oxidizerain.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://roohi.facilityproducer.org.uk/hF6gpazVcf.jspf?bu2al0.hgggg7fbxvp.h.hpf0c.hgg7g.jm.hh2.hl.hkh1j.ns2n.hggggm
Effective URL:
https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
Submission: On August 18 via manual (August 18th 2022, 3:53:10 pm UTC) from CH — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 15 domains to perform 44 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is oxidizerain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2022. Valid for: a year.

This is the only time oxidizerain.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online) Customer Survey Spam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.57.51.168 176.57.51.168	44486 (SYNLINQ s...) (SYNLINQ synlinq.de)
1	185.92.47.167 185.92.47.167	61317 (ASDETUK w...) (ASDETUK www.heficed.com)
1 1	2606:4700:303... 2606:4700:3032::ac43:a53c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.120.247 18.66.120.247	16509 (AMAZON-02) (AMAZON-02)
2	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:206... 2600:9000:206f:de00:2:49a2:4500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	13

1 176.57.51.168 (Jordan) 1 redirects

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: roohi.facilityproducer.org.uk

roohi.facilityproducer.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.92.47.167 (New York, United States)

ASN61317 (ASDETUK www.heficed.com, GB)

corelatingus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a53c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cenariocrusade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

oxidizerain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk-praesentium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:de00:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets3.lottiefiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-praesentium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	oxidizerain.com oxidizerain.com	868 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 972	1 KB
5	trk-praesentium.com trk-praesentium.com — Cisco Umbrella Rank: 102206 event.trk-praesentium.com — Cisco Umbrella Rank: 179307	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	489 B
2	lottiefiles.com assets3.lottiefiles.com — Cisco Umbrella Rank: 144115	4 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 20722	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	110 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 868	88 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 968	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	30 KB
1	cenariocrusade.com 1 redirects cenariocrusade.com	759 B
1	corelatingus.com corelatingus.com	449 B
1	facilityproducer.org.uk 1 redirects roohi.facilityproducer.org.uk	278 B
44	15

	Domain	Requested by
19	oxidizerain.com	corelatingus.com oxidizerain.com
5	tr.snapchat.com	sc-static.net oxidizerain.com
4	event.trk-praesentium.com	trk-praesentium.com
3	www.facebook.com	oxidizerain.com
2	assets3.lottiefiles.com	unpkg.com
2	a.mgid.com	oxidizerain.com
2	connect.facebook.net	oxidizerain.com connect.facebook.net
2	unpkg.com	1 redirects oxidizerain.com
1	fonts.gstatic.com	fonts.googleapis.com
1	sc-static.net	oxidizerain.com
1	trk-praesentium.com	oxidizerain.com
1	fonts.googleapis.com	oxidizerain.com
1	code.jquery.com	oxidizerain.com
1	cenariocrusade.com	1 redirects
1	corelatingus.com
1	roohi.facilityproducer.org.uk	1 redirects
44	16

This site contains no links.

Subject Issuer	Validity	Valid
corelatingus.com R3	`2022-07-13` - `2022-10-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-27` - `2022-08-25`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.lottiefiles.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
Frame ID: C6F46DA58B4F16B3B8FCC9EE0AE820A2
Requests: 39 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&u_scsid=f2bbd9a2-3ddb-4e12-b392-69354d31e1cc&u_sclid=f6d1cd6a-0ed6-47b3-b174-f396d1e26dbe
Frame ID: 1240FA56145056F1CC2E98D370541A2F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: C98280EB829A0EC93F0A5A3F9F8C42C3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: C49C2883F4BFFCCF3613E552EAC0B23D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Käuferumfrage - Wir möchten Ihre Meinung!

Page URL History Show full URLs

http://roohi.facilityproducer.org.uk/hF6gpazVcf.jspf?bu2al0.hgggg7fbxvp.h.hpf0c.hgg7g.jm.hh2.hl.hkh1j.ns2n.hggggm HTTP 302
https://corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/71562... Page URL
https://cenariocrusade.com/index2.php?s1=351078&s2=781813699&s3=1230&s4=lpid&ow=17&p=de3adk8a HTTP 302
https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

98 %
HTTPS

67 %
IPv6

15
Domains

16
Subdomains

13
IPs

6
Countries

1140 kB
Transfer

1974 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://roohi.facilityproducer.org.uk/hF6gpazVcf.jspf?bu2al0.hgggg7fbxvp.h.hpf0c.hgg7g.jm.hh2.hl.hkh1j.ns2n.hggggm HTTP 302
https://corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/715623444_1oc17vb Page URL
https://cenariocrusade.com/index2.php?s1=351078&s2=781813699&s3=1230&s4=lpid&ow=17&p=de3adk8a HTTP 302
https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://roohi.facilityproducer.org.uk/hF6gpazVcf.jspf?bu2al0.hgggg7fbxvp.h.hpf0c.hgg7g.jm.hh2.hl.hkh1j.ns2n.hggggm HTTP 302
https://corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/715623444_1oc17vb

Request Chain 5

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

715623444_1oc17vb
corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/
Redirect Chain

http://roohi.facilityproducer.org.uk/hF6gpazVcf.jspf?bu2al0.hgggg7fbxvp.h.hpf0c.hgg7g.jm.hh2.hl.hkh1j.ns2n.hggggm
https://corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/715623444_1oc17vb

156 B
449 B

1112ms
501ms

Document
text/html

185.92.47.167
ASDETUK www.hefic...

General

Check archive.org

Show headers Download Go to

Full URL: https://corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/715623444_1oc17vb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.92.47.167 New York, United States, ASN61317 (ASDETUK www.heficed.com, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 156
content-type: text/html; charset=UTF-8
date: Thu, 18 Aug 2022 15:53:04 GMT
server: Apache

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Aug 2022 15:53:03 GMT
Location: https://corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/715623444_1oc17vb
Server: Apache

GET
H2

200

Primary Request / Show response
oxidizerain.com/
Redirect Chain

https://cenariocrusade.com/index2.php?s1=351078&s2=781813699&s3=1230&s4=lpid&ow=17&p=de3adk8a
https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

25 KB
5 KB

413ms
144ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Requested by

Host: corelatingus.com
URL: https://corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/715623444_1oc17vb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69cca5a5e4031bb956c2b89e4133476c880d5dfd1890ec961fa8dc2ddd978a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corelatingus.com/0/0/0/49ad4083d83c65ea9d01c459979053d7/36_159160_744/50_237922_90894_4/715623444_1oc17vb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 73cbd2013c359182-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Aug 2022 15:53:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qo4%2Fr%2FntoEtjQs9cGClBzxVh8KVZo3uG3wQnt28VFcrJBy8RNAFlcAgicP3odsT5lYG%2FmP8QLi8bh41JrK3%2BRROndgvlMCdoAGTm%2FpPf6h%2FfICed1hERvXNJfkb5JO2DqbcnUw6MIJs%2FqCmTzIg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 73cbd1fd1ba49bce-FRA
content-type: text/html; charset=UTF-8
date: Thu, 18 Aug 2022 15:53:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVyIQQAqIyNTcQLItfgeQ8Uc4xIc9Dl9r%2BKWnQMDadAbaKAVa13tBoM1GWFrjVe7EwHbc2m5afhgArkt8SrU0BwExQ4uZlYuzfe%2F1binhhwDRXI1auL%2FAbgIyCybEWX7ukGTwODiBNMk7sjEXEpOqLA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 main00.css
oxidizerain.com/master/css/ 193 KB
28 KB 31ms
29ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/master/css/main00.css

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Mar 2021 12:43:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMEZVnfhlQwpLH8UblZDqWainrfMOAscF4LCc8MjxiKbQ88hU%2BwoyK0kjSvpUk1gzvngl%2BZQtK29KQM74JzzRIvmAjdtImnyvSdc%2BIfnPMP91dQdVu5jDcplVUuEYbY28VJyKi%2Fih%2B04Utrcj8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
cf-ray: 73cbd2022e3a9182-FRA
expires: Wed, 24 Aug 2022 23:18:09 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 99ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
x-hw: 1660837985.dop211.fr8.t,1660837985.cds140.fr8.hn,1660837985.cds280.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 datede.js Show response
oxidizerain.com/master/js/ 754 B
770 B 27ms
26ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/master/js/datede.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52a7a75763f4563aa006161015634eb6117f7257883e93062fbeef2bf8c92b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128556
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFueCvKUBOJskVJU1flwU2Uk1M9AuulNKk92t9kDISQ6dRnm61mQxz2AqELkE1Xa3MuO8hsKwvkLTNyU7bEy4HUsooLvWmy7PiYJA53UPhOjgVNt1udtuEDoCzWTGz%2BS0cd8Q96X1qbAsT%2F7YCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 73cbd2022e3d9182-FRA
expires: Wed, 24 Aug 2022 04:10:29 GMT

GET
H2 404 rndm_ppl_cmt_ger.js
oxidizerain.com/master/js/ 0
0 27ms
25ms Script
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/master/js/rndm_ppl_cmt_ger.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Paps29Jov13mmBfKJ4zL1pBQYZNp%2FI0bEtAVH7wAcNMTmY3TZXO6rsXxSDbEBvAITE2oB8sUUDr3%2BbQ94o2ORbvYzfjnACFzTp0ZSopAycyT71aqmvkAFXG%2F069db0FlRTEiQ3H4QW9b2sDkpD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 73cbd2022e3e9182-FRA

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js

337 KB
88 KB

39ms
38ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99a251662165f4ce8a58450330d03b4578f05a17a3aa625f9cae9f8867b91868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9945684
fly-request-id: 01G1GDKT3J9QFPDC26J13PXYCX-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"54557-mEzLpqpg5bSX6hg9TQvipFKQcc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73cbd202cf46bb3b-FRA

Redirect headers

date: Thu, 18 Aug 2022 15:53:05 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GART5FZ5KZ1TP0AJG0C9VEW4-fra
server: cloudflare
age: 376
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73cbd2026e75bb3b-FRA
access-control-allow-origin: *

GET
H2 200 msg.js Show response
oxidizerain.com/inc/ 945 B
784 B 27ms
27ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/inc/msg.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61fb35acee02253526f14228009a0cf1d5c976b925611826b0b6b8ecfa17a6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130216
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Jul 2022 16:26:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MG0dd%2F9cYBMooVSOG64HW0b%2FqMMs%2BbA%2BMY8yoLhM4j6x7kwloUqhvM2bkiAwcVVc6mMqMoQ5Wdt%2BlDaREvA0GPTNzd27ERgmDx2PtyRJR4x5s6usmBaScqaVConEZNHdEtZEasEXf07NqUX0kHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 73cbd2022e3f9182-FRA
expires: Wed, 24 Aug 2022 03:42:49 GMT

GET
H2 200 fbcode1.js Show response
oxidizerain.com/inc/ 2 KB
1 KB 31ms
31ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/inc/fbcode1.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128556
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 23:35:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ2JmrUPnnZkE8woZP%2BOizocWxxTNywVRvirglkijEqE01PfMoTK98P3fzMcQb0uxdwCywgqUxqOqmNN%2F63%2FQ4ySPcAjK3mZJw8Y5%2BBj%2FF100dR7Y6m5VEHLKVrUD%2B2DRnFX%2BLW6ed0PIH0BaPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 73cbd2022e419182-FRA
expires: Wed, 24 Aug 2022 04:10:29 GMT

GET
H3 200 edklogo.jpg
oxidizerain.com/master/img/ 97 KB
98 KB 29ms
28ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/master/img/edklogo.jpg

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d4d82c892eb204f4b9a3d53fe8e9c249eb87c07f77992c90ce38db49f904d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99386
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Sep 2020 09:51:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Im15nDK5jsKG4lFigmYy30biCKCImibMIZkvmTt3zRWWf0exHOV8i9IT304p1D%2BUWpali3jClHBYPGYB06TCB8xcFnfdxpjwvr1H8nnUCj3qT1lAVqNgNh7NoN%2F9oH3auwDpN1Zvw5jzJlcHTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 73cbd2034c27bb62-FRA
expires: Tue, 23 Aug 2022 17:20:46 GMT

GET
H3 200 deflag.png
oxidizerain.com/master/img/ 5 KB
5 KB 89ms
87ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/master/img/deflag.png

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd78ebc14b4d1ddfc04722b004542fbfdd74d6453039bfaa6489688ab20ecd63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40282
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4771
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Sep 2020 07:06:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FHFnDjgjkM0Z5RnhpwxRazlED5E2aMXLqVKoTeJc44BIHC3sPScgAjUV63aqqiwKD8hSVZyhZDkEzIo1OmJSzOxfmYhvYvmInwK%2F%2BcgsLZGFeSgWAqi4OvZ6H5IW3Cmk3idffYKnAOqRKrI6FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 73cbd2034c32bb62-FRA
expires: Thu, 25 Aug 2022 04:41:43 GMT

GET
H3 200 edkgift.png
oxidizerain.com/master/img/ 13 KB
13 KB 90ms
87ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/master/img/edkgift.png

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced336f320481d07e503b0ef7585830654dc12643c54a6ae3faf81d30e642ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13178
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Sep 2020 09:51:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCjsRuSBtEAyf9m4wuuUfxQnF%2FTaDwgHou0i%2BSFSmgY6uDBzFVh1sBY3PBbZrFFElIFmVN%2F3yV%2B1OfhFXjzfYSSbWB7gLumudzKVvd7TPM001BQoy%2BRjWB3EMNFJtQgOHMmOydRh84xOOOn0ieg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 73cbd2034c35bb62-FRA
expires: Tue, 23 Aug 2022 17:20:46 GMT

GET
H3 200 image.php
oxidizerain.com/ 102 KB
102 KB 277ms
274ms Image
image/pjpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/image.php?img=images/products_image/122.jpg

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba47b93e6158518cc38cd1ef5c4c597a303e2c4252d3e1c89cf5882fe25c9faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSdzFpzyQhYYwvs3Ogqiz6i4H%2FISe6zQTMUKxO3FXLtr9lmIOn1sTMOfdzOUnG9o9ZX2AevHpuZ6pe4QV1AUf1SFz1V4GEMqON7VlYvTjdQ5KAuQz3TT%2FWYl2vHUPxiFoOs6LnIl%2BwgVVuV3Q9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/pjpeg
vary: User-Agent, Accept-Encoding
cf-ray: 73cbd2034c39bb62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 9227ed9e10072ce0bac69dc54109221b.png
oxidizerain.com/master/img/ 1 KB
2 KB 32ms
30ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/master/img/9227ed9e10072ce0bac69dc54109221b.png

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40282
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1172
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOczG9ObgxbraJ7vjzeu0B3XyTUkF7XMAG05rOUvFWVCNMDlIwLxRkJxThCDEvFzk1UAU8062iSBHkYIJncFfGrsxlz54F7OZM5cKJ%2BnTt1l%2Fe0MXmVpQkaVIcaGlUbyp8073PbYdLQ6akyy9Vs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 73cbd2034c3bbb62-FRA
expires: Thu, 25 Aug 2022 04:41:43 GMT

GET
H3 200 image.php
oxidizerain.com/ 65 KB
65 KB 279ms
277ms Image
image/pjpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/image.php?img=images/products_image/s21.jpeg

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a326605a77d7ff8b446f6f62ef2c2a48e02e3ec8ebe420fd9d1d1b1152e4db11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74MOamElUR%2B94E36FBNhfae7r4rDlbzdAVlopiMOw%2F2Na94YVvb9KM%2Fm%2BiMKm8NxV7%2Buy6jfc6G3KMxCcE7C6nDqyrBpGef6Qlv2omeWQiUPrpyzd53LEyXgLis9rjbPr4msgszmLfsxkkNtmLA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/pjpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 73cbd2034c3cbb62-FRA
vary: User-Agent, Accept-Encoding
content-length: 66071
x-xss-protection: 1; mode=block

GET
H3 200 image.php
oxidizerain.com/ 496 KB
497 KB 265ms
263ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/image.php?img=images/products_image/macbookpro.png

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2567cac503d7a1e8508fa6d5d50427c36f8ba5b7af76f7164f625e9ca025d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4tTaGI3OfJZoQVNa295%2FVi%2BVp4fbS2Ho%2FM0rfOL1vtAtSLM40ogo6M9O98qEhZWwmwLyYePpWoe9I0q65DPRnHH9WW%2BjzB3KrE902GVYpX%2Fi%2Bbw2GIp4T9gxFUhRQEmv4WeNSnVDrPDC6Jz3N8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=604800
cf-ray: 73cbd2034c3fbb62-FRA
vary: User-Agent, Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 25 Aug 2022 15:53:05 GMT

GET
H3 200 deicg.png
oxidizerain.com/master/img/ 36 KB
37 KB 90ms
88ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/master/img/deicg.png

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

846db066c20f84092af64faa54b0895461e8457c7b1518487f50925235a1e2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113957
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37334
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meLgI25C2YCjJn53HVANDwHnWpUXUl5jxFTpJViypTnTU%2BFJ8zhilrFIfPz%2F%2FW5wxItrzj5c8SKQMTYFit0XcLALvuxmqWTT1F%2F0PHbfsLbDZdzn33%2BBmDP8i%2BWl7jSyjCcOM0cZii%2BWU6suh5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 73cbd2034c40bb62-FRA
expires: Wed, 24 Aug 2022 08:13:48 GMT

GET
H3 200 bcf7f117acc460e9148a3031c5b6c4e4.png
oxidizerain.com/master/img/ 4 KB
4 KB 90ms
88ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/master/img/bcf7f117acc460e9148a3031c5b6c4e4.png

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40282
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3947
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb67BNrqL3Qop8kgdNlqrlvaxDm6Hmj57XzH%2FaYTCjL2QFBiOeRX9hh2q7ibwcIjTHAfwiGD8IdQCU6Ad7p%2F1ayzwHcD1SNgf8zsfJRgPJShVd%2F6NNxS0qvV%2F5rC0D%2Fpb142xWt8lDnj%2FO3Twhk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 73cbd2034c42bb62-FRA
expires: Thu, 25 Aug 2022 04:41:43 GMT

GET
H3 200 x.png
oxidizerain.com/master/img/ 5 KB
6 KB 90ms
88ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxidizerain.com/master/img/x.png

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113957
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5389
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahzIwOhUAIJAXBII2rvlBhVhN2IfO6iDswjRdj1SoCJjX6rIKZDJYcx06zpujJ%2BeTb8WPceQ26JHIrfrBuZKjbd%2FlYvwwkfTMs2OH2wUfbUrtxCR01iVWn%2BLU0ZMomEebNBUa18ATaNuPj1zS6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 73cbd2034c45bb62-FRA
expires: Wed, 24 Aug 2022 08:13:48 GMT

GET
H3 200 q_de_edk.js Show response
oxidizerain.com/master/js/ 4 KB
1 KB 37ms
36ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/master/js/q_de_edk.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a75ac14d102a427340c10065c05349740df878eb997e6edecb1eb91b6f4d6e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Sep 2020 09:51:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNm44JPgM5y%2FGkTDfzFctRAVlTcMeGWcRVfkWrFe%2FlV7r%2B%2BskIndF%2BY6rk60%2FZlfojBMGulZvDFyVHBI0rEB65NK4K79113Dz0FWfF3nSmtJn3Zjh4PLFPNhfe6dQYR0UvhvSHtX8a2V01lJ75A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
cf-ray: 73cbd202db6abb62-FRA
expires: Tue, 23 Aug 2022 17:20:46 GMT

GET
H3 200 timer.js Show response
oxidizerain.com/master/js/ 619 B
879 B 32ms
31ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/master/js/timer.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eFECVU8mLU7NML7gS%2Fw7FsdJBRi8zTM7LtZSx2eO9dMGftRaMWvCEExHrkKsdzuk5atLI%2F5mV7Dln78Vfxwj0WPJcXlcE0NIwDW%2F2RkNFVhlgIjrPW4e8nt47WXSey5We5inL0hXbUBUliZMr0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 73cbd2031be2bb62-FRA
expires: Wed, 24 Aug 2022 08:13:46 GMT

GET
H3 200 modal.js Show response
oxidizerain.com/master/js/ 673 B
841 B 31ms
30ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oxidizerain.com/master/js/modal.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuDzMWk9AI3ZSODUtyNslPeNLDNVo%2FAE0UvHkDxmOgbcugcAHzWf%2FLIgI9hE5KCiyFyll7D0jLVTRfQZusU1n%2Br%2BrlHtgTCwuaiEiDosCoK9vDZmXOwKss1SRAnTfApKrxIknc%2BwHchQfVd5oyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 73cbd2032bfebb62-FRA
expires: Wed, 24 Aug 2022 08:13:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 78ms
31ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/master/css/main00.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8affc1a9a7084dd005ccc72ebc78e99a912e7fe7820025024bbb17a250c5fb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 15:53:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 18 Aug 2022 15:53:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Aug 2022 15:53:05 GMT

GET
H2 200 v9e118mez8 Show response
trk-praesentium.com/scripts/push/ 7 KB
3 KB 313ms
119ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-praesentium.com/scripts/push/v9e118mez8

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/inc/msg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9333aab854db43fb49e5c17d5777e592ac9a032fa23e65be9388215b3d6240b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu86%2FxJlUowhuJmDEhzgYA3uRl5hFhJ%2FlkvclvduhYUsy5tSbp%2Bg%2Bqu1wUHLREzFs56q4OaiDkb%2BBdbhjdNynIlC9cqH0HpGAQlDYVyD2JLykWoH29g3%2F8R2McsSLbgS9NwskvrTL7DZ2hADUtQD79mV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 73cbd2047fbc9250-FRA
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 209ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/inc/fbcode1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: VBTPIhBPmuc2v/2yayl/Md01HgiCIyoNl1MGJf8LJMEAdQ5isCizFL8N/N1BCjUp6+l/r1ZvIsCcgw/Td58Nqg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Thu, 18 Aug 2022 15:53:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 234ms
36ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: oxidizerain.com
URL: https://oxidizerain.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7905
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
x-amz-cf-id: 68W0kpqaa82RvWoZ9AaxY-WtmNRLsn37CDb6tjXgW_1I7Dy7mDF8Qg==

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 330ms
132ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1660837985794
Requested by: Host: oxidizerain.com
URL: https://oxidizerain.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6862752d-ddb0-4038-a9b7-f962b36aa27f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 73cbd2048850bb50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H2 200 lf20_NxuRdg.json Show response
assets3.lottiefiles.com/temp/ 20 KB
2 KB 216ms
24ms XHR
application/json 2600:9000:206f:de00:2:49a2:4500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets3.lottiefiles.com/temp/lf20_NxuRdg.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: XpGQn9jTqdCH_09IHXy3AQYee1_F_s91
content-encoding: gzip
etag: W/"1b4e549cdda1e3a3e3f75846ec48beea"
age: 243
x-cache: Hit from cloudfront
access-control-max-age: 1800
access-control-allow-origin: *
last-modified: Wed, 03 Apr 2019 15:01:36 GMT
server: AmazonS3
date: Thu, 18 Aug 2022 15:53:06 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: x4eH9KrEUi5yGlvs0NThMohWy8sS55noyAMKUvrLnSvrCI7Hl0RHJw==

GET
H2 200 lf20_NxuRdg.json Show response
assets3.lottiefiles.com/temp/ 20 KB
2 KB 216ms
24ms Fetch
application/json 2600:9000:206f:de00:2:49a2:4500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets3.lottiefiles.com/temp/lf20_NxuRdg.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: XpGQn9jTqdCH_09IHXy3AQYee1_F_s91
content-encoding: gzip
etag: W/"1b4e549cdda1e3a3e3f75846ec48beea"
age: 243
x-cache: Hit from cloudfront
access-control-max-age: 1800
access-control-allow-origin: *
last-modified: Wed, 03 Apr 2019 15:01:36 GMT
server: AmazonS3
date: Thu, 18 Aug 2022 15:53:06 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vpEA1EAYB82oJnAyD6Vucop2tlMIWxiZzMa7TCM0_WCFu1bQkNPSSg==

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 198ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oxidizerain.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 21:03:37 GMT
x-content-type-options: nosniff
age: 67769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 21:03:37 GMT

GET
H3 200 399694290689525 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 42ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/399694290689525?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd10a2853697053700cf3e887cc0cf096de70da0f2b01bcc34d3551f94f3dee1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85962
x-xss-protection: 0
pragma: public
x-fb-debug: pm2mcwC2Tx5vTmHsAZ8NLGDrvQuaf0I6h1jjfO63ydIZOaCNKIAaQNWhjfMIPt+HnzIsfnVrMIibebZPLbTOhQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 18 Aug 2022 15:53:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660837917515
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
479 B 175ms
28ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://oxidizerain.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
164 B 176ms
30ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&tld=com

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6754cecbb1ee2d4c965ee52e5f456f6cc258b124b93e5ce046f0e99edd35fa10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://oxidizerain.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 1240 0
294 B 164ms
31ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1&u_scsid=f2bbd9a2-3ddb-4e12-b392-69354d31e1cc&u_sclid=f6d1cd6a-0ed6-47b3-b174-f396d1e26dbe

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://oxidizerain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 18 Aug 2022 15:53:06 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p Show response
tr.snapchat.com/ Frame C982 68 B
276 B 139ms
34ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://oxidizerain.com
Referer: https://oxidizerain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://oxidizerain.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Thu, 18 Aug 2022 15:53:06 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p Show response
tr.snapchat.com/ Frame C49C 68 B
315 B 135ms
32ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://oxidizerain.com
Referer: https://oxidizerain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://oxidizerain.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 68
content-type: text/html
date: Thu, 18 Aug 2022 15:53:06 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
273 B 166ms
128ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Foxidizerain.com%2F%3F4027b5faff3dec9abca324c23777d624&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1660837986140
Requested by: Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 73cbd205ac83bbdf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 99ms
31ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Foxidizerain.com%2F%3F4027b5faff3dec9abca324c23777d624&rl=https%3A%2F%2Fcorelatingus.com%2F&if=false&ts=1660837986155&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660837986154.1799197011&it=1660837986057&coo=false&rqm=GET

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 18 Aug 2022 15:53:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 99ms
31ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Foxidizerain.com%2F%3F4027b5faff3dec9abca324c23777d624&rl=https%3A%2F%2Fcorelatingus.com%2F&if=false&ts=1660837986157&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660837986154.1799197011&it=1660837986057&coo=false&rqm=GET

Requested by

Host: oxidizerain.com
URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 18 Aug 2022 15:53:06 GMT

POST
H3 200 v9e118mez8
event.trk-praesentium.com/register/event_log/ 0
0 182ms
159ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-praesentium.com/register/event_log/v9e118mez8

Requested by

Host: trk-praesentium.com
URL: https://trk-praesentium.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oxidizerain.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71CaDmm27Y91uQyAF89gQttN6SXTtOi%2FCveYRpAcrTUTW72QcZ8huoZJM2JCWpF5PwRrABOHAi8R4C6Zx8eZm9I5vBOBeHMfiE88y%2B9%2FJq9kWr8oOxau%2BDISCRXTu7zvd4cNo6lDAeNIF%2FEnlCW2gc1CRlCHNtfM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://oxidizerain.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 73cbd2096ae79136-FRA
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-praesentium.com/register/event_log/ Frame 0
0 271ms
212ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-praesentium.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://oxidizerain.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://oxidizerain.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73cbd207ed2e9b92-FRA
content-length: 0
date: Thu, 18 Aug 2022 15:53:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3Y5gi%2B2TzeqfmmFigLYqdw91yuCThMi1Yh2j%2FrfJR9B6uZkxRnk32ArCCo%2FTx93n7VubpMJaPoiC29f8vXK4hjBVg0fhbO5VGYs0BjlGAqNZwbiLsWTrxhNo2c88Edmtd7HMecuIVaZ6p72bBfq%2FU5%2B9UbaSz5L"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 v9e118mez8
event.trk-praesentium.com/register/event_log/ 0
0 157ms
129ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-praesentium.com/register/event_log/v9e118mez8

Requested by

Host: trk-praesentium.com
URL: https://trk-praesentium.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oxidizerain.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 18 Aug 2022 15:53:06 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAAswEx%2FkSnUQbh%2FZsX0VTjYReLXBMq4lcHrOQILO%2B81CPstv0M4revTFbWDF5gUtvU6wa%2BdXQVD1FFZNFVu%2F7xKt30c4V3xtnEtvw7I3JXOsM94XcsLZAR2d5rFbxanOTLSWvPTcVozdgj%2BtnQwchZ%2BPcps5EeV"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://oxidizerain.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 73cbd2096ae39136-FRA
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-praesentium.com/register/event_log/ Frame 0
0 265ms
207ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-praesentium.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://oxidizerain.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://oxidizerain.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73cbd207ed319b92-FRA
content-length: 0
date: Thu, 18 Aug 2022 15:53:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm%2FOpJi2ILUFqkcjp1mpuVADeoZYaciBNDfBMPRawm5Bxzt0Zm84IFg6TKdyyzYgop3JcrmOv5VzRiljo%2FfgzVvVzS49hK1POLZmf0WX45Iud3AUwc35LPvEIu52mFWHIbvqQr19dAnWoR%2F0qSU%2F8aE1XATg6NFY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 63ms
30ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=Microdata&dl=https%3A%2F%2Foxidizerain.com%2F%3F4027b5faff3dec9abca324c23777d624&rl=https%3A%2F%2Fcorelatingus.com%2F&if=false&ts=1660837987658&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22K%C3%A4uferumfrage%20-%20Wir%20m%C3%B6chten%20Ihre%20Meinung!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=2&o=30&fbp=fb.1.1660837986154.1799197011&it=1660837986057&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oxidizerain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 15:53:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 18 Aug 2022 15:53:07 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online) Customer Survey Spam (Consumer)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 05:22:04	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
corelatingus.com/	1970-01-20 06:03:53	Name: uid1230 Value: 781813699-20220818115304-acc422eb71b031d0d7ac253bf0cb2324-0
cenariocrusade.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6728000ce5f46db3d22ea29edf47c8dc
oxidizerain.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: dfbabbad3507b690b771d60e6f0e397b
.oxidizerain.com/	1970-01-20 14:50:24	Name: _scid Value: 4935468f-edf9-495c-b0dc-dbcb1cc9e34b
.mgid.com/	1970-01-20 05:20:39	Name: __cf_bm Value: nJjVB2vjVkQ8iqT1gdF7ZgEhES.9tXEieOgXOA.v5RY-1660837986-0-Af6DZQrSGHP8/feMJe7/hciaExqPS9lNv3bhzNP1PKXt++6FJ3hFsYa7OBoqojKFKs5RnGDm7ucSyg8GlS0jJ4g=
oxidizerain.com/	1970-01-20 07:30:13	Name: MgidSensorNVis Value: 1
oxidizerain.com/	1970-01-20 07:30:13	Name: MgidSensorHref Value: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624
.oxidizerain.com/	1970-01-20 07:30:13	Name: _fbp Value: fb.1.1660837986154.1799197011
.snapchat.com/	1970-01-20 14:42:13	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgREAMQQEwIrM4DmunPxEF4rPboXWTFA64RL8XXj9yjkMswrk5K4B2l+xsfoAt9llXDIAAAA=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://oxidizerain.com/master/js/rndm_ppl_cmt_ger.js Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://oxidizerain.com/?4027b5faff3dec9abca324c23777d624 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
assets3.lottiefiles.com
cenariocrusade.com
code.jquery.com
connect.facebook.net
corelatingus.com
event.trk-praesentium.com
fonts.googleapis.com
fonts.gstatic.com
oxidizerain.com
roohi.facilityproducer.org.uk
sc-static.net
tr.snapchat.com
trk-praesentium.com
unpkg.com
www.facebook.com
104.19.133.78
176.57.51.168
18.66.120.247
185.92.47.167
2001:4de0:ac18::1:a:3b
2600:9000:206f:de00:2:49a2:4500:93a1
2606:4700:3032::ac43:a53c
2606:4700::6810:7caf
2a00:1450:4001:801::2003
2a00:1450:4001:82b::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3120::c
35.190.43.134
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
204d5a3538e51529f2c2cc56c90c4023cb0bbad4bd03e9c116cbcfffd616952b
2ea6b093885ce53036c4b381a1ce1496d53029b9a205fe9471666022efde5d8f
2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541
30abbcea5f8fb2a97caae4dd9368cfe177ab288bbc0e90437cfec4cf231f31af
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
52a7a75763f4563aa006161015634eb6117f7257883e93062fbeef2bf8c92b97
597fb65af1d452e7346e3d24adead2908ddf2c3bae4a6ae5c4e7440e33bd39b4
61fb35acee02253526f14228009a0cf1d5c976b925611826b0b6b8ecfa17a6a4
6754cecbb1ee2d4c965ee52e5f456f6cc258b124b93e5ce046f0e99edd35fa10
69cca5a5e4031bb956c2b89e4133476c880d5dfd1890ec961fa8dc2ddd978a64
7d4fae8695dd32226793b6eb343e2acad53294dff39c07c6668fb413b08fcc35
846db066c20f84092af64faa54b0895461e8457c7b1518487f50925235a1e2ba
8affc1a9a7084dd005ccc72ebc78e99a912e7fe7820025024bbb17a250c5fb44
9333aab854db43fb49e5c17d5777e592ac9a032fa23e65be9388215b3d6240b4
99a251662165f4ce8a58450330d03b4578f05a17a3aa625f9cae9f8867b91868
a326605a77d7ff8b446f6f62ef2c2a48e02e3ec8ebe420fd9d1d1b1152e4db11
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
a75ac14d102a427340c10065c05349740df878eb997e6edecb1eb91b6f4d6e75
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef
ba47b93e6158518cc38cd1ef5c4c597a303e2c4252d3e1c89cf5882fe25c9faa
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
ced336f320481d07e503b0ef7585830654dc12643c54a6ae3faf81d30e642ebc
d2567cac503d7a1e8508fa6d5d50427c36f8ba5b7af76f7164f625e9ca025d86
d4d2c5c9d0208261f7c2b111958538a938334cef0081ecc6660fc28a9cae2c33
dd78ebc14b4d1ddfc04722b004542fbfdd74d6453039bfaa6489688ab20ecd63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2d4d82c892eb204f4b9a3d53fe8e9c249eb87c07f77992c90ce38db49f904d2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd10a2853697053700cf3e887cc0cf096de70da0f2b01bcc34d3551f94f3dee1

oxidizerain.com Open in urlscan Pro 2a06:98c1:3120::c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

67 %IPv6

15 Domains

16 Subdomains

13 IPs

6 Countries

1140 kBTransfer

1974 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oxidizerain.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

67 %
IPv6

15
Domains

16
Subdomains

13
IPs

6
Countries

1140 kB
Transfer

1974 kB
Size

10
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!