklefkior.com/w/wxh1jm5rz8

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| QRCode number| popupShows function| showDontLeavePopup function| imNotARobot

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-20 23:33:27	Name: ID Value: d9bd6d4901664d8a85a14b718f111542
			whautsis.com/	1970-01-20 23:33:27	Name: OAID Value: e48f2b9e730143b0a768e94325b73bdb
			whautsis.com/	1970-01-20 23:33:27	Name: oaidts Value: 1694871977
			ak.deephicy.net/	1970-01-20 23:33:27	Name: OAID Value: a15b554c408841aaa5777161aae88110
			ak.deephicy.net/	1970-01-20 23:33:27	Name: oaidts Value: 1694871977

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://omklefkior.com/assets/bg.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.deephicy.net
my.rtmark.net
o.underx.co
omklefkior.com
whautsis.com
woudaufe.net
omklefkior.com
139.45.195.8
139.45.197.167
139.45.197.244
139.45.197.251
23.32.238.48
2606:4700:3035::6815:815
0902f69ebed38e29e2de16ad44c314d1510fc88b2187dee42c506aae7b67aec3
1f225277ba15b7ff147a6bb9b2647b3bd7b248ee7fa95d6998818818ada10377
214b52b55f29e4f3bbde612a64145dc0cdc77ce56f8cc7b6cfc42865c2b2f090
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4ac8c1d09e42e0362fcde9dbfa6baa5127a1a9901a207b030a1736bf4cf3c8f2
4b8f5b6983298e991afc08b1f1caa8aaac2a5284f0b329c675dd497853bd0de5
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e
d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb
d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7
d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451
d52c641978bb13c28871284e1948353ee622ef61744ee30dbaecbee207cfcecc
ddf752a709ef05084d8373b3a377fe1971fc1338ce81d4ab3a16d00ed5f1a46a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855