nef2.com Open in urlscan Pro
2606:4700:3030::681c:1df9 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nef2.com/
Submission Tags: falconsandbox
Submission: On December 03 via api (December 3rd 2020, 4:57:47 am UTC) from US

Summary HTTP 34 Redirects Links 70 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3030::681c:1df9, located in United States and belongs to CLOUDFLARENET, US. The main domain is nef2.com.

This is the only time nef2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3030::681c:1df9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.196.96 139.45.196.96	9002 (RETN-AS) (RETN-AS)
10	88.85.66.226 88.85.66.226	35415 (WEBZILLA) (WEBZILLA)
1 3	212.224.118.36 212.224.118.36	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	2606:4700:20:... 2606:4700:20::681a:5af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.10 139.45.197.10	9002 (RETN-AS) (RETN-AS)
1	139.45.195.94 139.45.195.94	9002 (RETN-AS) (RETN-AS)
1	139.45.196.25 139.45.196.25	9002 (RETN-AS) (RETN-AS)
5	139.45.197.104 139.45.197.104	9002 (RETN-AS) (RETN-AS)
34	10

8 2606:4700:3030::681c:1df9 (United States)

ASN13335 (CLOUDFLARENET, US)

nef2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.96 (Ascension Island)

ASN9002 (RETN-AS, EU)

native.propellerclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 88.85.66.226 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 88.85.66.226.webazilla.com

hooptaik.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.224.118.36 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde49-3.fornex.org

ad.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:5af (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.admitad-connect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.10 (Ascension Island)

ASN9002 (RETN-AS, EU)

civadsoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.94 (Ascension Island)

ASN9002 (RETN-AS, EU)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.25 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.104 (Ascension Island)

ASN9002 (RETN-AS, EU)

petchesa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	hooptaik.net hooptaik.net	87 KB
8	nef2.com nef2.com	88 KB
5	petchesa.net petchesa.net Failed	2 KB
3	admitad.com 1 redirects ad.admitad.com	14 KB
2	civadsoo.net civadsoo.net	28 KB
2	admitad-connect.com cdn.admitad-connect.com	145 KB
2	propellerclick.com native.propellerclick.com
1	rtmark.net my.rtmark.net	765 B
1	onmarshtompor.com onmarshtompor.com
34	9

	Domain	Requested by
10	hooptaik.net	nef2.com hooptaik.net
8	nef2.com	nef2.com
5	petchesa.net	nef2.com
3	ad.admitad.com	1 redirects nef2.com
2	civadsoo.net	nef2.com
2	cdn.admitad-connect.com	nef2.com
2	native.propellerclick.com	nef2.com
1	my.rtmark.net	nef2.com
1	onmarshtompor.com	civadsoo.net
34	9

This site contains links to these domains. Also see Links.

Domain
remmont.com
ad.admitad.com
www.admitad.com

Subject Issuer	Validity	Valid
hooptaik.net Let's Encrypt Authority X3	`2020-11-24` - `2021-02-22`	3 months	crt.sh
ad.admitad.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-09` - `2021-12-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-02` - `2021-09-02`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
petchesa.net Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://nef2.com/
Frame ID: 8D4DED95A3A1B8580381CDEFDC41B020
Requests: 30 HTTP requests in this frame

Frame: http://onmarshtompor.com/fac.php
Frame ID: 908743D4FE374B212FBC29B453B07026
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 48D369792FCA50D721E96060384C31A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

34
Requests

59 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

10
IPs

4
Countries

363 kB
Transfer

869 kB
Size

1
Cookies

70 Outgoing links

These are links going to different origins than the main page.

URL: http://remmont.com/walmart-careers-submit-a-walmart-job-application-online-att-careers-att-careers/
Title: Walmart Careers. Walmart Job Application. Walmart Jobs. Walmart Application

Search URL Search Domain Scan URL

URL: http://remmont.com/lasd-inmate-locator/
Title: Lasd inmate locator | lasd inmate search | lasd inmate

Search URL Search Domain Scan URL

URL: http://remmont.com/bcso-jail-view-4/
Title: Bcso jail view – baldwin county jail view – bay minette jail

Search URL Search Domain Scan URL

URL: http://remmont.com/home-depot-mythdhr-3/
Title: home depot mythdhr

Search URL Search Domain Scan URL

URL: http://remmont.com/adc-inmate-lookup/
Title: adc inmate lookup

Search URL Search Domain Scan URL

URL: http://remmont.com/jailbase-3/
Title: jailbase

Search URL Search Domain Scan URL

URL: http://remmont.com/jail-view-2/
Title: jail view

Search URL Search Domain Scan URL

URL: http://remmont.com/scrj-mugshots/
Title: scrj mugshots

Search URL Search Domain Scan URL

URL: http://remmont.com/applebees-on-the-app-store-applebees-careers-applebees-careers/
Title: applebees on the app store applebees careers applebees careers

Search URL Search Domain Scan URL

URL: http://remmont.com/cjc-inmate/
Title: cjc inmate

Search URL Search Domain Scan URL

URL: http://remmont.com/lew-sterrett-jail-2/
Title: lew sterrett jail

Search URL Search Domain Scan URL

URL: http://remmont.com/srj-inmates-mugshots-3/
Title: srj inmates mugshots

Search URL Search Domain Scan URL

URL: http://remmont.com/home-box-office-corporate-site-hbo-careers-hbo-careers/
Title: home box office corporate site hbo careers hbo careers

Search URL Search Domain Scan URL

URL: http://remmont.com/officemax-file-cabinet-2/
Title: officemax file cabinet

Search URL Search Domain Scan URL

URL: http://remmont.com/new-york-city-tourist-attractions-20-top-rated-tourist-attractions-in-new-york-city-planetware/
Title: new york city tourist attractions 20 top rated tourist attractions in new york city planetware

Search URL Search Domain Scan URL

URL: http://remmont.com/the-j-smuckers-careers-smuckers-careers/
Title: the j smuckers careers smuckers careers

Search URL Search Domain Scan URL

URL: http://remmont.com/charmeck-inmate-inquiry-7/
Title: charmeck inmate inquiry

Search URL Search Domain Scan URL

URL: http://remmont.com/the-home-depot-www-careers-homedepot-com-www-careers-homedepot-com/
Title: the home depot www careers homedepot com www careers homedepot com

Search URL Search Domain Scan URL

URL: http://remmont.com/jailbase-mugshots-3/
Title: jailbase mugshots

Search URL Search Domain Scan URL

URL: http://remmont.com/used-auto-glass-replacement-windshield-replace-car-window-low-cost-sturtevant-auto-salvage-yard-wisconsin-used-auto-glass-used-auto-glass/
Title: used auto glass replacement windshield replace car window low cost sturtevant auto salvage yard wisconsin used auto glass used auto glass

Search URL Search Domain Scan URL

URL: http://remmont.com/agc-blind-gossip/
Title: agc blind gossip

Search URL Search Domain Scan URL

URL: http://remmont.com/black-bossip-2/
Title: black bossip

Search URL Search Domain Scan URL

URL: http://remmont.com/epilepsy-foundation-pick-up-2/
Title: epilepsy foundation pick up

Search URL Search Domain Scan URL

URL: http://remmont.com/vinelink-inmate-information-6/
Title: vinelink inmate information

Search URL Search Domain Scan URL

URL: http://remmont.com/flex-seal-tape-home-depot/
Title: flex seal tape home depot

Search URL Search Domain Scan URL

URL: http://remmont.com/home-depot-heaters/
Title: home depot heaters

Search URL Search Domain Scan URL

URL: http://remmont.com/jailbase-app/
Title: jailbase app

Search URL Search Domain Scan URL

URL: http://remmont.com/sac-sheriff-inmate-search-2/
Title: sac sheriff inmate search

Search URL Search Domain Scan URL

URL: http://remmont.com/auto-auction-online-auto-auction-online/
Title: auto auction online auto auction online

Search URL Search Domain Scan URL

URL: http://remmont.com/4th-ave-jail-2/
Title: 4th ave jail

Search URL Search Domain Scan URL

URL: http://remmont.com/dallas-bonsai-tobacco-pipe-parts-2/
Title: dallas bonsai tobacco pipe parts

Search URL Search Domain Scan URL

URL: http://remmont.com/potomac-highlands-regional-jail-mugshots/
Title: potomac highlands regional jail mugshots

Search URL Search Domain Scan URL

URL: http://remmont.com/credit-one-payment-number-credit-one-payment-number/
Title: credit one payment number credit one payment number

Search URL Search Domain Scan URL

URL: http://remmont.com/dmv-phoenix-arizona-mvd-locations-opening-hours-near-me/
Title: dmv phoenix arizona mvd locations opening hours near me

Search URL Search Domain Scan URL

URL: http://remmont.com/insidescripps-2/
Title: insidescripps

Search URL Search Domain Scan URL

URL: http://remmont.com/new-castle-de-weather-video-2/
Title: new castle de weather video

Search URL Search Domain Scan URL

URL: http://remmont.com/cada-insurance-auto-insurance-license-plates-titles-transfers-general-liability-group-health-commercial-gl-workers-compensation-homeowners-insurance-auto-insurance-baton-rouge-la-2/
Title: cada insurance auto insurance license plates titles transfers general liability group health commercial gl workers compensation homeowners insurance auto insurance baton rouge la

Search URL Search Domain Scan URL

URL: http://remmont.com/current-time-in-florida-usa-video/
Title: current time in florida usa video

Search URL Search Domain Scan URL

URL: http://remmont.com/footaction-careers-footaction-careers-footaction-careers/
Title: footaction careers footaction careers footaction careers

Search URL Search Domain Scan URL

URL: http://remmont.com/hollister-meadowhall-careers-hollisterco-com-careers-hollisterco-com-2/
Title: hollister meadowhall careers hollisterco com careers hollisterco com

Search URL Search Domain Scan URL

URL: http://remmont.com/urgent-care-dallas-national-urgent-care-center-accreditation/
Title: urgent care dallas national urgent care center accreditation

Search URL Search Domain Scan URL

URL: http://remmont.com/used-auto-parts-and-cheap-car-parts-in-phoenix-az-pick-a-part-of-arizona-auto-wrecking-yards-auto-wrecking-yards/
Title: used auto parts and cheap car parts in phoenix az pick a part of arizona auto wrecking yards auto wrecking yards

Search URL Search Domain Scan URL

URL: http://remmont.com/acupuncture-san-diego-video-3/
Title: acupuncture san diego video

Search URL Search Domain Scan URL

URL: http://remmont.com/dallas-chat-lines-top-20-phone-dating-chatlines-and-party-lines-free-trials/
Title: dallas chat lines top 20 phone dating chatlines and party lines free trials

Search URL Search Domain Scan URL

URL: http://remmont.com/affordable-health-insurance-tampa-video/
Title: affordable health insurance tampa video

Search URL Search Domain Scan URL

URL: http://remmont.com/colleges-in-tennessee-map-video-2/
Title: colleges in tennessee map video

Search URL Search Domain Scan URL

URL: http://remmont.com/used-and-pre-owned-cars-trucks-hendersonville-nc-egolf-hendersonville-used-cars-and-trucks-used-cars-and-trucks/
Title: used and pre owned cars trucks hendersonville nc egolf hendersonville used cars and trucks used cars and trucks

Search URL Search Domain Scan URL

URL: http://remmont.com/american-car-websites-video-2/
Title: american car websites video

Search URL Search Domain Scan URL

URL: http://remmont.com/frito-lay-jobs-careers-frito-lay-careers-frito-lay-careers/
Title: frito lay jobs careers frito lay careers frito lay careers

Search URL Search Domain Scan URL

URL: http://remmont.com/metro-jail-3/
Title: metro jail

Search URL Search Domain Scan URL

URL: http://remmont.com/napsrx-the-national-association-of-pharmaceutical-sales-representatives-pharmaceutical-certification-pharmaceutical-certification/
Title: napsrx the national association of pharmaceutical sales representatives pharmaceutical certification pharmaceutical certification

Search URL Search Domain Scan URL

URL: http://remmont.com/state-of-texas-corporation-search-and-video/
Title: state of texas corporation search and video

Search URL Search Domain Scan URL

URL: http://remmont.com/vpso-inmates-2/
Title: vpso inmates

Search URL Search Domain Scan URL

URL: http://remmont.com/abt-chicago-top-93-reviews-and-complaints-about-abt/
Title: abt chicago top3 reviews and complaints about abt

Search URL Search Domain Scan URL

URL: http://remmont.com/hope-hospice-hospice-careers-hospice-careers/
Title: hope hospice hospice careers hospice careers

Search URL Search Domain Scan URL

URL: http://remmont.com/police-k9-4/
Title: police k9

Search URL Search Domain Scan URL

URL: http://remmont.com/category/apartment/
Title: Apartment

Search URL Search Domain Scan URL

URL: http://remmont.com/category/auto/
Title: Auto

Search URL Search Domain Scan URL

URL: http://remmont.com/category/car/
Title: Car

Search URL Search Domain Scan URL

URL: http://remmont.com/category/credit/
Title: Credit

Search URL Search Domain Scan URL

URL: http://remmont.com/category/insurance/
Title: Insurance

Search URL Search Domain Scan URL

URL: http://remmont.com/category/loan/
Title: Loan

Search URL Search Domain Scan URL

URL: http://remmont.com/category/news/
Title: News

Search URL Search Domain Scan URL

URL: http://remmont.com/category/pharma/
Title: Pharma

Search URL Search Domain Scan URL

URL: http://remmont.com/category/real-estate/
Title: Real Estate

Search URL Search Domain Scan URL

URL: http://remmont.com/category/rental/
Title: Rental

Search URL Search Domain Scan URL

URL: http://remmont.com/category/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: http://remmont.com/category/usa/
Title: USA

Search URL Search Domain Scan URL

URL: https://ad.admitad.com/g/hh1jibziav1a6fc317ffe683584499

Search URL Search Domain Scan URL

URL: https://www.admitad.com/webmaster/dm4yljo9q4/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://ad.admitad.com/shuffle/8ada3a2473/?inject_to=admitad_shuffle22314965 HTTP 302
https://cdn.admitad-connect.com/public/default/banners/2015/09/21/5eb21ed994f0f1beab85252981d8173a.jpg

34 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
nef2.com/ 246 KB
62 KB 54ms
37ms Document
text/html 2606:4700:3030::681c:1df9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::681c:1df9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / EasyEngine 3.7.4
Resource Hash: 80f13930dc03b13cc2558fa624fbab4094f67d1b276da984a0cf065180ba4a95

Request headers

Host: nef2.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d9680c56ef39e68560d91472cdacf3ead1606971450; expires=Sat, 02-Jan-21 04:57:30 GMT; path=/; domain=.nef2.com; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
Link: <http://nef2.com/wp-json/>; rel="https://api.w.org/"
X-Powered-By: EasyEngine 3.7.4
rt-Fastcgi-Cache: HIT
CF-Cache-Status: DYNAMIC
cf-request-id: 06c88f7c1a0000c295868cf000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UalCHPLPkGk88BxUzWH7jmrUNeAMWKM38jCdTw2eJCFJUa%2B0ijbIBAHGv9BT%2BpROsK9%2BhmqpbvcXggqu9w2zsgybpXLtS%2BuvXuvJWUWZZL84offS8g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5fbab50cff54c295-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK style.min.css
nef2.com/wp-includes/css/dist/block-library/ 40 KB
7 KB 370ms
365ms Stylesheet
text/css 2606:4700:3030::681c:1df9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nef2.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.4
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::681c:1df9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 06c88f7c4900001f294b0ce000000001
Last-Modified: Sun, 06 Sep 2020 06:13:58 GMT
Server: cloudflare
ETag: W/"5f547e26-a055"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gk2ZjS6xBi%2FOwmIJh06RvQyN4g7JVj0rFRfkWrpLVve7dBwRooEf%2BQKd07sGGaGu2LufP%2BYeoZNGoF5rqozZLqCYzu5epJII8%2B8O6yTK5%2B3P7tbk2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-RAY: 5fbab50d4d911f29-FRA
Expires: Fri, 04 Dec 2020 04:57:30 GMT

GET
H/1.1 200
OK style.css
nef2.com/wp-content/themes/neo-zee/ 39 KB
7 KB 80ms
74ms Stylesheet
text/css 2606:4700:3030::681c:1df9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nef2.com/wp-content/themes/neo-zee/style.css?ver=5.3.4
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::681c:1df9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0faff56e5a9cdcafa9a070fa5ae692174a652527590bf9238dc221019bcc8ac

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 06c88f7c490000c2fea10fc000000001
Last-Modified: Sun, 06 Sep 2020 06:14:00 GMT
Server: cloudflare
ETag: W/"5f547e28-9aa3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F9%2F30lwERaen2cEhCAqSrGOmgA7m4CxdjbF7wg5hnMrWG5a6ZYlv0L3AOooCwUpyoelIXy71PjgTCyH4qLNertoxKmat9tBJY46gSp9K77cslKSciQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-RAY: 5fbab50d4f6bc2fe-FRA
Expires: Fri, 04 Dec 2020 04:57:30 GMT

GET
H/1.1 200
OK cal.png
nef2.com/wp-content/themes/neo-zee/images/ 1 KB
2 KB 317ms
316ms Image
image/png 2606:4700:3030::681c:1df9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nef2.com/wp-content/themes/neo-zee/images/cal.png
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::681c:1df9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece1c1f247a031f49d09c4d951d41c3da7af11cb9fbaa5dd726314362cef7f7c

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 1069
cf-request-id: 06c88f7c600000c29503a17000000001
Last-Modified: Sun, 06 Sep 2020 06:14:00 GMT
Server: cloudflare
ETag: "5f547e28-42d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tk86%2B7%2FYhC9cHA8qWaSghU%2FC5LkuGlZZFIs%2BGcN7PzQSjFw0MxsLt8jPgC2%2FfRT3hRtax9SgEXqjeeVPbKWzMzMUFe%2FFssTfRP5TM0rBs0SdyOeRQg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 5fbab50d6fccc295-FRA
Expires: Fri, 04 Dec 2020 04:57:30 GMT

GET
H/1.1 200
OK aut.png
nef2.com/wp-content/themes/neo-zee/images/ 889 B
2 KB 318ms
313ms Image
image/png 2606:4700:3030::681c:1df9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nef2.com/wp-content/themes/neo-zee/images/aut.png
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::681c:1df9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05a5d10ce178786036ee7f7e6598bc67020045fc0d701c70803850628fa973d0

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 889
cf-request-id: 06c88f7c660000637180327000000001
Last-Modified: Sun, 06 Sep 2020 06:14:00 GMT
Server: cloudflare
ETag: "5f547e28-379"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S50meYHbicO6P7VulGTXDs%2FfDoGygH4JCNnfkRG45HygDqLpmjedom4rdgfmnNWR0IkORGJmaJV8Tigt8dMnbNtwzg%2BRcFD9Fht%2FCwfJCz8SkIpr0A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 5fbab50d6eb36371-FRA
Expires: Fri, 04 Dec 2020 04:57:30 GMT

GET
H/1.1 200
OK cat.png
nef2.com/wp-content/themes/neo-zee/images/ 573 B
1 KB 362ms
357ms Image
image/png 2606:4700:3030::681c:1df9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://nef2.com/wp-content/themes/neo-zee/images/cat.png
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::681c:1df9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73bdcab27f5d2c8d5efde6f55e731ed1b7ff9e3fbd22955ec000d75660149f6

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 573
cf-request-id: 06c88f7c650000649deba2e000000001
Last-Modified: Sun, 06 Sep 2020 06:14:00 GMT
Server: cloudflare
ETag: "5f547e28-23d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U3AWiDXJfAwynqB6IR92h6kDwwUPqz1RVSYE667HwKQO6hacGdhts8vhj%2Bn%2BL1pTKIcYN%2F5D5Np6KOOCXb%2BNYsglp1JdeFUkDlBN4Zx3AIKafXFuPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
CF-RAY: 5fbab50d69c5649d-FRA
Expires: Fri, 04 Dec 2020 04:57:30 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
nef2.com/wp-includes/js/ 14 KB
5 KB 342ms
336ms Script
application/javascript 2606:4700:3030::681c:1df9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nef2.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.4
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::681c:1df9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 06c88f7c6500002b7dd63cc000000001
Last-Modified: Sun, 06 Sep 2020 06:13:57 GMT
Server: cloudflare
ETag: W/"5f547e25-362a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iigU1tcdr5SD9fkw1PCLyOK4owbyFv3BPnh12fMIWk0h64ZlCPo5ViBKXsvkJXI3Jxi8wKd%2BhcpntnKZq1UD5EyStAeXf3Zl94chNGz1D71jjkjYag%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-RAY: 5fbab50d6c2c2b7d-FRA
Expires: Fri, 04 Dec 2020 04:57:30 GMT

GET
H/1.1 404
Not Found 1
native.propellerclick.com/ 0
0 131ms
96ms Script
text/plain 139.45.196.96
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://native.propellerclick.com/1?z=2846960
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 139.45.196.96 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
X-Sc: 4KdnrdofxFOHMlcU
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 7

GET
H/1.1 200
OK tag.min.js Show response
hooptaik.net/pfe/current/ 39 KB
11 KB 167ms
56ms Script
application/javascript 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://hooptaik.net/pfe/current/tag.min.js?z=2477472
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.226.webazilla.com
Software: nginx /
Resource Hash: ad8af06b401b59ef30e6a7d21de541f36572c9fcb6b193461c18b997d589cb44

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 04:57:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Nov 2020 11:53:57 GMT
Server: nginx
ETag: W/"5fb7ae55-9be1"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK wp-embed.min.js Show response
nef2.com/wp-includes/js/ 1 KB
1 KB 285ms
285ms Script
application/javascript 2606:4700:3030::681c:1df9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://nef2.com/wp-includes/js/wp-embed.min.js?ver=5.3.4
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::681c:1df9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 06c88f7c960000c2fe0c28e000000001
Last-Modified: Sun, 06 Sep 2020 06:13:58 GMT
Server: cloudflare
ETag: W/"5f547e26-577"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lSV3XpZQfHKrHjPibWl8TEJzKJMMlV4nWqsajL6m0JZfRKWSJpNjPvglLDVvYwsRFVqzojVax6MRFrVRimx74%2B6pqrlHf%2FQAcSKNPXM0V74q%2Fs%2Fe5g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-RAY: 5fbab50db868c2fe-FRA
Expires: Fri, 04 Dec 2020 04:57:30 GMT

GET
H2 200 / Show response
ad.admitad.com/shuffle/8ada3a2473/ 7 KB
7 KB 204ms
102ms Script
text/javascript 212.224.118.36
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.admitad.com/shuffle/8ada3a2473/?inject_to=admitad_shuffle36536427
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.224.118.36 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde49-3.fornex.org
Software: nginx /
Resource Hash: a5fc46aa4a52302060551f2b106c2d6cb029ae3eddf7dad88e4011670e951ff4

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 04:57:31 GMT
server: nginx
content-type: text/javascript
content-length: 6771
p3p: CP="NON DSP COR CURa TIA"

GET
H2

200

5eb21ed994f0f1beab85252981d8173a.jpg Show response
cdn.admitad-connect.com/public/default/banners/2015/09/21/
Redirect Chain

https://ad.admitad.com/shuffle/8ada3a2473/?inject_to=admitad_shuffle22314965
https://cdn.admitad-connect.com/public/default/banners/2015/09/21/5eb21ed994f0f1beab85252981d8173a.jpg

81 KB
82 KB

33ms
11ms

Script
image/jpeg

2606:4700:20::681a:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admitad-connect.com/public/default/banners/2015/09/21/5eb21ed994f0f1beab85252981d8173a.jpg
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:5af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dce6df772659a455f22eb81d175bfdb7dca29c6173eaf73089a4d8fff702cdd

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 04:57:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12850
cf-bgj: h2pri
content-length: 82891
cf-request-id: 06c88f7ed70000dfe3000d9000000001
last-modified: Tue, 03 Mar 2020 16:45:34 GMT
server: cloudflare
etag: "45bad13c87f505fddc7599364f6697ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ga5iTiyb%2BUfmUUrxHZK9VAXOIJbc3%2BuGzRGr%2FswGe8sKn%2FWGfsGqBRnswgrQak2BoQcZgfH7allUhXM9VO4G9Q70T7QQ%2FXhIr99wXQ4tkqjfNf1nV8i8r2ZT%2Fxc4DmKy9Yaj9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 5fbab5115958dfe3-FRA
expires: Fri, 04 Dec 2020 01:23:21 GMT

Redirect headers

location: https://cdn.admitad-connect.com/public/default/banners/2015/09/21/5eb21ed994f0f1beab85252981d8173a.jpg
date: Thu, 03 Dec 2020 04:57:31 GMT
server: nginx
content-type: text/html; charset=utf-8
content-length: 411
p3p: CP="NON DSP COR CURa TIA"

GET
H2 200 / Show response
ad.admitad.com/shuffle/8ada3a2473/ 7 KB
7 KB 183ms
83ms Script
text/javascript 212.224.118.36
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.admitad.com/shuffle/8ada3a2473/?inject_to=admitad_shuffle46236885
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.224.118.36 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde49-3.fornex.org
Software: nginx /
Resource Hash: 6ed7edc45a71b0ae9b6c08611030c3aedb803a63d4ef89645f9183b799bf1efc

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 04:57:31 GMT
server: nginx
content-type: text/javascript
content-length: 6771
p3p: CP="NON DSP COR CURa TIA"

GET
H/1.1 404
Not Found 1
native.propellerclick.com/ 0
0 60ms
60ms Script
text/plain 139.45.196.96
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://native.propellerclick.com/1?z=2846960
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Server: 139.45.196.96 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:30 GMT
X-Sc: 4KdnrdofxFOHMlcU
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 7

GET
H/1.1 200
OK apu.php Show response
civadsoo.net/ 3 KB
2 KB 153ms
107ms XHR
application/json 139.45.197.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://civadsoo.net/apu.php?zoneid=2477517&oo=1

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Server

139.45.197.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

f15c238240828a11bcba8d49577c395e1128cd81ede1db50c1c5bfa5cbcf82e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b1c580346de9dd458655909793fea3f3
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://nef2.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
civadsoo.net/ 83 KB
26 KB 137ms
91ms Script
application/javascript 139.45.197.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://civadsoo.net/tag.min.js

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Server

139.45.197.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

75622ce891ad3fd12fce3315be5ef9b1a27231fe40c6ba2ebd4b15fbc3287881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 25497
X-Trace-Id: b6ae690c61379aa155a51ea4fdfc540f
Pragma: no-cache
Last-Modified: Wed, 02 Dec 2020 14:29:30 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK zone Show response
hooptaik.net/ 716 B
1 KB 62ms
61ms Fetch
application/json 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://hooptaik.net/zone?pub=0&zone_id=2477472&is_mobile=false&domain=nef2.com&var=&ymid=&var_3=

Requested by

Host: hooptaik.net
URL: https://hooptaik.net/pfe/current/tag.min.js?z=2477472

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

88.85.66.226.webazilla.com

Software

nginx /

Resource Hash

b4f5edf241778ca5552efb98cf9fe13dfab4b74bd4bd2473b1701f104cd3df36

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: eee1013e257715f0878536af55ea4b7a
Date: Thu, 03 Dec 2020 04:57:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
hooptaik.net/pfe/current/ 188 KB
54 KB 188ms
84ms Fetch
application/javascript 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://hooptaik.net/pfe/current/universal.min.js?v=3.1.280
Requested by: Host: hooptaik.net
URL: https://hooptaik.net/pfe/current/tag.min.js?z=2477472
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.226.webazilla.com
Software: nginx /
Resource Hash: c8dc7b19cc73dcae7b05da62447e293e0dc1c6964a1410a7997d3d1e861771fb

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Nov 2020 11:53:57 GMT
Server: nginx
ETag: W/"5fb7ae55-2f127"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://nef2.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET jquery-ui.css
petchesa.net/ 0
0

GET
H2 200 9a6a426bb817812a6740f567f3d81e1a.jpg
cdn.admitad-connect.com/public/bs/2020/09/17/ 62 KB
63 KB 35ms
17ms Image
image/jpeg 2606:4700:20::681a:5af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.admitad-connect.com/public/bs/2020/09/17/9a6a426bb817812a6740f567f3d81e1a.jpg
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:5af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c200dee3269d0be3188a09a6e3466596facb245db674838e979d823568520a13

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 04:57:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 85486
cf-bgj: h2pri
content-length: 63814
cf-request-id: 06c88f7ed70000dfe33188e000000001
last-modified: Thu, 17 Sep 2020 01:35:42 GMT
server: cloudflare
etag: "a919be5c9af9914c26f3be14ba121dc2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lpcPfpgsZ4IZgq9ARRTs0NogOROXRwxQ1AoEpXXHuuQDotOPWP%2FmaNJ%2F3l5oqN6%2B1mODkYujBHS667REiiTfVt4KoCnImYGcQfpuNnzftfJpfubS%2FVYqy1ho%2FvwrDAh2hXmbBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 5fbab5115959dfe3-FRA
expires: Thu, 03 Dec 2020 05:12:45 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18a9e1031cc3a50338fed6cefd5d131a86637c10c2558baf00e37b6eba8d97d8

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 299 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d053cfb57619c8815b467e8fb5a96585124835dfbaef7f425ff1d0cc07754d05

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content fac.php
onmarshtompor.com/ Frame 9087 0
0 117ms
87ms Document
text/html 139.45.195.94
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onmarshtompor.com/fac.php

Requested by

Host: civadsoo.net
URL: http://civadsoo.net/tag.min.js

Protocol

HTTP/1.1

Server

139.45.195.94 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: onmarshtompor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://nef2.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://nef2.com/

Response headers

Server: nginx
Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 86a6f948c3ad0fd215e7b7dfb7208ca8
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

OPTIONS
H/1.1 200
OK custom
hooptaik.net/ Frame 0
0 51ms
51ms Other
text/plain 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://hooptaik.net/custom
Protocol: HTTP/1.1
Server: 88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.226.webazilla.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://nef2.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
hooptaik.net/ 39 B
482 B 61ms
61ms Fetch
application/json 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://hooptaik.net/custom

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

88.85.66.226.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 2e4e397a9f96df5acd167b00cdc10d6f
Date: Thu, 03 Dec 2020 04:57:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
765 B 263ms
64ms Fetch
application/json 139.45.196.25
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=16de899c662543708d287c958c5d76bf&zoneId=2477472&checkDuplicate=true&ymid=&var=

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.25 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

d82006323850cb7faea9ba5e2592b8afd74106fe5892724734d9da1d2ffd53ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H/1.1 204
No Content icon.png
petchesa.net/ 0
754 B 256ms
74ms Image
text/plain 139.45.197.104
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://petchesa.net/icon.png?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODQ2OTYx

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.104 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1, max-age=1
X-Content-Type-Options	nosniff, nosniff

Request headers

Origin: http://nef2.com
Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 04:57:31 GMT
X-Sc: 4KdnrdofxFOHMlcU
Server: nginx
Strict-Transport-Security: max-age=1, max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Expose-Headers: X-Sc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 7
X-Content-Type-Options: nosniff, nosniff

GET
H/1.1 200
OK defaultSkin.min.js Show response
hooptaik.net/pfe/current/ 56 KB
19 KB 57ms
57ms Fetch
application/javascript 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://hooptaik.net/pfe/current/defaultSkin.min.js
Requested by: Host: nef2.com
URL: http://nef2.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.226.webazilla.com
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Nov 2020 11:53:57 GMT
Server: nginx
ETag: W/"5fb7ae55-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://nef2.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

OPTIONS
H/1.1 200
OK data.json
petchesa.net/ Frame 0
0 64ms
64ms Other 139.45.197.104
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchesa.net/data.json

Protocol

HTTP/1.1

Server

139.45.197.104 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: token
Origin: http://nef2.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Headers: Token,Content-Type,X-Log-Type
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *

GET
H/1.1 204
No Content data.json Show response
petchesa.net/ 0
589 B 141ms
141ms XHR
text/plain 139.45.197.104
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchesa.net/data.json

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.104 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1, max-age=1
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Token: aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODQ2OTYx

Response headers

Date: Thu, 03 Dec 2020 04:57:31 GMT
X-Content-Type-Options: nosniff, nosniff
Server: nginx
Strict-Transport-Security: max-age=1, max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Expose-Headers: X-Sc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Token,Content-Type
Content-Length: 7

OPTIONS
H/1.1 200
OK custom
hooptaik.net/ Frame 0
0 64ms
51ms Other
text/plain 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://hooptaik.net/custom
Protocol: HTTP/1.1
Server: 88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.226.webazilla.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://nef2.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
hooptaik.net/ 39 B
482 B 57ms
56ms Fetch
application/json 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://hooptaik.net/custom

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

88.85.66.226.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 4ca7216221ef6f005974c2fc425eb96a
Date: Thu, 03 Dec 2020 04:57:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
DATA 200
OK truncated
/ Frame 48D3 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
hooptaik.net/ Frame 0
0 75ms
51ms Other
text/plain 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://hooptaik.net/custom
Protocol: HTTP/1.1
Server: 88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 88.85.66.226.webazilla.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://nef2.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 03 Dec 2020 04:57:31 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
hooptaik.net/ 39 B
482 B 61ms
55ms Fetch
application/json 88.85.66.226
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://hooptaik.net/custom

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.85.66.226 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

88.85.66.226.webazilla.com

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 5541cc37b4be550ff22fc7fcab3f54da
Date: Thu, 03 Dec 2020 04:57:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK articles.json
petchesa.net/ Frame 0
0 169ms
57ms Other 139.45.197.104
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchesa.net/articles.json

Protocol

HTTP/1.1

Server

139.45.197.104 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1 max-age=1
X-Content-Type-Options	nosniff nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: token
Origin: http://nef2.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 03 Dec 2020 04:57:41 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Allow-Headers: Token,Content-Type,X-Log-Type
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1 max-age=1
X-Content-Type-Options: nosniff nosniff
Timing-Allow-Origin: * *

GET
H/1.1 204
No Content articles.json Show response
petchesa.net/ 0
694 B 234ms
101ms XHR
text/plain 139.45.197.104
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchesa.net/articles.json

Requested by

Host: nef2.com
URL: http://nef2.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.104 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1, max-age=1
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: http://nef2.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Token: aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODQ2OTYx

Response headers

Date: Thu, 03 Dec 2020 04:57:41 GMT
X-Sc: 4KdnrdofxFOHMlcU
Server: nginx
Strict-Transport-Security: max-age=1, max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://nef2.com
Access-Control-Expose-Headers: X-Sc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Token,Content-Type
Content-Length: 7
X-Content-Type-Options: nosniff, nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: petchesa.net
URL: https://petchesa.net/jquery-ui.css?aHR0cHM6Ly9uYXRpdmUucHJvcGVsbGVyY2xpY2suY29tLzE/ej0yODQ2OTYx

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nef2.com/	1970-01-19 15:06:03	Name: __cfduid Value: d9680c56ef39e68560d91472cdacf3ead1606971450

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.admitad.com
cdn.admitad-connect.com
civadsoo.net
hooptaik.net
my.rtmark.net
native.propellerclick.com
nef2.com
onmarshtompor.com
petchesa.net
petchesa.net
139.45.195.94
139.45.196.25
139.45.196.96
139.45.197.10
139.45.197.104
212.224.118.36
2606:4700:20::681a:5af
2606:4700:3030::681c:1df9
88.85.66.226
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
05a5d10ce178786036ee7f7e6598bc67020045fc0d701c70803850628fa973d0
18a9e1031cc3a50338fed6cefd5d131a86637c10c2558baf00e37b6eba8d97d8
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
6ed7edc45a71b0ae9b6c08611030c3aedb803a63d4ef89645f9183b799bf1efc
75622ce891ad3fd12fce3315be5ef9b1a27231fe40c6ba2ebd4b15fbc3287881
80f13930dc03b13cc2558fa624fbab4094f67d1b276da984a0cf065180ba4a95
8dce6df772659a455f22eb81d175bfdb7dca29c6173eaf73089a4d8fff702cdd
a5fc46aa4a52302060551f2b106c2d6cb029ae3eddf7dad88e4011670e951ff4
a73bdcab27f5d2c8d5efde6f55e731ed1b7ff9e3fbd22955ec000d75660149f6
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
ad8af06b401b59ef30e6a7d21de541f36572c9fcb6b193461c18b997d589cb44
b4f5edf241778ca5552efb98cf9fe13dfab4b74bd4bd2473b1701f104cd3df36
c200dee3269d0be3188a09a6e3466596facb245db674838e979d823568520a13
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c8dc7b19cc73dcae7b05da62447e293e0dc1c6964a1410a7997d3d1e861771fb
d053cfb57619c8815b467e8fb5a96585124835dfbaef7f425ff1d0cc07754d05
d82006323850cb7faea9ba5e2592b8afd74106fe5892724734d9da1d2ffd53ef
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e0faff56e5a9cdcafa9a070fa5ae692174a652527590bf9238dc221019bcc8ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece1c1f247a031f49d09c4d951d41c3da7af11cb9fbaa5dd726314362cef7f7c
f15c238240828a11bcba8d49577c395e1128cd81ede1db50c1c5bfa5cbcf82e5
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

nef2.com Open in urlscan Pro 2606:4700:3030::681c:1df9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

34 Requests

59 %HTTPS

22 %IPv6

9 Domains

9 Subdomains

10 IPs

4 Countries

363 kBTransfer

869 kBSize

1 Cookies

70 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nef2.com Open in urlscan Pro
2606:4700:3030::681c:1df9 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

59 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

10
IPs

4
Countries

363 kB
Transfer

869 kB
Size

1
Cookies

34 HTTP transactions
3 data transactions