urlscan.io logo urlscan.io
SecurityTrails logo

oaxyteek.net Open in urlscan Pro
172.64.129.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://neexulro.net/-122347ZNRQ/oJZc?rndad=3585247788-1669306147
Effective URL: http://oaxyteek.net/not-found.php
Submission Tags: falconsandbox
Submission: On February 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 20 HTTP transactions. The main IP is 172.64.129.18, located in United States and belongs to CLOUDFLARENET, US. The main domain is oaxyteek.net. The Cisco Umbrella rank of the primary domain is 194213.
This is the only time oaxyteek.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.0.99 13335 (CLOUDFLAR...)
1 2 172.64.129.18 13335 (CLOUDFLAR...)
3 188.114.96.12 13335 (CLOUDFLAR...)
2 13.32.23.51 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.64.132.29 13335 (CLOUDFLAR...)
2 54.230.111.21 16509 (AMAZON-02)
1 54.230.111.51 16509 (AMAZON-02)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 35.190.71.96 15169 (GOOGLE)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
20 13
1    104.21.0.99 (None, )

ASN13335 (CLOUDFLARENET, US)
neexulro.net
2    172.64.129.18 (United States)

ASN13335 (CLOUDFLARENET, US)
oaxyteek.net
3    188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.ay.gy
2    13.32.23.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-51.fra56.r.cloudfront.net
d1nmxiiewlx627.cloudfront.net
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6810:da14 (United States)

ASN13335 (CLOUDFLARENET, US)
fbcdn2.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
2    172.64.132.29 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
2    54.230.111.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-111-21.osl50.r.cloudfront.net
aquentlytujim.com
1    54.230.111.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-111-51.osl50.r.cloudfront.net
aquentlytujim.com
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
eoseurlingeringonl.xyz
1    35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
eoseurlingeringonl.xyz
Apex Domain
Subdomains		 Transfer
3 eoseurlingeringonl.xyz
eoseurlingeringonl.xyz
1 KB
3 aquentlytujim.com
aquentlytujim.com
4 KB
3 ay.gy
cdn.ay.gy
21 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 30031
101 KB
2 fbcdn2.com
fbcdn2.com — Cisco Umbrella Rank: 508725
14 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
119 KB
2 cloudfront.net
d1nmxiiewlx627.cloudfront.net
37 KB
2 oaxyteek.net
oaxyteek.net — Cisco Umbrella Rank: 194213
5 KB
1 onclickgenius.com
onclickgenius.com — Cisco Umbrella Rank: 212295
2 KB
1 ufpcdn.com
ufpcdn.com — Cisco Umbrella Rank: 182865
2 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2506
242 B
1 neexulro.net
neexulro.net
975 B
20 12
Domain Requested by
3 eoseurlingeringonl.xyz 1 redirects oaxyteek.net
3 aquentlytujim.com d1nmxiiewlx627.cloudfront.net
3 cdn.ay.gy oaxyteek.net
cdn.ay.gy
2 pogothere.xyz d1nmxiiewlx627.cloudfront.net
2 fbcdn2.com oaxyteek.net
fbcdn2.com
2 www.googletagmanager.com oaxyteek.net
www.googletagmanager.com
2 d1nmxiiewlx627.cloudfront.net oaxyteek.net
aquentlytujim.com
2 oaxyteek.net 1 redirects
1 onclickgenius.com fbcdn2.com
1 ufpcdn.com fbcdn2.com
1 region1.google-analytics.com www.googletagmanager.com
1 neexulro.net 1 redirects
20 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-29 -
2023-05-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.pogothere.xyz
E1		 2022-12-31 -
2023-03-31		 3 months crt.sh
aquentlytujim.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-03-09		 a year crt.sh
*.eoseurlingeringonl.xyz
GTS CA 1P5		 2023-02-09 -
2023-05-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://oaxyteek.net/not-found.php
Frame ID: B8079858A0990818BACBEC4A966A2701
Requests: 17 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: A98D694B03A833DC01418C85E3DC64C0
Requests: 1 HTTP requests in this frame

Frame: http://aquentlytujim.com/NFdiOHRVNQFVS1VqAB4BRjtfHUZyclB+EAU5D0AdXTIVVAwCZVUWF1g4F1wSRjgMTFpaMhYdRnIzL1UMewY3DSZ1LiNWF2EOJHMaTGIjVCIRZSBcPFMCIFJEQR4nciZzEzN8LU44KnMDXC8rQBdzFCBpLXoUNEI1XzgLcTd2ATdvE18eJH4mUmUBTiJTYhhcI1wQKnsxRTRTDD1/BDcOI1wCWnMdXwIla00MHlMII34uUlEhBDtaekdHNDp/AE4xClcWfi5aSSxmJFtiPEMUI1IEXzEjchBSOlsdRnYRUwA5bh8VezNNNBRdNW4dBGk6RhYkT0ZQZA1aJ2x6GkA4BB4BcR1lYjRPQFgcJlcsbDAKCBJlASFeLFAlI34MWRwLYjN1BChTEnwRKF48cT41TxdGDSpPN3cuEVE+YmYkWUd6clB6IWUGWnQdeg8xYAN8MRV2F20fJF82BT9QWzN1EzpwQV8xI3ESeC4BTiV1ARBbA1MfOgsYQjEzaj97ZBodRnJxCEsbWidfbgF5BjRxHnIULWEzcg
Frame ID: 9FC9927B9A155525C4C69B4A18230398
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: E739F2B5C7609E576D658665E7361E0B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdF.ly - Not Found

Page URL History Show full URLs

  1. http://neexulro.net/-122347ZNRQ/oJZc?rndad=3585247788-1669306147 HTTP 301
    http://oaxyteek.net/-123055NKXL/-122347ZNRQ?rndad=3117783972-1676554219 HTTP 302
    http://oaxyteek.net/not-found.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

55 %
HTTPS

29 %
IPv6

12
Domains

12
Subdomains

13
IPs

4
Countries

304 kB
Transfer

618 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://neexulro.net/-122347ZNRQ/oJZc?rndad=3585247788-1669306147 HTTP 301
    http://oaxyteek.net/-123055NKXL/-122347ZNRQ?rndad=3117783972-1676554219 HTTP 302
    http://oaxyteek.net/not-found.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://eoseurlingeringonl.xyz/popunder.gif HTTP 301
  • https://eoseurlingeringonl.xyz/popunder.gif

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request not-found.php
oaxyteek.net/
Redirect Chain
  • http://neexulro.net/-122347ZNRQ/oJZc?rndad=3585247788-1669306147
  • http://oaxyteek.net/-123055NKXL/-122347ZNRQ?rndad=3117783972-1676554219
  • http://oaxyteek.net/not-found.php
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
172.64.129.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
e5da3836ee8902f644ce76daa364a21c6b686efb3ff7c26055b8a05037af4c7d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
79a6a321288039be-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Feb 2023 13:30:19 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2q2MwiAuj4LdbYBegapDtD6bzBQy5uGKYhfiIfjQ7FNzHLcKwkrv0twCubqfAGB7iKuoMiOdtSP9KpboqUw6McSK6Ld82AUP6rsxyVVGNpzkQzOPx677VlzSfxijbD4%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
79a6a31f3d6139be-FRA
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Feb 2023 13:30:19 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8nLPDbv1VEA6hlLW2zwPHY2XIY5GpyTiFQ3yP29BRlkx47odam7hoxVUsHo%2B16%2Ffh0G0rfK9mqunK0hzIYZEaee4a3lVokBE5xmG8K0aRVSSFBhms8kBhKVZuR%2FRp0%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/not-found.php
pragma
no-cache
strict-transport-security
max-age=0
x-powered-by
adfly
x-turbo-charged-by
LiteSpeed
static.css
cdn.ay.gy/static/css/ 		420 B
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ay.gy/static/css/static.css
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e34fe81eabef2bb61177783c03c8042752b33b93e0ef6672a3b9e5698db1c865

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:30:20 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1a4-5faa60e6-959389537b65d2c0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2B%2FduD8FD%2BBWyH%2B3dHPs43vEZkHNgKWhF1ZLS8aWOXgryGXi9O5vhskwn%2BqY1o8bwPNvFVFvHqVENfOnNl3OkHiItx766%2BZXTw4cl6eI4vmILo4xl4jt3mB3IT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
79a6a322493b35f4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 23 Feb 2023 13:30:20 GMT
/
d1nmxiiewlx627.cloudfront.net/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
13.32.23.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-51.fra56.r.cloudfront.net
Software
/
Resource Hash
0a98c453ea7455adf22fab95ada89dfd74bc76db5597bd9a3b8324452b4bf8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Feb 2023 13:30:20 GMT
content-encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
36174
X-Amz-Cf-Id
sFHLe2uqXMFXuMZth03AHqQ1TmpdHHToflw73BY1avXOY7eczquD6Q==
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7aa4e2795abc1f677e1780b7c4b2005f169adbdc5366d46b8b6217ff51442c25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:30:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40970
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Feb 2023 13:30:19 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NL9VFJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c16489c1f3b9a280b494d32d7436d91e5d555e02e4da98c80e69469ce98281ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:30:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80139
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Feb 2023 13:30:20 GMT
compatibility.js
fbcdn2.com/script/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fbcdn2.com/script/compatibility.js
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
HTTP/1.1
Server
2606:4700::6810:da14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 13:30:20 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
2384
Transfer-Encoding
chunked
X-GUploader-UploadID
ADPycdvlxu67fmSufdv2DxbqqijKsYsDfI56wssurgOqEDnQ-Z8fv_ul4tuUjG2B2ycKZ9EPfYK5fhCvK40P4TBcwJ3ZsrX8oTYB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Tue, 21 Jun 2022 09:08:43 GMT
Server
cloudflare
ETag
W/"946bb9192a14e6dad035a9ec8178f073"
Vary
Accept-Encoding
x-goog-generation
1655802523449377
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
Cache-Control
public, max-age=14400
x-goog-stored-content-length
14461
CF-RAY
79a6a323dedf9bf4-FRA
Expires
Thu, 16 Feb 2023 17:30:20 GMT
header_gradient.jpg
cdn.ay.gy/static/image/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ay.gy/static/image/header_gradient.jpg
Requested by
Host: cdn.ay.gy
URL: https://cdn.ay.gy/static/css/static.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ay.gy/static/css/static.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:30:20 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8872
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
server
cloudflare
etag
"22a8-5faa60e6-8ea5f64bb41938f5;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUkIkjMm1zzTh9u0Z8LMk1UUjmSnqdE6MP%2FcME58t4KJ20CocgXe7L0HKCNRVb0AekkV3iLBUdPaY3i393B2T9ZJt0wHrVa48l745%2BgvLadkcjvW1pDsVDFF1c4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
79a6a323bb1835f4-FRA
expires
Thu, 23 Feb 2023 13:30:20 GMT
logo.png
cdn.ay.gy/static/image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ay.gy/static/image/logo.png
Requested by
Host: cdn.ay.gy
URL: https://cdn.ay.gy/static/css/static.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ay.gy/static/css/static.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:30:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1720
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10726
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
server
cloudflare
etag
"29e6-5faa60e6-b22ed065d915c717;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz7aZltRFXanc1L4hzUbBNiWYnCtcA9w1mCRj9aR2VLLooNZ2MRZ1Jhj60ZfmgtM6Duo58YgUFH7DjE4%2B1ImIC7etnQ%2FsRgW1C%2FIlFOGXLVlCjx22RKQuOOFElw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
79a6a323bb1a35f4-FRA
expires
Thu, 23 Feb 2023 13:01:36 GMT
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GT41R23D5L&gtm=45je32f0&_p=1783926926&cid=34196055.1676554220&ul=en-us&sr=1600x1200&_s=1&sid=1676554220&sct=1&seg=0&dl=http%3A%2F%2Foaxyteek.net%2Fnot-found.php&dt=AdF.ly%20-%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT41R23D5L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 13:30:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://oaxyteek.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify.html
ufpcdn.com/script/ Frame A98D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Referer
http://oaxyteek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
79a6a32449c42c6f-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 16 Feb 2023 13:30:20 GMT
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJJsMKS4HTeWmg5sShIBVpuDXc%2B4JGJ6EFiTZpq6tWhm6iuho76U9VodvQY%2FFlxBlPGeMJ3LW2ksK9Mdjw8OrTYIo7EAAUO3Z6kgYw2txeKqJgQh3Sg8lvGg3jDVRX5mKxf7kvnK9dVd"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:30:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4284
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 16 Feb 2023 12:18:56 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://oaxyteek.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISdgf4MUuwNSMSJrFa0GJyAhJR5TFuEp%2FJfEV%2FJvFSTsKWmwBD16%2F9crOn0ZgbozTbTxEDjTYgSDs1swZH2Mmm36zwqf0%2BNI23iZfttRgez9in883Kfybivr0z2LMbg1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
79a6a3255cd02bfa-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77547fcbe5a443808e72a4910afd0eb75127eb089b79e6d00d80ba00eeda6930

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:30:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvNJqv2WPqSeB2ei%2BaV23dVyofLS2cb4u0%2B4elTN2Ga4nVoCVA7S0pVLNJrXQTqt2PGD3vYDO4beKFoloIlyPAIm6MY0cm8z7fSgxfiPq0%2BpBo92OHfq%2FhApshcZ19WD"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://oaxyteek.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
79a6a3255cd32bfa-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
aquentlytujim.com/ 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aquentlytujim.com/utx?cb=g2GeIONpPuTv&top=oaxyteek.net&tid=709056
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.111.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-111-21.osl50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 13:30:20 GMT
via
1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
OSL50-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://oaxyteek.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
GGfSHB2UAikfkhwXo-V6V1RmS8VM7l-f22i67qEbIE6mT0KIcgoMkg==
AE4xClcWfi5aSSxmJFtiPEMUI1IEXzEjchBSOlsdRnYRUwA5bh8VezNNNBRdNW4dBGk6RhYkT0ZQZA1aJ2x6GkA4BB4BcR1lYjRPQFgcJlcsbDAKCBJlASFeLFAlI34MWRwLYjN1BChTEnwRKF48cT41TxdGDSpPN3cuEVE+YmYkWUd6clB6IWUGWnQdeg8xYAN8M...
aquentlytujim.com/NFdiOHRVNQFVS1VqAB4BRjtfHUZyclB+EAU5D0AdXTIVVAwCZVUWF1g4F1wSRjgMTFpaMhYdRnIzL1UMewY3DSZ1LiNWF2EOJHMaTGIjVCIRZSBcPFMCIFJEQR4nciZzEzN8LU44KnMDXC8rQBdzFCBpLXoUNEI1XzgLcTd2ATdvE18eJH4... Frame 9FC9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://aquentlytujim.com/NFdiOHRVNQFVS1VqAB4BRjtfHUZyclB+EAU5D0AdXTIVVAwCZVUWF1g4F1wSRjgMTFpaMhYdRnIzL1UMewY3DSZ1LiNWF2EOJHMaTGIjVCIRZSBcPFMCIFJEQR4nciZzEzN8LU44KnMDXC8rQBdzFCBpLXoUNEI1XzgLcTd2ATdvE18eJH4mUmUBTiJTYhhcI1wQKnsxRTRTDD1/BDcOI1wCWnMdXwIla00MHlMII34uUlEhBDtaekdHNDp/AE4xClcWfi5aSSxmJFtiPEMUI1IEXzEjchBSOlsdRnYRUwA5bh8VezNNNBRdNW4dBGk6RhYkT0ZQZA1aJ2x6GkA4BB4BcR1lYjRPQFgcJlcsbDAKCBJlASFeLFAlI34MWRwLYjN1BChTEnwRKF48cT41TxdGDSpPN3cuEVE+YmYkWUd6clB6IWUGWnQdeg8xYAN8MRV2F20fJF82BT9QWzN1EzpwQV8xI3ESeC4BTiV1ARBbA1MfOgsYQjEzaj97ZBodRnJxCEsbWidfbgF5BjRxHnIULWEzcg
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
HTTP/1.1
Server
54.230.111.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-111-51.osl50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
b93d3396999e508d7bad36d213048ec5e8aa8422c8446f11dbcacef683ae2844

Request headers

Referer
http://oaxyteek.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
1240
Content-Type
text/html
Date
Thu, 16 Feb 2023 13:30:20 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1OEAHV6NovzipqleloTuxxawp_9zkxV7rRJz-SXtvjS253NbQs9KKg==
X-Amz-Cf-Pop
OSL50-P1
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
P2MYXxcyUDQNBnYAYAUHYEk5VAx0AHZDRSdNJUMMdx85XlcpBHZGDHcXYB4HdhdiFkR7CHZEQSdebQEXNk0kXAx3D2cGBHMNYgIBdQtk
eoseurlingeringonl.xyz/UDAxRjl/D1I1BAJ4cwBvOwEDFHECWlceCBFTdnMNM2V/ 		0
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eoseurlingeringonl.xyz/UDAxRjl/D1I1BAJ4cwBvOwEDFHECWlceCBFTdnMNM2V/P2MYXxcyUDQNBnYAYAUHYEk5VAx0AHZDRSdNJUMMdx85XlcpBHZGDHcXYB4HdhdiFkR7CHZEQSdebQEXNk0kXAx3D2cGBHMNYgIBdQtk
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:30:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nka2Wl5Kf6DLvqW%2FFg5mO5c2HUKhB483LeC36Erm0x4OS2dqOt1GwCUojjyOpLcnx%2BO11UxEbqGKd4I0uVk8JcKilVUoFG%2ByWuPGNOJX9tSR%2Fz9iHgRJ8KsAX03xv6TpQVHXCsEP6eGt"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79a6a3259a31361e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
suurl.php
onclickgenius.com/script/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickgenius.com/script/suurl.php?r=2984815&cbrandom=0.2189501415555244&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=AdF.ly%20-%20Not%20Found&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
328f60612138709db7f9244b4fcf1cd3b4c20c3d1b160bb016aa61f5b39728ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 16 Feb 2023 13:30:20 GMT
Content-Encoding
gzip
Via
1.1 google
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
chrome.js
fbcdn2.com/script/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fbcdn2.com/script/chrome.js
Requested by
Host: fbcdn2.com
URL: http://fbcdn2.com/script/compatibility.js
Protocol
HTTP/1.1
Server
2606:4700::6810:da14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc5887cd65b601571ba60ff7e1b7af9d962582dc3dc249484d31683933f890a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 13:30:20 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1856
Transfer-Encoding
chunked
X-GUploader-UploadID
ADPycdtUW-JJ6VmJ_q005I5SHEiHBcDKXwaaMqLnjcvcZRD4Dn8pDsP5Dh4_4LOC6qrEFxR92Aeug7GZa-6zz3nZ9-eYa4b5Qogk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
Last-Modified
Tue, 21 Jun 2022 09:08:35 GMT
Server
cloudflare
ETag
W/"570f12f75cff1a833ca0c6d20df2d678"
Vary
Accept-Encoding
x-goog-generation
1655802515177297
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=+lXQYg==, md5=Vw8S91z/GoM8oMbSDfLWeA==
Cache-Control
public, max-age=14400
x-goog-stored-content-length
25892
CF-RAY
79a6a32559919bf4-FRA
Expires
Thu, 16 Feb 2023 17:30:20 GMT
/
d1nmxiiewlx627.cloudfront.net/dMmxOQU5RAyAncUYFKnx5AlV+dHgUBj0uIEJRGDQDYzoHKwhxIxcGCBQYNCVzAkoiICBVUWgkIFFRf2cvVg5zdWhGHCEqc14IKSU6WhU8KikUGS98I10WJy0iU0l8B3scXGtzfhobJy8qXRs9ZHwCAjpkfAJdfm9+F18MZH... Frame 9FC9 		605 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d1nmxiiewlx627.cloudfront.net/dMmxOQU5RAyAncUYFKnx5AlV+dHgUBj0uIEJRGDQDYzoHKwhxIxcGCBQYNCVzAkoiICBVUWgkIFFRf2cvVg5zdWhGHCEqc14IKSU6WhU8KikUGS98I10WJy0iU0l8B3scXGtzfhobJy8qXRs9ZHwCAjpkfAJdfm9+F18MZHwCGycveAZJfQNrAFw2d3obSX-xxL0IcIiQ5Vw4lKDoXXgh0fQVCfXdrAFxmKiZGASJkfHFJfHEiWwcrZHwCCysiJV1Fa3N+UQQ8LiNXSXwHfwNcYHFgB1h2cGADXH5kfAIfLycvQAVrcwgHX3lvfQRKO3x/
Requested by
Host: aquentlytujim.com
URL: http://aquentlytujim.com/NFdiOHRVNQFVS1VqAB4BRjtfHUZyclB+EAU5D0AdXTIVVAwCZVUWF1g4F1wSRjgMTFpaMhYdRnIzL1UMewY3DSZ1LiNWF2EOJHMaTGIjVCIRZSBcPFMCIFJEQR4nciZzEzN8LU44KnMDXC8rQBdzFCBpLXoUNEI1XzgLcTd2ATdvE18eJH4mUmUBTiJTYhhcI1wQKnsxRTRTDD1/BDcOI1wCWnMdXwIla00MHlMII34uUlEhBDtaekdHNDp/AE4xClcWfi5aSSxmJFtiPEMUI1IEXzEjchBSOlsdRnYRUwA5bh8VezNNNBRdNW4dBGk6RhYkT0ZQZA1aJ2x6GkA4BB4BcR1lYjRPQFgcJlcsbDAKCBJlASFeLFAlI34MWRwLYjN1BChTEnwRKF48cT41TxdGDSpPN3cuEVE+YmYkWUd6clB6IWUGWnQdeg8xYAN8MRV2F20fJF82BT9QWzN1EzpwQV8xI3ESeC4BTiV1ARBbA1MfOgsYQjEzaj97ZBodRnJxCEsbWidfbgF5BjRxHnIULWEzcg
Protocol
HTTP/1.1
Server
13.32.23.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-51.fra56.r.cloudfront.net
Software
/
Resource Hash
fa0589f3c78ef938a018276fe9ad82b52546f581c68c15bb80a8d9f33ef33c9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://aquentlytujim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 16 Feb 2023 13:30:20 GMT
content-encoding
gzip
Via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
467
X-Amz-Cf-Id
yQmvRaBrQxIGUS0oWcdtVDBzJacQHF2_gqxinfuTLzNsA7y1w4LFDQ==
popunder.gif
eoseurlingeringonl.xyz/
Redirect Chain
  • http://eoseurlingeringonl.xyz/popunder.gif
  • https://eoseurlingeringonl.xyz/popunder.gif
35 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eoseurlingeringonl.xyz/popunder.gif
Requested by
Host: oaxyteek.net
URL: http://oaxyteek.net/not-found.php
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Feb 2023 13:30:20 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 22:59:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
52227
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEPr9fKH2nvlvZbiS1y4rN%2B53vHHgU83X%2B5%2FdlxV6Ko6tlIrdp2rbbHn7KN6ISS2pif3wnIr%2BC%2B88DqmcyPJdqyXmqtk8vWZp5xhu4ugiRRvA8rrpbEVYVYHUS%2B8WDdnYWLa3syhXI6Y"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
79a6a327dd8b361e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Thu, 16 Feb 2023 13:30:20 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc2pDdZpIWNwYsNQ6sMWuki452j7VVBarQZlaY1H2e2xJ56CPeXOPn39AIznaYzQ8iSkvEzCM%2BVZP8jOPBE4ZzytE%2BrKTaJXotp6d%2BMawXNk5dkNWtRfXv5Q1S93lkWdMmDknkv4XU3o"}],"group":"cf-nel","max_age":604800}
Location
https://eoseurlingeringonl.xyz/popunder.gif
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
79a6a327bd5b2c27-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Thu, 16 Feb 2023 14:30:20 GMT
multi
aquentlytujim.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aquentlytujim.com/multi?cs=bmU0Y0lcUQVWeVdVAVt8W1YDUX4&abt=0&red=1&sm=76&k=&v=1.0.60.2&sts=0&prn=0&emb=0&tid=709056&rxy=1600_1200&u=1130563658766564&agec=1676554220&fs=1&mbkb=884.9557522123894&ref=http%3A%2F%2Foaxyteek.net%2Fnot-found.php&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F110.0.5481.100%20safari%2F537.36&tzd=0&uloc=&if=0&_Rz5N=1676554220800&crc=1
Requested by
Host: d1nmxiiewlx627.cloudfront.net
URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.111.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-111-21.osl50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
165fbc3354f58b5301503a487c5ab93d75f3170c61aceb3e46d73945fbb6565a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 13:30:20 GMT
content-encoding
gzip
via
1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
OSL50-P1
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
http://oaxyteek.net
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1554
x-amz-cf-id
YYW4_TZxHqvJtLH8eRQZ0wqHJfIiVOiUWzY_2FrffHp0wu4ANKyjDw==
truncated
/ Frame E739 		900 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://oaxyteek.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| dataLayer object| google_tag_manager object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal function| ufpAttach object| CTAMAT number| delay object| adcashUfp number| LAST_CORRECT_EVENT_TIME number| _2328677372 function| fa object| Cnac object| stamat function| NqPnfu6072816666798073 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| _adas_v211fa function| jonIUBFjnvJDNvluc0.3625740372508992

6 Cookies

Domain/Path Name / Value
neexulro.net/ Name: FLYSESSID
Value: 8fq1n6q7u8s4h8codscfegadvj
oaxyteek.net/ Name: FLYSESSID
Value: b84ds89lvho8772tiqlurn5p0n
.oaxyteek.net/ Name: _ga
Value: GA1.1.34196055.1676554220
.oaxyteek.net/ Name: _ga_GT41R23D5L
Value: GS1.1.1676554220.1.0.1676554220.0.0.0
pogothere.xyz/ Name: csu
Value: 1130563658766564@1@1676554220
oaxyteek.net/ Name: adcashufpv3
Value: 9211861793672793141157732666

1 Console Messages

Source Level URL
Text
network error URL: http://oaxyteek.net/not-found.php
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aquentlytujim.com
cdn.ay.gy
d1nmxiiewlx627.cloudfront.net
eoseurlingeringonl.xyz
fbcdn2.com
neexulro.net
oaxyteek.net
onclickgenius.com
pogothere.xyz
region1.google-analytics.com
ufpcdn.com
www.googletagmanager.com
104.21.0.99
13.32.23.51
172.64.129.18
172.64.132.29
188.114.96.12
188.114.96.3
188.114.97.3
2001:4860:4802:32::36
2606:4700:3030::6815:2ed2
2606:4700::6810:da14
2a00:1450:4001:80b::2008
35.190.71.96
54.230.111.21
54.230.111.51
0a98c453ea7455adf22fab95ada89dfd74bc76db5597bd9a3b8324452b4bf8b1
0efc53d98f21fefc32d8ad84c673919c539b0b3feb2dc96598cbeb58883bd04c
165fbc3354f58b5301503a487c5ab93d75f3170c61aceb3e46d73945fbb6565a
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4
328f60612138709db7f9244b4fcf1cd3b4c20c3d1b160bb016aa61f5b39728ff
77547fcbe5a443808e72a4910afd0eb75127eb089b79e6d00d80ba00eeda6930
7aa4e2795abc1f677e1780b7c4b2005f169adbdc5366d46b8b6217ff51442c25
7cb4263ccaaa637a20896180c003024db4b27f66c7fda6369bf852176003422c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b93d3396999e508d7bad36d213048ec5e8aa8422c8446f11dbcacef683ae2844
c16489c1f3b9a280b494d32d7436d91e5d555e02e4da98c80e69469ce98281ab
cc5887cd65b601571ba60ff7e1b7af9d962582dc3dc249484d31683933f890a0
e34fe81eabef2bb61177783c03c8042752b33b93e0ef6672a3b9e5698db1c865
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5da3836ee8902f644ce76daa364a21c6b686efb3ff7c26055b8a05037af4c7d
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fa0589f3c78ef938a018276fe9ad82b52546f581c68c15bb80a8d9f33ef33c9d
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a