| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css |  104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 319134
expires: Wed, 09 Apr 2025 11:20:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HS4zWCUmeG%2BN%2FfDrCY9RwSsgOqm0o7sDK3rEmOHzpmctfDc3lImlvaDorW%2BVkNvs0ozD9cx25JmINMs%2FRPVBSjNZWVQ2mWpPJ9LJyAMb8y8Nfg4JyU8BIq6tRDI%2F9%2Fd9nylwJWcZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c81eec81356b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js | 104.17.25.14 | | 37 kB |
URL cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js IP104.17.25.14:0
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65357) Hash87d84bf8b4cc051c16092d27b1a7d9b3 c8b4c65651921d888cf5f27430dfe2ad190d35bf 53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
GET /ajax/libs/materialize/1.0.0/js/materialize.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 36877
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03efe-2c375"
last-modified: Mon, 04 May 2020 16:12:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 737260
expires: Wed, 09 Apr 2025 11:20:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qunqWuIfMLVb%2Bdq393ldpwNKmTd4XxQU904Hx3jDGK3V7qo2He1A4EWtmtV81eC6tDOhg4PpF4rm1AbzBAdIZfuzJztoL1kj%2BzqKpXfF8ZE7dOHG%2BjFQvjdq5JaZlL1gLKWze2x4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c81eec81456b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.2.184 | 302 Found | 0 B |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/api.js IP104.17.2.184:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 19 Apr 2024 11:20:49 GMT
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/471dc2adc340/api.js
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c81eed9480b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js |  151.101.194.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.194.137:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Apr 2024 11:20:49 GMT
age: 5983269
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 110996
x-timer: S1713525650.789021,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.7.1.min.js | 151.101.194.137 | 200 OK | 30 kB |
URL GET HTTP/2code.jquery.com/jquery-3.7.1.min.js IP151.101.194.137:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /jquery-3.7.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-155ed"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Apr 2024 11:20:49 GMT
age: 18724986
x-served-by: cache-lga21978-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 74, 29502
x-timer: S1713525650.807583,VS0,VE0
vary: Accept-Encoding
content-length: 30336
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/assets/img/yourlogo.png | 172.67.211.102 | | 6.9 kB |
URL new2.gdtot.dad/assets/img/yourlogo.png IP172.67.211.102:0
File typePNG image data, 145 x 56, 8-bit/color RGBA, non-interlaced Hashef828afcc39740064de4ac075396b2cb ea137e2ffb0c3b61203089e5bfc12e8aa0ffcd8a 12fb3d7a292f300b5cd167e05eee8823d1c998ddcbc61e1e09357868241838ca
GET /assets/img/yourlogo.png HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/3450503356
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: image/png
content-length: 6865
last-modified: Mon, 14 Sep 2020 08:36:34 GMT
etag: "5f5f2b92-1ad1"
expires: Fri, 19 Apr 2024 11:21:49 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUErQd4RoX%2Fow%2Flj4F0JWXd%2BG%2BAIfNAFl4QFcPwmG%2BbtZFvaR9A7i5S9kMQmA5q1AJIUnGzvWdfpLstF%2BdNVcYGvIUsRK97Kd6cz0rz3hKFLT1OYA4v0QXQvO96rBlZ11A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c81eebdb4b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| new2.gdtot.dad/file/3450503356 | 172.67.211.102 | | 104 kB |
URL new2.gdtot.dad/file/3450503356 IP172.67.211.102:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (569) Size104 kB (104472 bytes) Hash1651ddd003b289aef8f0de7a42962eba 4f2f58444c42ebae1b0ef4206581be3a7601ce56 e405743748e0650105984ed3385350dcbfb85d642ebf857537c2c64f27c29a73
GET /file/3450503356 HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=al5os043enn2biakhejbrocm09; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjqsOye5zdI0wt%2BjlCh3qGJbFNBRzijWHluaZOyD9mJfqhiuU7nxb92xaIt84b11QPO98lfGm8NJIoLn7ankHbh12ZHdB5EDhkbhqewoCWsU4up0JVIP0sDtPhmf%2BhteWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c81ec5c305687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| greenfox.ink/d/asyncjs.php |  5.45.74.150 | | 4.4 kB |
URL greenfox.ink/d/asyncjs.php IP5.45.74.150:0
File typeJavaScript source, ASCII text, with very long lines (4401), with no line terminators Hash7dd2e8fda9c2505366169943cbf2d2d2 3b64b2fc61220dfc88ed53644eb786e313183c61 aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
GET /d/asyncjs.php HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 19 Apr 2024 11:20:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Expire: Fri, 19 Apr 2024 12:20:50 GMT
Cache-Control: private, max-age=3600
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; secure; SameSite=none
|
|
| new2.gdtot.dad/assets/vendor/jquery-easing/jquery.easing.min.js | 172.67.211.102 | | 1.3 kB |
URL new2.gdtot.dad/assets/vendor/jquery-easing/jquery.easing.min.js IP172.67.211.102:0
File typeJavaScript source, ASCII text, with very long lines (2532), with no line terminators Hashe2d41e5c8fed838d9014fea53d45ce75 bde98133f735398b27339c423a817e755329f7d1 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
GET /assets/vendor/jquery-easing/jquery.easing.min.js HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/3450503356
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: application/javascript
last-modified: Wed, 15 Apr 2020 12:50:02 GMT
vary: Accept-Encoding
etag: W/"5e9702fa-9e4"
expires: Fri, 19 Apr 2024 11:21:49 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KXIXdUUc5riRiM4SG0egDw3e7Bn9AuCN0W6FZ1uid5AxqHtbMRbLnB9f%2BiLyxqe%2FZ6%2F%2FdqIkLX4hBHn9AHVJGY0BwqOO%2Bpn9cRz3Zfc4cqD8Nh6lEX783GXuj4ZAGwNzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c81eecdc0b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js | 104.17.249.203 | | 51 kB |
URL unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js IP104.17.249.203:0
File typeJavaScript source, ASCII text, with very long lines (40808), with no line terminators Hashf3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
GET /sweetalert@2.1.2/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new2.gdtot.dad/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
via: 1.1 fly.io
fly-request-id: 01HFTTAHA38FKXHYAKJFYNFQAJ-arn
cf-cache-status: HIT
age: 12892319
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876c81f0bff856cb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 | 216.58.207.227 | | 39 kB |
URL fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 39124, version 1.0 Hash86b73ab5f530be7984b704414f2a711d 8e297794ed7b6f5ea476d14b5270df12e8f3e42a 1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:54:15 GMT
expires: Fri, 18 Apr 2025 02:54:15 GMT
cache-control: public, max-age=31536000
age: 116795
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/assets/vendor/fontawesome-free/css/all.min.css | 172.67.211.102 | | 51 kB |
URL new2.gdtot.dad/assets/vendor/fontawesome-free/css/all.min.css IP172.67.211.102:0
File typeASCII text, with very long lines (56331) Hash164a58dcca37a5b00c22e06ee8e2fc68 72fee61a5a92cdc35b77313f3637a117310119f5 ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
GET /assets/vendor/fontawesome-free/css/all.min.css HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/3450503356
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: text/css
last-modified: Wed, 15 Apr 2020 12:50:00 GMT
vary: Accept-Encoding
etag: W/"5e9702f8-dcc5"
expires: Fri, 19 Apr 2024 11:21:49 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VbM%2FuTnqsfi24jg3UlWKzgWdSHCmRjcvAJsi4jHhggCPtWWPZzyD07gUDJCnFJA6XQFAwraG7%2FhhTbyVCOy28A5yVRhtJQNlfKV4v%2BowEFoOPO83guDKf0%2BsQGwS8czq6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c81eeada8b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| greenfox.ink/d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cnew1.gdtot.zip&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356 | 5.45.74.150 | 200 OK | 1.2 kB |
URL GET HTTP/1.1greenfox.ink/d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cnew1.gdtot.zip&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356 IP5.45.74.150:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerLet's Encrypt Subjectgreenfox.ink Fingerprint82:2D:5F:1E:AC:8C:02:92:BB:CF:26:E1:04:FA:B7:70:35:A5:91:70 ValidityMon, 15 Apr 2024 06:21:32 GMT - Sun, 14 Jul 2024 06:21:31 GMT
Hash951324bc3c9f4ad3f990646a3b7423fe 94a22c2dfb3d256c711553eaaf4be25ee8b42425 eb229f04ca42fe61f4803b6cbe94a7ca3f146e48c642841d29a204ec10db593b
GET /d/asyncspc.php?zones=6%7C7&prefix=revive-0-&cphost=43509b58b68d940f8734726dfed6c5c8%7C1%7Cnew1.gdtot.zip&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356 HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 19 Apr 2024 11:20:50 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=5252e6bdacbf3fccc292be940e8db42c; expires=Sat, 19-Apr-2025 11:20:50 GMT; Max-Age=31536000; path=/; secure; SameSite=none
Access-Control-Allow-Origin: https://new2.gdtot.dad
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.25.14 | | 77 kB |
URL cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.25.14:0
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4384866
expires: Wed, 09 Apr 2025 11:20:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHP5Zktcoj0xY1MIL5g07dMR5LQA%2BRA46zu17Urfw8sRcDWZQrioGS1BL5VD%2BKrucoPqah1DLzcvTudjCGiP8LTdk2%2B3H7sQwmfOcuVK8EvpAqrpm1iqqfLkX9FRecMh1UKIosNO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c81f2aa6356c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| new2.gdtot.dad/assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2 | 172.67.211.102 | | 75 kB |
URL new2.gdtot.dad/assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2 IP172.67.211.102:0
File typeWeb Open Font Format (Version 2), TrueType, length 75408, version 330.15859 Hashd6d8d5da9214dc7d46b297672a602d55 9991033ce701c9a3d092ba2263a6a89c4d7e21da 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
GET /assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/assets/vendor/fontawesome-free/css/all.min.css
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09; _ga_HKW4S7DDMP=GS1.1.1713525650.1.0.1713525650.0.0.0; _ga=GA1.1.1706690824.1713525650
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: font/woff2
content-length: 75408
last-modified: Wed, 15 Apr 2020 12:50:02 GMT
etag: "5e9702fa-12690"
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 11:21:50 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Md3AhBDASsPDlcaPQYDomT62LLaVnQTs5rMa%2BqnoLnHahukTbNH4xCAfRXWpwBf0CcrcTPqSV342iWmM9YTIyxBabAPXqsd9PcqDUUUbXwJ8O%2FUVTbqX07D3DrAIn3%2F1jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c81f1a89bb52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| new2.gdtot.dad/assets/vendor/bootstrap/js/bootstrap.bundle.min.js | 172.67.211.102 | 200 OK | 23 kB |
URL GET HTTP/3new2.gdtot.dad/assets/vendor/bootstrap/js/bootstrap.bundle.min.js IP172.67.211.102:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65297) Hasha454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
GET /assets/vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/3450503356
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: application/javascript
last-modified: Wed, 15 Apr 2020 12:49:58 GMT
vary: Accept-Encoding
etag: W/"5e9702f6-1332b"
expires: Fri, 19 Apr 2024 11:21:49 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6YDN6eaSk%2Fh%2FA9gN5JAfzBQjb6l%2B0Zn7g4MJPl4IaOXoJPjdey5QQB7X2dS4PpXAdlB%2BPgJR5%2FuvvRCZr7c1Gw0DfLAppvtJsuF8425d1bfUcASZ4mPQ2hL7eJbpn0EM7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c81eecdbbb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&cb=da57f5f199 | 5.45.74.150 | | 43 B |
URL greenfox.ink/d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&cb=da57f5f199 IP5.45.74.150:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=4&campaignid=1&zoneid=6&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&cb=da57f5f199 HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=5252e6bdacbf3fccc292be940e8db42c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 19 Apr 2024 11:20:50 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=5252e6bdacbf3fccc292be940e8db42c; expires=Sat, 19-Apr-2025 11:20:50 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| new2.gdtot.dad/assets/js/sb-admin-2.min.js | 172.67.211.102 | | 26 kB |
URL new2.gdtot.dad/assets/js/sb-admin-2.min.js IP172.67.211.102:0
File typeJavaScript source, ASCII text, with very long lines (854) Hash35981960a6594dbe56f6c8731a1b94b4 bf9a234b7c841ff4855fce0c0b3887ce74901f51 b427d8f35f62c5248275f275507fcff1f57dfcf743d9a95d12083a4ded0768e5
GET /assets/js/sb-admin-2.min.js HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/3450503356
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: application/javascript
last-modified: Wed, 15 Apr 2020 12:49:58 GMT
vary: Accept-Encoding
etag: W/"5e9702f6-452"
expires: Fri, 19 Apr 2024 11:21:49 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wm3OuTw7xLa%2BjFYGFJKrtodcVQCFtPftDj4e%2FZF4%2B90cCgO5uBMeEqe1soWbAfdQ4GHxymr%2FZ3a7Gkj0WTRfJ6b7LpwBQ2p7v2xLO87xIE%2FUX9Wm1rnTIHa%2BZExhVmfaIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c81eecdc6b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&event_type=1&rand=da57f5f199 | 104.21.92.76 | | 42 B |
URL px.greenfox.ink/pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&event_type=1&rand=da57f5f199 IP104.21.92.76:0
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixel.gif?ad_type=1&banner=4&advertiser=1&cp_host=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&event_type=1&rand=da57f5f199 HTTP/1.1
Host: px.greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: image/gif
content-length: 42
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: unq-user-id=aaaaaaaaaa; Path=/; Domain=px.greenfox.ink; Max-Age=31536000; HttpOnly; Secure; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8OgmQT2GSOhzabz1%2BAnPdn7hPxMHT9uEl3iOXu6l1OO3VXk4b9feDKhXd%2BIs9KOzAiXr%2FWy11aaMRsgOcaAnAYWaMvHgMT7bcCV%2FzwNtxQI0bYpZOCDrqcfrBNqyQv8pz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c81f399e056a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&cb=c8b1f46272 | 5.45.74.150 | | 43 B |
URL greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&cb=c8b1f46272 IP5.45.74.150:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&cb=c8b1f46272 HTTP/1.1
Host: greenfox.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0478%7C59.9016%7C10.7343%7C10%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; OAID=5252e6bdacbf3fccc292be940e8db42c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 19 Apr 2024 11:20:50 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.30
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: OAID=5252e6bdacbf3fccc292be940e8db42c; expires=Sat, 19-Apr-2025 11:20:50 GMT; Max-Age=31536000; path=/; secure; SameSite=none
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p6fif/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p6fif/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 876c81f3f89c5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876c81f2df535685 | 104.17.2.184 | | 173 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876c81f2df535685 IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size173 kB (172802 bytes) Hash045cdeb936b561a4e900ede228ed4e2c 1b11091f8a3b7e2d9882e0b36e8f1d0a156a9316 3a9ee48e87a06e97d78cb01416f2f49e791efc11767893fd81781a25ba40fdb8
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876c81f2df535685 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p6fif/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 876c81f3f8a05685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=00804352b5224df8e73b14d6dff392f3 |  139.45.195.8 | | 65 B |
URL my.rtmark.net/gid.js?userId=00804352b5224df8e73b14d6dff392f3 IP139.45.195.8:0
Hash6d1ca0a04427810d9ea9857fa86144b9 6ac94286cc9d540af3e60c7a8d7efd3c20a68ee9 851be6d17a0e375a0489e6a746b4f87d285757971f4a96db0d043e2f802e5782
GET /gid.js?userId=00804352b5224df8e73b14d6dff392f3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://new2.gdtot.dad
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00804352b5224df8e73b14d6dff392f3; expires=Sat, 19 Apr 2025 11:20:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/assets/css/sb-admin-2.min.css | 172.67.211.102 | 200 OK | 74 kB |
URL GET HTTP/3new2.gdtot.dad/assets/css/sb-admin-2.min.css IP172.67.211.102:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash54e6431e3465bfb553322b2013cc8b9b 94a4aa15128463bb03dd46e558862918cfee27fb 448798a73abf99a736eb3a5ba61d5d377ddbfab67d9326a2db23170bcdc4016f
GET /assets/css/sb-admin-2.min.css HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/3450503356
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: text/css
last-modified: Wed, 29 Apr 2020 06:12:46 GMT
vary: Accept-Encoding
etag: W/"5ea91ade-28f80"
expires: Fri, 19 Apr 2024 11:21:49 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5qwyheFQzRzevn9jk2sMQiYKhtcEgf6RLe1V%2FNK4wPC1vT3JpFUN8kfG%2BtYZS%2Fg1FmrAojn%2FZ0LS8H72e0S%2BV2pSKsKF8E7rMSTNGgZKOuJfHoRwv6AMummb1%2BHaDnw6VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c81eebdb2b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/876c81f2df535685/1713525651038/0275612c23dbdd2f2028e310d1d17d119706b0c8757f64fb47e2c92178f7ad43/eXcUl6pcu60HUKv | 104.17.2.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/876c81f2df535685/1713525651038/0275612c23dbdd2f2028e310d1d17d119706b0c8757f64fb47e2c92178f7ad43/eXcUl6pcu60HUKv IP104.17.2.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/876c81f2df535685/1713525651038/0275612c23dbdd2f2028e310d1d17d119706b0c8757f64fb47e2c92178f7ad43/eXcUl6pcu60HUKv HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p6fif/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Fri, 19 Apr 2024 11:20:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gAnVhLCPb3S8gKOMQ0dF9EZcGsMh1f2T7R-LJIXj3rUMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIAJ1YSwj290vICjjENHRfRGXBrDIdX9k-0fiySF4961DABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 876c81fa88335685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ausoafab.net/?rb=Ow1LYjRsos71uaIsKxJxPjkR4cpuh47l50VakzRGk3-kClMibTMNjwpyGGiimK0xapPAYqpZayUHHqeITsGipdfEOdBGEganoytYJcHH-Uc7C5o_Q1KHY89MLJLSnqM7nSIUYIF06rtPPwTE5lO6meXFv2ikjTNK2TqSyiVOwTN4fE0ASB_BFsoAaM2k9PkbZDQxjihR0Gmn0Yc04SzaxKHwNjRwivgPGAPv0VIOc3HsT8H8uX0ntR4t3DtA-n4s2JW2G3jHh4wE-ASGw4I7yQ%3D%3D&request_ab2=0&zoneid=3621940&js_build=iclick-v1.776.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.776.0&navlng=en-US&pnt=0&pnrc=0&wasm=1&bs=1b0654e6-8698-44ad-a6cb-05fd2b8bda2e&userId=00804352b5224df8e73b14d6dff392f3&m=link | 139.45.197.239 | 200 OK | 117 kB |
URL GET HTTP/2ausoafab.net/?rb=Ow1LYjRsos71uaIsKxJxPjkR4cpuh47l50VakzRGk3-kClMibTMNjwpyGGiimK0xapPAYqpZayUHHqeITsGipdfEOdBGEganoytYJcHH-Uc7C5o_Q1KHY89MLJLSnqM7nSIUYIF06rtPPwTE5lO6meXFv2ikjTNK2TqSyiVOwTN4fE0ASB_BFsoAaM2k9PkbZDQxjihR0Gmn0Yc04SzaxKHwNjRwivgPGAPv0VIOc3HsT8H8uX0ntR4t3DtA-n4s2JW2G3jHh4wE-ASGw4I7yQ%3D%3D&request_ab2=0&zoneid=3621940&js_build=iclick-v1.776.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.776.0&navlng=en-US&pnt=0&pnrc=0&wasm=1&bs=1b0654e6-8698-44ad-a6cb-05fd2b8bda2e&userId=00804352b5224df8e73b14d6dff392f3&m=link IP139.45.197.239:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerLet's Encrypt Subjectausoafab.net Fingerprint33:F7:E4:A2:F2:C5:7C:F7:5D:6D:04:07:63:1B:94:6B:99:7D:33:A9 ValiditySat, 24 Feb 2024 05:17:49 GMT - Fri, 24 May 2024 05:17:48 GMT
File typegzip compressed data, max speed, from Unix Size117 kB (116747 bytes) Hash3ee1da27be25d34b6caa1cf6803e4fe4 a222e5ee8a5eca72051af128aa496ee003ce6c56 b8dae09a6dae0854e6186fbb023eba1b485e8026b7a37c1247ac0e12ec250cce
GET /?rb=Ow1LYjRsos71uaIsKxJxPjkR4cpuh47l50VakzRGk3-kClMibTMNjwpyGGiimK0xapPAYqpZayUHHqeITsGipdfEOdBGEganoytYJcHH-Uc7C5o_Q1KHY89MLJLSnqM7nSIUYIF06rtPPwTE5lO6meXFv2ikjTNK2TqSyiVOwTN4fE0ASB_BFsoAaM2k9PkbZDQxjihR0Gmn0Yc04SzaxKHwNjRwivgPGAPv0VIOc3HsT8H8uX0ntR4t3DtA-n4s2JW2G3jHh4wE-ASGw4I7yQ%3D%3D&request_ab2=0&zoneid=3621940&js_build=iclick-v1.776.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fnew2.gdtot.dad%2Ffile%2F3450503356&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.776.0&navlng=en-US&pnt=0&pnrc=0&wasm=1&bs=1b0654e6-8698-44ad-a6cb-05fd2b8bda2e&userId=00804352b5224df8e73b14d6dff392f3&m=link HTTP/1.1
Host: ausoafab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new2.gdtot.dad/
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Cookie: OAID=00804352b5224df8e73b14d6dff392f3; oaidts=1713525650
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: application/json
x-trace-id: b1a2193adf3e79c26064387ec683c8a5
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://new2.gdtot.dad
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804352b5224df8e73b14d6dff392f3; expires=Sat, 19 Apr 2025 11:20:50 GMT; path=/; secure; SameSite=None
oaidts=1713525650; expires=Sat, 19 Apr 2025 11:20:50 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 26 Apr 2024 11:20:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ausoafab.net/5/3621940/?oo=1&aab=1&var=control | 139.45.197.239 | 200 OK | 9.7 kB |
URL GET HTTP/2ausoafab.net/5/3621940/?oo=1&aab=1&var=control IP139.45.197.239:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerLet's Encrypt Subjectausoafab.net Fingerprint33:F7:E4:A2:F2:C5:7C:F7:5D:6D:04:07:63:1B:94:6B:99:7D:33:A9 ValiditySat, 24 Feb 2024 05:17:49 GMT - Fri, 24 May 2024 05:17:48 GMT
File typegzip compressed data, max speed, from Unix Hash2a93408f82b827f89e05b5a5631d28a8 7aa7c774400016eabb64cf0377228735e18612e9 3dfa96eaa399b1b6db98ac30e816185d4b5d8eb11c5ade1616aee1169e0dec32
GET /5/3621940/?oo=1&aab=1&var=control HTTP/1.1
Host: ausoafab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://new2.gdtot.dad
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: application/json
x-trace-id: bac1cb31392198aadf689ad0c89918e1
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://new2.gdtot.dad
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00804352b5224df8e73b14d6dff392f3; expires=Sat, 19 Apr 2025 11:20:50 GMT; path=/; secure; SameSite=None
oaidts=1713525650; expires=Sat, 19 Apr 2025 11:20:50 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg | 172.67.220.231 | | 11 kB |
URL revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg IP172.67.220.231:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash35e6b10f8a807fcb3e744829a6bf35da d396562d6d349e6a9f4f3f69e4fcc3893a7c4eaa dacf7062e16445a83957c5d6bbdefb2f91892d64f84bd64cdf1759769e405bf5
GET /?type=2&service=test&advertiser=BATERY_PageBanners&custom=43509b58b68d940f8734726dfed6c5c8|1|new1.gdtot.zip&atype=2&banner=BATERY_ipl&redirect=https%3A%2F%2Famd-cdn-1.custacin-crowlexing-i-283.site%2Fcontent%2Fstream%2FBatery%2F500x200_ipl_2024_22_march.jpg HTTP/1.1
Host: revive.stats.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: text/html; charset=UTF-8
location: https://amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg
set-cookie: user_uniq_id=23719F612B53086108CCB1E79A49A2D4; expires=Sat, 19-Apr-2025 11:20:50 GMT; Max-Age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3O4PqXnoQUybflEz%2FNTbq7K340xIi3cqT32988BVnW8OmQgGkTogjVszq5rIM%2FgluQT71Hy7SIg4ZIiiIXLhctmFU8566RClfjmdZChN%2FZ4LyZqjMic28IYTj0yF5gmwdfX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c81f38a995693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unpkg.com/sweetalert/dist/sweetalert.min.js | 104.17.249.203 | 302 Found | 41 kB |
URL GET HTTP/2unpkg.com/sweetalert/dist/sweetalert.min.js IP104.17.249.203:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sweetalert/dist/sweetalert.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /sweetalert@2.1.2/dist/sweetalert.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HVV15QSK7A3CV16H7Q3KT0GE-arn
cf-cache-status: HIT
age: 234
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876c81ef1e1356cb-OSL
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/assets/js/gdtot.min.js | 172.67.211.102 | 200 OK | 41 kB |
URL GET HTTP/3new2.gdtot.dad/assets/js/gdtot.min.js IP172.67.211.102:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typeJavaScript source, ASCII text, with very long lines (40808), with no line terminators Hashf3b8ce97ff6ce324da6232da353adf40 2a3daabc70232c6350ab48d32605dc4a6ac1f1fa 2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
GET /assets/js/gdtot.min.js HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/3450503356
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: application/javascript
last-modified: Sat, 02 May 2020 08:19:58 GMT
vary: Accept-Encoding
etag: W/"5ead2d2e-9f68"
expires: Fri, 19 Apr 2024 11:21:49 GMT
cache-control: max-age=14400
strict-transport-security: max-age=31536000
x-cache: HIT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7z2%2FpVtssDRrC5eMQU7QduLx8N9peVD0jPR%2Fmw%2BZNq5eIN8AopI4OCxW57g3WHt6i54cjR07u2G7d8qJhyEdmReBKGTxR1ZKBqQA2inY%2Bus8dtaUv9lOWeBKkug6Bt6FOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c81eeada2b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-HKW4S7DDMP | 142.250.74.168 | 200 OK | 301 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-HKW4S7DDMP IP142.250.74.168:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size301 kB (300933 bytes) Hashb6d65d0bad7edfc26aaa47d2433c1408 c34e092789bb599afe52b780bc25ffea9852bd61 f4538d9968a4b68b8e5295a4faa0776687c7193a2af9231c1ce1844b9e3440b3
GET /gtag/js?id=G-HKW4S7DDMP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 11:20:49 GMT
expires: Fri, 19 Apr 2024 11:20:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js | 104.17.2.184 | 200 OK | 42 kB |
URL GET HTTP/3challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js IP104.17.2.184:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42414) Hashf94a2211ce789a95a7c67e8c660d63e8 f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f 926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
GET /turnstile/v0/b/471dc2adc340/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new2.gdtot.dad/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c81f0ad095685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rghptoxhai.com/t.min.js | 188.114.97.1 | 200 OK | 67 kB |
IP188.114.97.1:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerGoogle Trust Services LLC Subjectrghptoxhai.com FingerprintE4:69:08:33:DA:14:0F:D5:8B:5E:EF:BC:0B:EB:02:68:C2:50:FC:BF ValiditySat, 30 Mar 2024 10:58:21 GMT - Fri, 28 Jun 2024 10:58:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65427) Hashf5445acf7fae3bc72e78f0cedfe309ca d96fd6bf571a0c720cad89bd2bead1a1e3faac8f b734f632e8cdf2ade9b3fb34e4b5c3e675e2c13af69a43411c1435c6e3730ca1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /t.min.js HTTP/1.1
Host: rghptoxhai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 17:31:24 GMT
etag: W/"65f0916c-10458"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taI%2BLb9ITGjKhpRIWq3vORZsmiv%2Fsdp60BKyxzNmha3ip%2FUIZnenii9WZAVv87SP%2B%2B9uGeKrcw3up0SHWNUt6OMk1NNdMneZ1G88nNbT7KxHqzkjcYbzLQvkqkoGfqA%2F7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c81ef29ea7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p6fif/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal | 104.17.2.184 | 200 OK | 80 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p6fif/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal IP104.17.2.184:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash8044a5026760e1ef88911c1324f5ceda f7ab99c523cb7824727ba990b4c0e2bde0a5d38c d4343f5b4f72ba57d06da198509802fc1e2d4feaa04864c19fec9ab3ac56bca8
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p6fif/0x4AAAAAAADch0Ba3E6N-jTt/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
document-policy: js-profiling
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
origin-agent-cluster: ?1
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
vary: accept-encoding
server: cloudflare
cf-ray: 876c81f2df535685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg | 50.7.24.35 | 200 OK | 47 kB |
URL GET HTTP/2amd-cdn-1.custacin-crowlexing-i-283.site/content/stream/Batery/500x200_ipl_2024_22_march.jpg IP50.7.24.35:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerLet's Encrypt Subject*.custacin-crowlexing-i-283.site Fingerprint15:5C:FC:4D:37:46:2F:F0:59:3C:41:3A:E8:5D:BD:7E:EE:75:81:01 ValidityTue, 20 Feb 2024 08:44:50 GMT - Mon, 20 May 2024 08:44:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2024:03:21 01:33:00], baseline, precision 8, 500x200, components 3 Hash312149af823f3abf1ad97f0f62772348 0a972ac818b8bb014ccd6586955496edf367424e 49223161e0b9a2832de2e5841ff7219ecbd3f1947c2da8f3377967e880c01b08
GET /content/stream/Batery/500x200_ipl_2024_22_march.jpg HTTP/1.1
Host: amd-cdn-1.custacin-crowlexing-i-283.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://new2.gdtot.dad/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: image/jpeg
content-length: 47139
last-modified: Sun, 24 Mar 2024 14:06:40 GMT
etag: "66003370-b823"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.datatables.net/1.13.6/css/jquery.dataTables.css | 104.26.9.123 | 200 OK | 26 kB |
URL GET HTTP/2cdn.datatables.net/1.13.6/css/jquery.dataTables.css IP104.26.9.123:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerGoogle Trust Services LLC Subjectdatatables.net Fingerprint90:1B:E4:09:AA:D0:D8:54:84:42:01:61:2A:F3:FD:AA:42:CC:89:6D ValidityWed, 27 Mar 2024 23:37:26 GMT - Tue, 25 Jun 2024 23:37:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1.13.6/css/jquery.dataTables.css HTTP/1.1
Host: cdn.datatables.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:20:49 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
last-modified: Mon, 06 Nov 2023 12:01:13 GMT
etag: W/"1122153-650b-6097a9c4efbb0-gzip"
cache-control: max-age=31536000
expires: Sun, 24 Nov 2024 07:58:50 GMT
vary: Accept-Encoding,User-Agent
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cf-cache-status: HIT
age: 12626518
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1IRygfdPu5hC2COlMiaF0yal5PM9xPcgFiZBqNmMcTa24Ms1iGdwhlXk3V%2FtdEqvu5sk8M5sPjqqFvGbKVb3I0yT7i9OKFDe4uzWQ1JsX52f7yYHK%2BYIDWI9FQhyrN7Gk%2FTOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c81ef18b256bf-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ausoafab.net/tag.min.js | 139.45.197.239 | 200 OK | 81 kB |
IP139.45.197.239:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerLet's Encrypt Subjectausoafab.net Fingerprint33:F7:E4:A2:F2:C5:7C:F7:5D:6D:04:07:63:1B:94:6B:99:7D:33:A9 ValiditySat, 24 Feb 2024 05:17:49 GMT - Fri, 24 May 2024 05:17:48 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash66655187b7daa6cacf9ea6a7c512e2f8 577bb9af1796ead231fafedd360db377de392691 556f42e5c0b934b7ddfa53509093ca3f0be0f2f1cf6ecb0168b90458a3361e47
GET /tag.min.js HTTP/1.1
Host: ausoafab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 25306
content-encoding: br
x-trace-id: 450e4523dbfac056eac819cc1578888e
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 19 Apr 2024 10:33:11 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| new2.gdtot.dad/favicon.ico | 172.67.211.102 | 200 OK | 52 kB |
URL GET HTTP/3new2.gdtot.dad/favicon.ico IP172.67.211.102:443
Requested byhttps://new2.gdtot.dad/file/3450503356 CertificateIssuerGoogle Trust Services LLC Subjectgdtot.dad Fingerprint80:B0:17:A8:68:9F:8D:02:AE:91:6B:29:64:6B:06:B6:F4:8C:C5:1C ValidityMon, 08 Apr 2024 07:17:22 GMT - Sun, 07 Jul 2024 07:17:21 GMT
File typePNG image data, 270 x 266, 8-bit/color RGBA, non-interlaced Hash0ce163a25d12b2650b3e3fca0f9f458a 2e6a3acb721e315ec74db652b8a68374cbd346ec 0678b92efcf97bf978aedd1de01174b839d3c7f28e254759c48e1ed06c74e6d0
GET /favicon.ico HTTP/1.1
Host: new2.gdtot.dad
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://new2.gdtot.dad/file/3450503356
Cookie: PHPSESSID=al5os043enn2biakhejbrocm09; _ga_HKW4S7DDMP=GS1.1.1713525650.1.0.1713525650.0.0.0; _ga=GA1.1.1706690824.1713525650
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:20:50 GMT
content-type: image/x-icon
last-modified: Thu, 10 Sep 2020 03:00:40 GMT
etag: W/"5f5996d8-cd41"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FAN0AadAPr7iPaLgMRcGhzzLS68Mbkj2eFrPPM%2BGucRSc1DXyAa9qp%2Bpb8xMw5hQpbrHKEdH4FrqNY9%2Bt27QmGLPc16nanmFMS3viWfgg6aDqghQkQQ6D8cSVNnXLfXxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c81f56bd1b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
0.0.0.0