www.newsdirect.com Open in urlscan Pro
54.161.21.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vaultdox.inisli.com/ayk.php
Effective URL:
https://www.newsdirect.com/guest-content/casino-utan-svensk-licens-basta-casinon-utan-spelpaus
Submission: On April 16 via api (April 16th 2024, 8:26:33 am UTC) from IT — Scanned from IT

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 22 domains to perform 52 HTTP transactions. The main IP is 54.161.21.144, located in and belongs to . The main domain is www.newsdirect.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 18th 2023. Valid for: a year.

This is the only time www.newsdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.144.3.194 162.144.3.194	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a02:4780:6:1... 2a02:4780:6:1421:0:185a:d12:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
1	37.97.241.10 37.97.241.10	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	65.109.88.248 65.109.88.248	24940 (HETZNER-AS) (HETZNER-AS)
12	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
7	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
4	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
1	172.67.193.52 172.67.193.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	153.92.9.125 153.92.9.125	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
2 10	139.45.197.245 139.45.197.245	() ()
2	139.45.195.253 139.45.195.253	() ()
2 2	2600:9000:26d... 2600:9000:26db:4800:e:7494:7e00:93a1	() ()
1	192.0.78.26 192.0.78.26	() ()
1	104.244.42.69 104.244.42.69	() ()
2 3	54.161.21.144 54.161.21.144	() ()
1	2606:4700::68... 2606:4700::6812:561e	() ()
52	19

1 162.144.3.194 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-3-194.unifiedlayer.com

vaultdox.inisli.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:4780:6:1421:0:185a:d12:2 (Jakarta, Indonesia)

ASN47583 (AS-HOSTINGER, CY)

teknonebula.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

alwingulla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

drvee07.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.97.241.10 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 37-97-241-10.colo.transip.net

www.flagcounter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.88.248 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.248.88.109.65.clients.your-server.de

docplayer.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

veepteero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gishejuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cameesse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

moonoafy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

aistekso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 153.92.9.125 (Jakarta, Indonesia)

ASN47583 (AS-HOSTINGER, CY)

teknonebula.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.197.245 (None, ) 2 redirects

ASN- ()

vaizauwe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.253 (None, )

ASN- ()

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:4800:e:7494:7e00:93a1 (None, ) 2 redirects

ASN- ()

resionsfrester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.26 (None, )

ASN- ()

href.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (None, )

ASN- ()

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.161.21.144 (None, ) 2 redirects

ASN- ()

www.newsdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newsdirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:561e (None, )

ASN- ()

f.hubspotusercontent10.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	vaizauwe.com 2 redirects vaizauwe.com	31 KB
7	moonoafy.net moonoafy.net — Cisco Umbrella Rank: 159506	42 KB
6	cameesse.net cameesse.net — Cisco Umbrella Rank: 57157	149 KB
4	gishejuy.com gishejuy.com — Cisco Umbrella Rank: 101977	33 KB
4	aistekso.net aistekso.net — Cisco Umbrella Rank: 97456	36 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12250	2 KB
3	newsdirect.com 2 redirects www.newsdirect.com newsdirect.com	2 KB
3	teknonebula.info teknonebula.info	9 KB
2	resionsfrester.com 2 redirects resionsfrester.com	1 KB
2	datatechone.com datatechone.com	930 B
2	veepteero.com veepteero.com — Cisco Umbrella Rank: 185398	5 KB
2	github.io drvee07.github.io	5 KB
1	hubspotusercontent10.net f.hubspotusercontent10.net	2 KB
1	t.co t.co	591 B
1	href.li href.li	380 B
1	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 209972
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 24013	486 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 24564	8 KB
1	docplayer.info docplayer.info	102 KB
1	flagcounter.me www.flagcounter.me	44 KB
1	alwingulla.com alwingulla.com — Cisco Umbrella Rank: 165637	22 KB
1	inisli.com 1 redirects vaultdox.inisli.com	107 B
52	22

	Domain	Requested by
10	vaizauwe.com	2 redirects vaizauwe.com
7	moonoafy.net	alwingulla.com moonoafy.net teknonebula.info
6	cameesse.net	alwingulla.com cameesse.net
4	gishejuy.com	alwingulla.com gishejuy.com
4	aistekso.net	alwingulla.com aistekso.net
4	my.rtmark.net	alwingulla.com teknonebula.info vaizauwe.com
3	teknonebula.info	teknonebula.info
2	www.newsdirect.com	1 redirects t.co
2	resionsfrester.com	2 redirects
2	datatechone.com	vaizauwe.com
2	veepteero.com	alwingulla.com
2	drvee07.github.io	teknonebula.info
1	f.hubspotusercontent10.net
1	newsdirect.com	1 redirects
1	t.co	href.li
1	href.li
1	interstitial-08.com	cameesse.net
1	fleraprt.com	tzegilo.com
1	tzegilo.com	gishejuy.com
1	docplayer.info	teknonebula.info
1	www.flagcounter.me	teknonebula.info
1	alwingulla.com	teknonebula.info
1	vaultdox.inisli.com	1 redirects
52	23

This site contains no links.

Subject Issuer	Validity	Valid
teknonebula.info R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
alwingulla.com GTS CA 1P5	`2024-03-12` - `2024-06-10`	3 months	crt.sh
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
flagcounter.me R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
*.docplayer.info R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
veepteero.com R3	`2024-03-23` - `2024-06-21`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
moonoafy.net R3	`2024-03-29` - `2024-06-27`	3 months	crt.sh
aistekso.net R3	`2024-03-24` - `2024-06-22`	3 months	crt.sh
gishejuy.com R3	`2024-04-02` - `2024-07-01`	3 months	crt.sh
cameesse.net R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2024-03-30` - `2024-06-28`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
interstitial-08.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
vaizauwe.com R3	`2024-03-29` - `2024-06-27`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
tls.automattic.com R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
www.newsdirect.com Amazon RSA 2048 M02	`2023-11-18` - `2024-12-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.newsdirect.com/guest-content/casino-utan-svensk-licens-basta-casinon-utan-spelpaus
Frame ID: 242047C9B361992D209544303F8C5A68
Requests: 47 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D2219183725%26z%3D7266536%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DU2aZ9dWbxanXzNslrp6ywI5QsMqmzqWIohxaGhEWjg28eeWA594XChocW2WZxgBuZY-NJ2XHZOLMUgS4KU7ACdGQGGocCaQ_VMgjhk3yfbhaoMu--EFvGCmISbBvMLrTZOE1NfWDUTnw6ia2w_sdxXRfNAdNItqT7oDwzHLoIkqLBT3pERE4l82zVH7wTuV-MsSSWXC9iXwV5CHwPyFwx5apbzXAaosuwQ47mF15O9FqmsfgcEReOuZLTm2Fp7bBRmjbcsvdE5VQW4TXQgYj5vjatfjDEbjqb3pERLZn071XjUeyKcshdsjm1TmnOq43coykvw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dbe179d1c-2e50-432b-af94-25ec5b0a58d6%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D123.0.6312.122%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fteknonebula.info%252Frootf%252Fayk.php%26wy%3D20%26wx%3D20%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D123.0.6312.122%26tbc%3D1
Frame ID: 82AF4E23C9B9C1D1AE780AC2E2B470FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://vaultdox.inisli.com/ayk.php HTTP 301
https://teknonebula.info/rootf/ayk.php Page URL
https://vaizauwe.com/4/7266260 Page URL
https://vaizauwe.com/?z=7266260&syncedCookie=true&rhd=false HTTP 302
https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120 Page URL
https://vaizauwe.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
https://resionsfrester.com/5e0eb640-44b7-4dbc-b902-d94aa49085c0?zoneid=6118780&bannerid=20693097&zonety... HTTP 307
https://resionsfrester.com/5e0eb640-44b7-4dbc-b902-d94aa49085c0/2?zoneid=6118780&bannerid=20693097&zone... HTTP 302
https://href.li/?https://t.co/JzMKPHMu99 Page URL
https://t.co/JzMKPHMu99 Page URL
https://www.newsdirect.com/guest-content/casino-utan-svensk-licens-basta-casinon-utan-spelpaus Page URL

Page Statistics

52
Requests

98 %
HTTPS

19 %
IPv6

22
Domains

23
Subdomains

19
IPs

5
Countries

490 kB
Transfer

1072 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vaultdox.inisli.com/ayk.php HTTP 301
https://teknonebula.info/rootf/ayk.php Page URL
https://vaizauwe.com/4/7266260 Page URL
https://vaizauwe.com/?z=7266260&syncedCookie=true&rhd=false HTTP 302
https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120 Page URL
https://vaizauwe.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
https://resionsfrester.com/5e0eb640-44b7-4dbc-b902-d94aa49085c0?zoneid=6118780&bannerid=20693097&zonetype={zone_type}&campaignid=8069875&device=desktop&region=ba&isp=vodafone%20italy&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&language=it&connectiontype=xdsl&cost=0.000400&visitor_id=804016463450218980 HTTP 307
https://resionsfrester.com/5e0eb640-44b7-4dbc-b902-d94aa49085c0/2?zoneid=6118780&bannerid=20693097&zonetype={zone_type}&campaignid=8069875&device=desktop&region=ba&isp=vodafone%20italy&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&language=it&connectiontype=xdsl&cost=0.000400&visitor_id=804016463450218980 HTTP 302
https://href.li/?https://t.co/JzMKPHMu99 Page URL
https://t.co/JzMKPHMu99 Page URL
https://www.newsdirect.com/guest-content/casino-utan-svensk-licens-basta-casinon-utan-spelpaus Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://vaultdox.inisli.com/ayk.php HTTP 301
https://teknonebula.info/rootf/ayk.php

Request Chain 41

https://vaizauwe.com/?z=7266260&syncedCookie=true&rhd=false HTTP 302
https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120

Request Chain 47

https://vaizauwe.com/?z=6118780&syncedCookie=false&rhd=false HTTP 302
https://resionsfrester.com/5e0eb640-44b7-4dbc-b902-d94aa49085c0?zoneid=6118780&bannerid=20693097&zonetype={zone_type}&campaignid=8069875&device=desktop&region=ba&isp=vodafone%20italy&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&language=it&connectiontype=xdsl&cost=0.000400&visitor_id=804016463450218980 HTTP 307
https://resionsfrester.com/5e0eb640-44b7-4dbc-b902-d94aa49085c0/2?zoneid=6118780&bannerid=20693097&zonetype={zone_type}&campaignid=8069875&device=desktop&region=ba&isp=vodafone%20italy&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/123.0.0.0%20Safari/537.36&language=it&connectiontype=xdsl&cost=0.000400&visitor_id=804016463450218980 HTTP 302
https://href.li/?https://t.co/JzMKPHMu99

Request Chain 50

https://www.newsdirect.com/favicon.ico HTTP 301
https://newsdirect.com/favicon.ico HTTP 302
https://f.hubspotusercontent10.net/hubfs/5691062/favicon-32x32.png

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

ayk.php Show response
teknonebula.info/rootf/
Redirect Chain

https://vaultdox.inisli.com/ayk.php
https://teknonebula.info/rootf/ayk.php

21 KB
5 KB

588ms
190ms

Document
text/html

2a02:4780:6:1421:0:185a:d12:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://teknonebula.info/rootf/ayk.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:6:1421:0:185a:d12:2 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.1.27

Resource Hash

00c8cbd981bf748cd8f3716b94b5774b965f9d96ccea592b4594a26076e45b65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 4792
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 08:26:16 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.1.27

Redirect headers

content-length: 246
content-type: text/html; charset=iso-8859-1
date: Tue, 16 Apr 2024 08:26:16 GMT
location: https://teknonebula.info/rootf/ayk.php
server: Apache

GET
H3 200 tag.min.js Show response
alwingulla.com/88/ 71 KB
22 KB 88ms
31ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://alwingulla.com/88/tag.min.js
Requested by: Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e7c41f803ef9afa5c2bf8212bad0ac50812c204f5cecb07d976909156b99c56

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39567
alt-svc: h3=":443"; ma=86400
x-trace-id: 001f24d942b18c41c1416125ca96b6cd
pragma: no-cache
last-modified: Mon, 15 Apr 2024 14:41:43 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZ5DnkWrpIJgmA1qmezgDIepLqE2FT1Ew3V9fxEazMU0TvUfsdNkfYthNr82U%2BvY%2FLYST7IX9E7VHV0xQuzaIPypy%2FBvJ4Rs35aa3gsAqy2aPiVJ8fjyu98fbRQ5l97o1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cf-ray: 8752ca202f560f5e-MXP
expires: Tue, 16 Apr 2024 21:26:49 GMT

GET
H2 200 indo.jt.js Show response
drvee07.github.io/loc/ 10 KB
3 KB 72ms
16ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://drvee07.github.io/loc/indo.jt.js

Requested by

Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

cec244e8535225cc02f58b0f29cf752dac68eb2bb6c27c5cd6ec1ec089b4cc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 07b73eb532e1081cb9a385ba09f46a030d7e03c7
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 Apr 2024 08:26:16 GMT
age: 549
x-cache: HIT
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 2624
x-served-by: cache-mxp6952-MXP
last-modified: Fri, 12 Jan 2024 07:57:02 GMT
server: GitHub.com
x-github-request-id: FBAE:2AF6FA:F94076:FE7E52:661DEF65
x-timer: S1713255977.980497,VS0,VE1
etag: W/"65a0f0ce-27d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Tue, 16 Apr 2024 03:34:22 GMT

GET
H2 200 /
www.flagcounter.me/eDh/ 44 KB
44 KB 204ms
79ms Image
image/png 37.97.241.10
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flagcounter.me/eDh/
Requested by: Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.97.241.10 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS: 37-97-241-10.colo.transip.net
Software: nginx / PHP/7.4.33, PleskLin
Resource Hash: e1b58d35439d6067302e2a3ca7ae16ff3dafcfd8fae7a72484c79aacbdfb3131

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
server: nginx
x-powered-by: PHP/7.4.33, PleskLin
content-type: image/png

GET
H/1.1 200
OK 200-0.jpg
docplayer.info/docs-images/87/97010930/images/ 101 KB
102 KB 271ms
114ms Image
image/jpeg 65.109.88.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://docplayer.info/docs-images/87/97010930/images/200-0.jpg
Requested by: Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.109.88.248 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.88.109.65.clients.your-server.de
Software: openresty /
Resource Hash: 90277974d580adf4c7bf9287ef681995e90924f4526cbd35a3fa71174d2656be

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 08:26:17 GMT
Last-Modified: Thu, 11 Oct 2018 11:57:55 GMT
Server: openresty
Cloud-Cache-Backend-Server: nginx-135
ETag: "5bbf3ac3-1950b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Frontend: nginx-135
Content-Length: 103691

GET
H2 200 jet.png
drvee07.github.io/loc/ 1 KB
2 KB 17ms
16ms Image
image/png 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://drvee07.github.io/loc/jet.png

Requested by

Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

4e888edcd7fe0362a8dd834c6e0e02983d9861af7fc23d12be76f0c64e0c8260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 1bc99b333e8b72fb4abebf1867e332053bfb90a4
strict-transport-security: max-age=31556952
date: Tue, 16 Apr 2024 08:26:17 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 549
x-cache: HIT
x-proxy-cache: MISS
content-length: 1446
x-served-by: cache-mxp6952-MXP
last-modified: Fri, 12 Jan 2024 07:57:02 GMT
server: GitHub.com
x-github-request-id: 2658:2285C3:3C973E6:3DF544B:661DEF66
x-timer: S1713255977.003283,VS0,VE1
etag: "65a0f0ce-5a6"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Tue, 16 Apr 2024 03:34:22 GMT

GET
H2 200 53770 Show response
veepteero.com/88/ 3 KB
2 KB 131ms
37ms Fetch
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://veepteero.com/88/53770
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ad4025f907cc6841038dcb93164bb68dedb2e7635db922e6dd20f38877d7b371

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache, no-cache
date: Tue, 16 Apr 2024 08:26:17 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://teknonebula.info
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 151ms
39ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=0080406c07734964ef13dda7c5d2f2d3

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fb9edaaa17fb59784ab75a9be996ed6f0a72fc6e5256ead652afe11fa749d7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 tag.min.js Show response
moonoafy.net/pfe/current/ 14 KB
6 KB 147ms
45ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/pfe/current/tag.min.js?z=7266538
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ab2d2a17fa891d22db19fde3fe1c3eef0e72d45556a6ce12d2a5f8c095f7434a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 08:26:17 GMT
content-encoding: gzip
last-modified: Mon, 15 Apr 2024 08:44:21 GMT
server: nginx
etag: W/"661ce8e5-3880"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 7266537 Show response
aistekso.net/401/ 86 KB
34 KB 156ms
71ms Script
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/401/7266537

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b1212a92f93aa0e143bac5efa2e12803cdf439529a74b2d31ec7cea05ab94a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 59262fedaa729e099d9f523d1e1a199e
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 7266535 Show response
gishejuy.com/400/ 79 KB
31 KB 176ms
77ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gishejuy.com/400/7266535

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

961e45114c28c9b30f013dcc2add7d420c2f1b975c9d0732a2ad302cb9c5c74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 9188c317a9cfe933acd9a4afb6f4e4c1
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
cameesse.net/ 41 KB
16 KB 350ms
85ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/1?z=7266536
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e950cd6fd2a19c3e835844bc9afc3f0c086da43b700387ce9ce7f19fca10703c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 71f03e0c18b98e7fb84bed10035e01b1
pragma: no-cache
date: Tue, 16 Apr 2024 08:26:17 GMT
content-encoding: gzip
x-sc: LLij4Pncv1Q5AlmMTRaAuzdJRGmAQguPvEQvTQT7nrRqBK7uK4jVM-cmJN6A9hUvJM-6k1PT7Fd58Z7fNt8IjTwnETo=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
veepteero.com/ 2 KB
3 KB 140ms
46ms Fetch
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://veepteero.com/?rb=s1h_dnllyP8iF7X8iEGJJ87N3JKL-tNHMJrLf-LFPwzUx0NkrsJ3En-fxEGM1mRQVRHAN6LpfZhkiYSESC2-urs0R_JW6YDVLCz2dMBfNbEL0KbMgCIEf7X8eizDkAJm06p_G8ZZh588JcsHuJVQJeSs14OCPgCSjNkbBaV8WDEBPPGkQ5VM2X_WiyUHfimIDCIBINBS7s86cBfCW0FN6u7TM_Lm1d90hRqmLkzVvs5DcMJr3-tvzNOMhp6Rdqfiha5AwnBJJS-16rYWmOUUpYTJDF2hPAM3ks-ZHdl8quxuORUhsA0ue9bOkazoNTyX913j_gATfy4%3D&request_ab2=0&zoneid=7266534&js_build=iclick-v1.771.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1200&sah=1200&wx=20&wy=20&cw=1600&wfc=0&pl=https%3A%2F%2Fteknonebula.info%2Frootf%2Fayk.php&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FRome&bto=-120&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.771.0&navlng=it-IT&pnt=0&pnrc=0&wasm=-1&bs=d3ffa150-0e8d-48be-8d77-ec923cb22f5c&userId=0080406c07734964ef13dda7c5d2f2d3&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122&m=link

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e0abad04f165e6825ba5c03ca2311407e8e89d193d359d3ac43dc28fb1533240

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 015d82540a09c1080e26b54e1c25b3a4
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://teknonebula.info
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 universal.min.js Show response
moonoafy.net/pfe/current/ 87 KB
33 KB 118ms
38ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/pfe/current/universal.min.js?v=3.1.499
Requested by: Host: moonoafy.net
URL: https://moonoafy.net/pfe/current/tag.min.js?z=7266538
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4f34bc1edd2238d06e8d2e00279971fe46335a7712c82ba3b558d788ce8707f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 08:26:17 GMT
content-encoding: gzip
last-modified: Mon, 15 Apr 2024 08:44:23 GMT
server: nginx
etag: W/"661ce8e7-15c03"
content-type: application/javascript
access-control-allow-origin: https://teknonebula.info
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 zone Show response
moonoafy.net/ 883 B
1 KB 48ms
48ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/zone?pub=0&zone_id=7266538&is_mobile=false&domain=teknonebula.info&var=&ymid=&var_3=&tg=0&sw=3.1.499&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTIyIn0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMjIifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: moonoafy.net
URL: https://moonoafy.net/pfe/current/tag.min.js?z=7266538

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1007637c9637d377f98b5f34a792166bcc763da32a61bded5e3cd61521395e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: cc28d3dce2206174c966fcbd6549631e
date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://teknonebula.info
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 883

GET
H2 200 7266535 Show response
gishejuy.com/400/ 2 KB
1 KB 43ms
43ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gishejuy.com/400/7266535?oo=1&oaid=0080406c07734964ef13dda7c5d2f2d3&sw_version=v1.334.0

Requested by

Host: gishejuy.com
URL: https://gishejuy.com/400/7266535

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

16c29cbf836d347ce93200ae64a4545646d2e4f2194230e300247f8b316ad609

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 55af45a6c37a16148ea804bf00f12c22
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/json
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 7266537 Show response
aistekso.net/401/ 2 KB
1 KB 38ms
38ms XHR
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/401/7266537?oo=1&oaid=0080406c07734964ef13dda7c5d2f2d3&sw_version=v1.334.0

Requested by

Host: aistekso.net
URL: https://aistekso.net/401/7266537

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3eec1229f3120bec15136b8f76c158411f4da460294386e1ff4f59f77356429d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 3ef5282a711bc91f98aaa935632e4b93
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
content-type: application/json
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 stattag.js Show response
tzegilo.com/ 19 KB
8 KB 124ms
42ms Script
application/javascript 172.67.193.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: gishejuy.com
URL: https://gishejuy.com/400/7266535
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6181
etag: W/"65c37cc1-4ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqaBYGcOY8ZjZv9UIDLz6Okcb7hHiXfO2bMowJ31MwgxWX%2F80275TVNNlKBYfh9m9Xz4IizzDpcBDJUNhAMHHlmsZLsoF5raqWeMsF17qM4DbmmSkOVbnTtlgD9%2Fig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8752ca23ecad9204-MUC
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
cameesse.net/ 967 B
2 KB 39ms
38ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/1?z=7266536&oo=1&oaid=0080406c07734964ef13dda7c5d2f2d3
Requested by: Host: cameesse.net
URL: https://cameesse.net/1?z=7266536
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 686308d9fe369b66416d505ef2a840d4331e9559ec2ce125aa211a9a2ebb2ea9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: f5ad88d4b1e94dcd6c0aff40700400e0
pragma: no-cache
date: Tue, 16 Apr 2024 08:26:17 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 967
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 custom
moonoafy.net/ Frame 0
0 36ms
35ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://moonoafy.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://teknonebula.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://teknonebula.info
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 16 Apr 2024 08:26:17 GMT
server: nginx

POST
H2 200 custom Show response
moonoafy.net/ 39 B
441 B 43ms
42ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/custom

Requested by

Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: b55e5eeee5ed634e954ab0a50f122bfa
date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://teknonebula.info
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H2 200 sw.js Show response
teknonebula.info/ 5 KB
2 KB 194ms
193ms Fetch
application/x-javascript 2a02:4780:6:1421:0:185a:d12:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://teknonebula.info/sw.js

Requested by

Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:6:1421:0:185a:d12:2 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bcfbfef05595553bbeecf9ccdc41938be92cfa5593fbbf2b3473d71d8da91d1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/rootf/ayk.php
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 25 Mar 2024 11:25:36 GMT
server: LiteSpeed
etag: "1474-66015f30-249cbb182e376dfe;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2320
expires: Tue, 23 Apr 2024 08:26:17 GMT

GET
H2 200 7552beb94fc0bdff7bbb33cad3d1ab0a Show response
cameesse.net/27/ 404 KB
128 KB 41ms
39ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a

Requested by

Host: cameesse.net
URL: https://cameesse.net/1?z=7266536

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 675b6052a34b06869c47f6ba157f45fd
date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 03:16:58 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Tue, 09 May 2084 03:16:58 GMT

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
486 B 164ms
49ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=f5c97939-58d3-4bc7-b12d-cf2d153bb2aa
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 16 Apr 2024 08:26:17 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://teknonebula.info
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

OPTIONS
H2 200 7266535
gishejuy.com/500/ Frame 0
0 136ms
43ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gishejuy.com/500/7266535?excludes=&oaid=0080406c07734964ef13dda7c5d2f2d3&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=20&wy=20&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fteknonebula.info%2Frootf%2Fayk.php&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FRome&bto=-120&os=win32&os_version=10.0.0&browser_version=123.0.6312.122&js_build=8&sw_version=v1.334.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://teknonebula.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://teknonebula.info
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Tue, 16 Apr 2024 08:26:17 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 204 7266535 Show response
gishejuy.com/500/ 0
571 B 207ms
203ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gishejuy.com
URL: https://gishejuy.com/400/7266535

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: f3c7fa89c08cbf99f2408594e63df2f8
pragma: no-cache
date: Tue, 16 Apr 2024 08:26:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 204 7266537 Show response
aistekso.net/500/ 0
571 B 139ms
138ms XHR
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/500/7266537?excludes=&oaid=0080406c07734964ef13dda7c5d2f2d3&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=20&wy=20&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fteknonebula.info%2Frootf%2Fayk.php&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FRome&bto=-120&os=win32&os_version=10.0.0&browser_version=123.0.6312.122&js_build=8&sw_version=v1.334.0

Requested by

Host: aistekso.net
URL: https://aistekso.net/401/7266537

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: a5eae03913d39252c9cd0cbeb4feef64
pragma: no-cache
date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary: Origin
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 7266537
aistekso.net/500/ Frame 0
0 137ms
43ms Preflight 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://teknonebula.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://teknonebula.info
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Tue, 16 Apr 2024 08:26:17 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

POST
H2 200 9 Show response
cameesse.net/ 6 KB
3 KB 43ms
39ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/9?z=7266536&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fteknonebula.info%2Frootf%2Fayk.php&wy=20&wx=20&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=0080406c07734964ef13dda7c5d2f2d3
Requested by: Host: cameesse.net
URL: https://cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: fdff286b60d60c80d018286e62f2dad050259539a186f65f4c935b8769206e27

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 6f176889051d37d99771fdacf75aa47e
pragma: no-cache
date: Tue, 16 Apr 2024 08:26:17 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
cameesse.net/ Frame 0
0 122ms
45ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/9?z=7266536&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fteknonebula.info%2Frootf%2Fayk.php&wy=20&wx=20&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=0080406c07734964ef13dda7c5d2f2d3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://teknonebula.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://teknonebula.info
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Tue, 16 Apr 2024 08:26:17 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

POST
H2 200 custom Show response
moonoafy.net/ 39 B
440 B 49ms
49ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/custom

Requested by

Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 20f12ff405c5a0a03bab03e913ec25d6
date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://teknonebula.info
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H3 404 favicon.ico
teknonebula.info/ 2 KB
1 KB 258ms
257ms Other
text/html 153.92.9.125
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://teknonebula.info/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 153.92.9.125 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/rootf/ayk.php
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:18 GMT
content-encoding: br
last-modified: Fri, 02 Feb 2024 08:00:52 GMT
server: LiteSpeed
etag: "999-65bca134-31ba793e8ce4a6e;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 912

POST
H2 200 custom Show response
moonoafy.net/ 39 B
441 B 45ms
45ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://moonoafy.net/custom

Requested by

Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 14c67c69edc59fa98419afce3a6a29c6
date: Tue, 16 Apr 2024 08:26:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://teknonebula.info
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 39

GET
H2 200 11 Show response
cameesse.net/ 0
595 B 45ms
44ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/11?rnd=2108351817&z=7266536&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=U2aZ9dWbxanXzNslrp6ywI5QsMqmzqWIohxaGhEWjg28eeWA594XChocW2WZxgBuZY-NJ2XHZOLMUgS4KU7ACdGQGGocCaQ_VMgjhk3yfbhaoMu--EFvGCmISbBvMLrTZOE1NfWDUTnw6ia2w_sdxXRfNAdNItqT7oDwzHLoIkqLBT3pERE4l82zVH7wTuV-MsSSWXC9iXwV5CHwPyFwx5apbzXAaosuwQ47mF15O9FqmsfgcEReOuZLTm2Fp7bBRmjbcsvdE5VQW4TXQgYj5vjatfjDEbjqb3pERLZn071XjUeyKcshdsjm1TmnOq43coykvw==&ruid=be179d1c-2e50-432b-af94-25ec5b0a58d6&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fteknonebula.info%2Frootf%2Fayk.php&wy=20&wx=20&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&os=win32&os_version=10.0.0&browser_version=123.0.6312.122&ot=171
Requested by: Host: cameesse.net
URL: https://cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: ae94cb6d62a121b1b686674cbf39503f
pragma: no-cache
date: Tue, 16 Apr 2024 08:26:18 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
interstitial-08.com/ Frame 82AF 0
0 211ms
89ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D2219183725%26z%3D7266536%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DU2aZ9dWbxanXzNslrp6ywI5QsMqmzqWIohxaGhEWjg28eeWA594XChocW2WZxgBuZY-NJ2XHZOLMUgS4KU7ACdGQGGocCaQ_VMgjhk3yfbhaoMu--EFvGCmISbBvMLrTZOE1NfWDUTnw6ia2w_sdxXRfNAdNItqT7oDwzHLoIkqLBT3pERE4l82zVH7wTuV-MsSSWXC9iXwV5CHwPyFwx5apbzXAaosuwQ47mF15O9FqmsfgcEReOuZLTm2Fp7bBRmjbcsvdE5VQW4TXQgYj5vjatfjDEbjqb3pERLZn071XjUeyKcshdsjm1TmnOq43coykvw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dbe179d1c-2e50-432b-af94-25ec5b0a58d6%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D123.0.6312.122%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fteknonebula.info%252Frootf%252Fayk.php%26wy%3D20%26wx%3D20%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D123.0.6312.122%26tbc%3D1
Requested by: Host: cameesse.net
URL: https://cameesse.net/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://teknonebula.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 08:26:18 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 38ms
38ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=2643604e83344538b7c2ab9427e5ae88&zoneId=7266538&checkDuplicate=true&ymid=&var=

Requested by

Host: teknonebula.info
URL: https://teknonebula.info/rootf/ayk.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fb9edaaa17fb59784ab75a9be996ed6f0a72fc6e5256ead652afe11fa749d7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://teknonebula.info/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://teknonebula.info
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 7266260 Show response
vaizauwe.com/4/ 33 KB
14 KB 189ms
83ms Document
text/html 139.45.197.245

General

Check archive.org

Show headers Download Go to

Full URL

https://vaizauwe.com/4/7266260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fbb6c85ff4443080c71a2ee38e5d4725f629570ef9eecea29436fdcdb5f84c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://teknonebula.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Tue, 16 Apr 2024 08:26:22 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 7d0b0203f3a253f237ae199ed58746c3

POST
H2 200 sftouch
vaizauwe.com/ 2 B
602 B 46ms
46ms Ping
text/plain 139.45.197.245

General

Check archive.org

Show headers Download Go to

Full URL

https://vaizauwe.com/sftouch?userId=00804098ca214c09eab75d6430724119&z=7266260&p_rid=7f9b9b38-599d-42d7-94cc-99c5f3eb1206&p_src=sf&branchId=0&rb=AmQq1T6ELRoSHzOp7ZS7q1bDAAls8woSE6k-4ecMohX9Fnoubc46muINdMzyHPV9PYF02rA1fCqsSxro2FuLoLO-FHLS02YgY_aV7UrT3lwqCsmtswTneuqSnUH71FV_Sc6j1oF902rpHMhfgev_9gXNSchpnNkxy4Zpi4bc2tQbjXI_m1bariCqnetvmDSSDutUGbXHMXv8M6dJsawdWyITUeU6XW4G8YoNknaunyMhLfeE6taVeNfNq-vC9H9TKBjLVJiOXKWmx53aspvVIBLNyCLIw8JxcrQNLS0v8RAxRn1QTWWyBcaSwCCgCvj2GbOpOFrB2FxCn4EE

Requested by

Host: vaizauwe.com
URL: https://vaizauwe.com/4/7266260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://vaizauwe.com/4/7266260
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 7577d11abf23c2e04ec1902c49f89c71
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://vaizauwe.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 139ms
44ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=00804098ca214c09eab75d6430724119&z=7266260&p_rid=7f9b9b38-599d-42d7-94cc-99c5f3eb1206&p_src=sf

Requested by

Host: vaizauwe.com
URL: https://vaizauwe.com/4/7266260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vaizauwe.com/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
465 B 139ms
41ms XHR
text/plain 139.45.195.253

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7f9b9b38-599d-42d7-94cc-99c5f3eb1206
Requested by: Host: vaizauwe.com
URL: https://vaizauwe.com/4/7266260
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 -, , ASN (),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://vaizauwe.com/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 16 Apr 2024 08:26:23 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://vaizauwe.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 204 favicon.ico
vaizauwe.com/ 0
150 B 37ms
36ms Other
text/plain 139.45.197.245

General

Check archive.org

Show headers Download Go to

Full URL: https://vaizauwe.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://vaizauwe.com/4/7266260
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 16 Apr 2024 08:26:23 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

/ Show response
vaizauwe.com/4/6118780/
Redirect Chain

https://vaizauwe.com/?z=7266260&syncedCookie=true&rhd=false
https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120

33 KB
14 KB

45ms
44ms

Document
text/html

139.45.197.245

General

Check archive.org

Show headers Download Go to

Full URL

https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fba4996a121f65682b6564853efd6c1e7af72d986824295defd4be99f2fc94af

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://vaizauwe.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "123.0.6312.122"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Tue, 16 Apr 2024 08:26:23 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 03fc3c06fe218b378abc415d3c035931

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://vaizauwe.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Tue, 16 Apr 2024 08:26:23 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://vaizauwe.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: fc85c1420cf5e39bb018d350c0cf0fbb

GET
H2 204 favicon.ico
vaizauwe.com/ 0
0 8ms
8ms Other
text/plain 139.45.197.245

General

Check archive.org

Show headers Download Go to

Full URL: https://vaizauwe.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://vaizauwe.com/afu.php?zoneid=7266260&var=7266260&rid=mnhKzS_wDF_SW3g2Y1iWsw%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 16 Apr 2024 08:26:23 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 sftouch
vaizauwe.com/ 2 B
603 B 38ms
38ms Ping
text/plain 139.45.197.245

General

Check archive.org

Show headers Download Go to

Full URL

https://vaizauwe.com/sftouch?userId=0080406c07734964ef13dda7c5d2f2d3&z=6118780&p_rid=d13e9e4a-abbc-48e5-a838-828c97627153&p_src=sf&branchId=0&rb=BXDJxiGAKg9UWGaathgzY1FEbBBTtZn6ylNPsK3bXbF9KAo2OsIj-UCRwgNLim48dYGebtU_CJCF45JaURdmRHLtHJSdkSc42_k0BIsJFmA857b-ayzbEFn7xT0VxnBn4Goy60MCgmPXYAZhLKyOAjEEM8cocUiyD9hmo2nDxh1vwOcAyDugBkUDOAd1BdycckFZkAEUPI-NFcNx144_gRwxW7_ahdebrAwNAqJlLzXq7B90zEMkpyCHjYjdaSwMmVWflYoj3b5dNs8sMRAdhk-09je_OQtDPDF7jZT4KWyMEgOuwWPKAQ==

Requested by

Host: vaizauwe.com
URL: https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: ebb893c224cf658ee9341a13475abdc0
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://vaizauwe.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 img.gif
my.rtmark.net/ 43 B
504 B 42ms
42ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080406c07734964ef13dda7c5d2f2d3&z=6118780&p_rid=d13e9e4a-abbc-48e5-a838-828c97627153&p_src=sf

Requested by

Host: vaizauwe.com
URL: https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vaizauwe.com/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 08:26:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://vaizauwe.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
465 B 37ms
37ms XHR
text/plain 139.45.195.253

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d13e9e4a-abbc-48e5-a838-828c97627153
Requested by: Host: vaizauwe.com
URL: https://vaizauwe.com/4/6118780/?var=7266260&btz=Europe/Rome&bto=-120
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 -, , ASN (),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://vaizauwe.com/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 16 Apr 2024 08:26:23 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://vaizauwe.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 204 favicon.ico
vaizauwe.com/ 0
0 0ms
0ms Other
text/plain 139.45.197.245

General

Check archive.org

Show headers Download Go to

Full URL: https://vaizauwe.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://vaizauwe.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 16 Apr 2024 08:26:23 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

/
href.li/
Redirect Chain

https://vaizauwe.com/?z=6118780&syncedCookie=false&rhd=false
https://resionsfrester.com/5e0eb640-44b7-4dbc-b902-d94aa49085c0?zoneid=6118780&bannerid=20693097&zonetype={zone_type}&campaignid=8069875&device=desktop&region=ba&isp=vodafone%20italy&useragent=Mozi...
https://resionsfrester.com/5e0eb640-44b7-4dbc-b902-d94aa49085c0/2?zoneid=6118780&bannerid=20693097&zonetype={zone_type}&campaignid=8069875&device=desktop&region=ba&isp=vodafone%20italy&useragent=Mo...
https://href.li/?https://t.co/JzMKPHMu99

433 B
380 B

156ms
112ms

Document
text/html

192.0.78.26

General

Check archive.org

Show headers Download Go to

Full URL

https://href.li/?https://t.co/JzMKPHMu99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.26 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://vaizauwe.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "123.0.6312.122"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 08:26:23 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-ac: 3.mxp _dca MISS

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Tue, 16 Apr 2024 08:26:23 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://href.li/?https://t.co/JzMKPHMu99
pragma: no-cache
server: nginx
via: 1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
x-amz-cf-id: x6c7K6KIDm3d5nD79W_7vDnZSQJbBQ312FtJN-C7t5w3WR35cqO23g==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

GET
H2 204 favicon.ico
vaizauwe.com/ 0
0 0ms
0ms Other
text/plain 139.45.197.245

General

Check archive.org

Show headers Download Go to

Full URL: https://vaizauwe.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.122"
Referer: https://vaizauwe.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.122", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.122"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 16 Apr 2024 08:26:23 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JzMKPHMu99
t.co/ 438 B
591 B 214ms
147ms Document
text/html 104.244.42.69

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/JzMKPHMu99

Requested by

Host: href.li
URL: https://href.li/?https://t.co/JzMKPHMu99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 220
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 08:26:24 GMT
expires: Tue, 16 Apr 2024 08:31:24 GMT
perf: 7469935968
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 0cc1ddd37923b006bcea9d674fa3a41a9cdc2a2b9d61a0cd51bb7068f470ffb6
x-response-time: 117
x-transaction-id: 07098c515dcb661e
x-xss-protection: 0

GET
H2 403 Primary Request casino-utan-svensk-licens-basta-casinon-utan-spelpaus Show response
www.newsdirect.com/guest-content/ 520 B
591 B 552ms
124ms Document
text/html 54.161.21.144

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsdirect.com/guest-content/casino-utan-svensk-licens-basta-casinon-utan-spelpaus
Requested by: Host: t.co
URL: https://t.co/JzMKPHMu99
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.21.144 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 520
content-type: text/html
date: Tue, 16 Apr 2024 08:26:24 GMT
server: awselb/2.0

GET
H2

200

favicon-32x32.png
f.hubspotusercontent10.net/hubfs/5691062/
Redirect Chain

https://www.newsdirect.com/favicon.ico
https://newsdirect.com/favicon.ico
https://f.hubspotusercontent10.net/hubfs/5691062/favicon-32x32.png

790 B
2 KB

156ms
94ms

Other
image/webp

2606:4700::6812:561e

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent10.net/hubfs/5691062/favicon-32x32.png

Protocol

Server

2606:4700::6812:561e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3abfa3d338c3b3ebf7c77bd878e58951526066711d48cc16816f9838ef169262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://www.newsdirect.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-41225551669,P-5691062,FLS-ALL
age: 941915
x-amz-request-id: EHAWN2BS98AMCQ23
x-amz-server-side-encryption: AES256
edge-cache-tag: F-41225551669,P-5691062,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="favicon-32x32.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "e748fd776d30a46ed45a69b455cd244e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1612364854018
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Tue, 16 Apr 2024 08:26:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 b02204bb25154db405d08169ef07edf2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: PbGRAbhzJGzSoYOVE.2tsYOhnn4aGOdd
x-amz-cf-pop: FCO50-P3
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=1480
x-cache: RefreshHit from cloudfront
cache-tag: F-41225551669,P-5691062,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 790
x-amz-id-2: 4FsTI08BUfYyaIRAkm4UHpF3YbLd1h4Zl2XvY5jx3fdeLTbcqiOCP4DbQjhc5di0vC2xpX94ibA=
last-modified: Mon, 06 Feb 2023 07:50:59 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8752ca539ac80e59-MXP
x-amz-cf-id: 1ZbFQA5NVnob7yXYPGC4fg5qm1N2CNqR5L5Q_fa4vcyHG2bjOvW21A==

Redirect headers

date: Tue, 16 Apr 2024 08:26:25 GMT
content-security-policy: upgrade-insecure-requests
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: nginx/1.21.1
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdosW4LylOFZIwU0u1VSnhn7tPhoqJmiYBjo8UT3ngEas5139pU3XPaZA2NgPXqIFIusLFC%2FhHC%2BdMP2emS5Vdhjjd5iDXE54M%2FvKh7evl4lrTePPFsXenbURADXVmCPTRf42hxx3b1DiFya42ct5J7LNWk%3D"}],"group":"cf-nel","max_age":604800}
location: https://f.hubspotusercontent10.net/hubfs/5691062/favicon-32x32.png
cache-control: max-age=120
x-hs-prerendered: Tue, 09 Apr 2024 14:06:02 GMT
cf-ray: 8752ca527a810813-IAD
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 04:39:51	Name: ID Value: 0080406c07734964ef13dda7c5d2f2d3
teknonebula.info/	1970-01-20 19:54:16	Name: prefetchAd_7266534 Value: true
gishejuy.com/	1970-01-21 04:39:51	Name: OAID Value: 0080406c07734964ef13dda7c5d2f2d3
veepteero.com/	1970-01-21 04:39:51	Name: OAID Value: 0080406c07734964ef13dda7c5d2f2d3
veepteero.com/	1970-01-21 04:39:51	Name: oaidts Value: 1713255977
veepteero.com/	1970-01-20 20:04:20	Name: syncedCookie Value: true
aistekso.net/	1970-01-21 04:39:51	Name: OAID Value: 0080406c07734964ef13dda7c5d2f2d3
cameesse.net/	1970-01-21 04:39:51	Name: scm Value: 1
cameesse.net/	1970-01-21 04:39:51	Name: oaidts Value: 1713255977
cameesse.net/	1970-01-21 04:39:51	Name: OAID Value: 0080406c07734964ef13dda7c5d2f2d3

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://teknonebula.info/rootf/ayk.php Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://drvee07.github.io/loc/indo.jt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://teknonebula.info/rootf/ayk.php Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://drvee07.github.io/loc/indo.jt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://teknonebula.info/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://teknonebula.info/rootf/ayk.php Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vaizauwe.com/4/7266260 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vaizauwe.com/4/7266260 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vaizauwe.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vaizauwe.com/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=123.0.6312.122 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.newsdirect.com/guest-content/casino-utan-svensk-licens-basta-casinon-utan-spelpaus Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aistekso.net
alwingulla.com
cameesse.net
datatechone.com
docplayer.info
drvee07.github.io
f.hubspotusercontent10.net
fleraprt.com
gishejuy.com
href.li
interstitial-08.com
moonoafy.net
my.rtmark.net
newsdirect.com
resionsfrester.com
t.co
teknonebula.info
tzegilo.com
vaizauwe.com
vaultdox.inisli.com
veepteero.com
www.flagcounter.me
www.newsdirect.com
104.244.42.69
139.45.195.253
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.242
139.45.197.244
139.45.197.245
139.45.197.250
153.92.9.125
162.144.3.194
172.67.193.52
188.114.96.3
192.0.78.26
2600:9000:26db:4800:e:7494:7e00:93a1
2606:4700::6812:561e
2606:50c0:8002::153
2a02:4780:6:1421:0:185a:d12:2
37.97.241.10
54.161.21.144
65.109.88.248
00c8cbd981bf748cd8f3716b94b5774b965f9d96ccea592b4594a26076e45b65
1007637c9637d377f98b5f34a792166bcc763da32a61bded5e3cd61521395e47
16c29cbf836d347ce93200ae64a4545646d2e4f2194230e300247f8b316ad609
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3abfa3d338c3b3ebf7c77bd878e58951526066711d48cc16816f9838ef169262
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3eec1229f3120bec15136b8f76c158411f4da460294386e1ff4f59f77356429d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e888edcd7fe0362a8dd834c6e0e02983d9861af7fc23d12be76f0c64e0c8260
4f34bc1edd2238d06e8d2e00279971fe46335a7712c82ba3b558d788ce8707f8
5e7c41f803ef9afa5c2bf8212bad0ac50812c204f5cecb07d976909156b99c56
686308d9fe369b66416d505ef2a840d4331e9559ec2ce125aa211a9a2ebb2ea9
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035
90277974d580adf4c7bf9287ef681995e90924f4526cbd35a3fa71174d2656be
961e45114c28c9b30f013dcc2add7d420c2f1b975c9d0732a2ad302cb9c5c74d
ab2d2a17fa891d22db19fde3fe1c3eef0e72d45556a6ce12d2a5f8c095f7434a
ad4025f907cc6841038dcb93164bb68dedb2e7635db922e6dd20f38877d7b371
b1212a92f93aa0e143bac5efa2e12803cdf439529a74b2d31ec7cea05ab94a19
b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7
bcfbfef05595553bbeecf9ccdc41938be92cfa5593fbbf2b3473d71d8da91d1b
cec244e8535225cc02f58b0f29cf752dac68eb2bb6c27c5cd6ec1ec089b4cc15
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
e0abad04f165e6825ba5c03ca2311407e8e89d193d359d3ac43dc28fb1533240
e1b58d35439d6067302e2a3ca7ae16ff3dafcfd8fae7a72484c79aacbdfb3131
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e950cd6fd2a19c3e835844bc9afc3f0c086da43b700387ce9ce7f19fca10703c
fb9edaaa17fb59784ab75a9be996ed6f0a72fc6e5256ead652afe11fa749d7a6
fba4996a121f65682b6564853efd6c1e7af72d986824295defd4be99f2fc94af
fbb6c85ff4443080c71a2ee38e5d4725f629570ef9eecea29436fdcdb5f84c4d
fdff286b60d60c80d018286e62f2dad050259539a186f65f4c935b8769206e27
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

www.newsdirect.com Open in urlscan Pro 54.161.21.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

52 Requests

98 %HTTPS

19 %IPv6

22 Domains

23 Subdomains

19 IPs

5 Countries

490 kBTransfer

1072 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.newsdirect.com Open in urlscan Pro
54.161.21.144 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

19 %
IPv6

22
Domains

23
Subdomains

19
IPs

5
Countries

490 kB
Transfer

1072 kB
Size

10
Cookies

52 HTTP transactions
0 data transactions