| dood.yt/d/dq62jr7br7rg |  172.64.202.19 | 301 Moved Permanently | 0 B |
IP172.64.202.19:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/dq62jr7br7rg HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 27 Jan 2023 06:27:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 27 Jan 2023 07:27:55 GMT
Location: https://dood.yt/d/dq62jr7br7rg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDSHEoWl775eXab44iIoXVBfxTWyjZ4XGwTkR8sHWCm1qqa80%2BDZa%2BcHTMBVMMCaHNXQufqYcOpLAuY2xkr5CIVoxv8Zf0bfglPqb3iNcbbdmi8jnnc3nYmI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ff6ce19d01779d-LHR
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash5fe582397f3003b225cb9058e02c2190 68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f 238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5857
Expires: Fri, 27 Jan 2023 08:05:32 GMT
Date: Fri, 27 Jan 2023 06:27:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2405562765b49b2782ebd2e2994851d5 be7ac8e558f7875bb1fb86ab5ec674424a5ff269 422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8912
Expires: Fri, 27 Jan 2023 08:56:28 GMT
Date: Fri, 27 Jan 2023 06:27:56 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 05:42:58 GMT
content-type: application/json
age: 2698
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash49049f3c92aad686cd7ff28ecd2a5a4f 9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57 02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12498
Expires: Fri, 27 Jan 2023 09:56:14 GMT
Date: Fri, 27 Jan 2023 06:27:56 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Q8wFwz8XynzdRTlrrn2LQB7yO2MvicjnLf3XRaAPdN3HsIa6FFCPd1SerQaV+LYmM57x+sAxSbkVHhr1bkkTuQ==
x-amz-request-id: E78T7MF0M40V2TN2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 06:20:25 GMT
age: 451
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 344 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1a95a50a4b2c7c0e5c4aa9d414b4a190 482ac514931594da5daee2e36c63b045066927e3 3e26742a884ae6a58293469d08fff10dc9ee3adb1385c71142092d41cb00e4f5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3E26742A884AE6A58293469D08FFF10DC9EE3ADB1385C71142092D41CB00E4F5"
Last-Modified: Tue, 24 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2896
Expires: Fri, 27 Jan 2023 07:16:12 GMT
Date: Fri, 27 Jan 2023 06:27:56 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 344 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1a95a50a4b2c7c0e5c4aa9d414b4a190 482ac514931594da5daee2e36c63b045066927e3 3e26742a884ae6a58293469d08fff10dc9ee3adb1385c71142092d41cb00e4f5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3E26742A884AE6A58293469D08FFF10DC9EE3ADB1385C71142092D41CB00E4F5"
Last-Modified: Tue, 24 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2896
Expires: Fri, 27 Jan 2023 07:16:12 GMT
Date: Fri, 27 Jan 2023 06:27:56 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash88b9b95ceccd20b6605d5dcf472243c8 9ce5a8dec211bb77751fc6c0850e55be121acbe6 540c1ed2d13d4b2453c19427a288a3efc85417b921f9dfb94518bd3c3ba59fcf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "540C1ED2D13D4B2453C19427A288A3EFC85417B921F9DFB94518BD3C3BA59FCF"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3130
Expires: Fri, 27 Jan 2023 07:20:06 GMT
Date: Fri, 27 Jan 2023 06:27:56 GMT
Connection: keep-alive
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js |  104.17.24.14 | 200 OK | 591 B |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (1266) Hash414869f16aa77a65b4928a018f7f1abb cea521f7a2958a50239526ed6b068f0937527653 afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7394769
expires: Wed, 17 Jan 2024 06:27:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJWIhpnu4UzUXBhfrUyoX%2FxdFcHRuclFVGEEhQqhBiEjnHHtSOW4Icwm24HFVJZB8KyEC64mwFKqH3pWooACLUnhXz2T4rXolZpLcaNVkoELdevr%2F9O8GjJAkScj1%2FYIwXtx8olU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ff6ce6eb600b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (65451) Hash638a4990025383a0f83ebf29bdb84a68 153e8818dc42f598e47fde8cf398f1447649a4d0 878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 533460
expires: Wed, 17 Jan 2024 06:27:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBCilUtaL3GEzjFsTC1o32329IRzLdcqZ68BK3khglAy2sXwmJf3dpmwP2BItthCG9%2Ff7jWnE%2FCz%2FrVaLjVangzAhpQmUQEkWcxxfZnL%2B3SJO5vPdCnoKYbuJ3p%2BKhKwkv2niGES"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ff6ce6eb620b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash88b9b95ceccd20b6605d5dcf472243c8 9ce5a8dec211bb77751fc6c0850e55be121acbe6 540c1ed2d13d4b2453c19427a288a3efc85417b921f9dfb94518bd3c3ba59fcf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "540C1ED2D13D4B2453C19427A288A3EFC85417B921F9DFB94518BD3C3BA59FCF"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3130
Expires: Fri, 27 Jan 2023 07:20:06 GMT
Date: Fri, 27 Jan 2023 06:27:56 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash88b9b95ceccd20b6605d5dcf472243c8 9ce5a8dec211bb77751fc6c0850e55be121acbe6 540c1ed2d13d4b2453c19427a288a3efc85417b921f9dfb94518bd3c3ba59fcf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "540C1ED2D13D4B2453C19427A288A3EFC85417B921F9DFB94518BD3C3BA59FCF"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3130
Expires: Fri, 27 Jan 2023 07:20:06 GMT
Date: Fri, 27 Jan 2023 06:27:56 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash2ebcc7cd4c50e87a984668828c1e612e f693d36335f333e3647f9fb2460e34dd73e17421 27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 06:27:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.doodcdn.co/img/no_video_3.svg | 172.67.70.190 | 200 OK | 2.8 kB |
URL HTTP/2i.doodcdn.co/img/no_video_3.svg IP172.67.70.190:0
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789) Hash077bfdaa49ae4877a42611b739ec4752 a2f9e1222b7af9abc05122411ab8902efcc08ead 70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Sat, 25 Feb 2023 08:23:22 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 31601
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zeVgw5YZ55TBuzVix0lb5xSd%2BYkQFN5xfd9hRknX9alx6SQB0RkFC1QT4fxyT1Qi5%2BMCVjznKk0PN2OfeON3xIH%2BZqST9MCtH%2BLsTSGHSl5KBDxNfzMB0jbvA2mog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ff6ce72e41b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash88b9b95ceccd20b6605d5dcf472243c8 9ce5a8dec211bb77751fc6c0850e55be121acbe6 540c1ed2d13d4b2453c19427a288a3efc85417b921f9dfb94518bd3c3ba59fcf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "540C1ED2D13D4B2453C19427A288A3EFC85417B921F9DFB94518BD3C3BA59FCF"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3130
Expires: Fri, 27 Jan 2023 07:20:06 GMT
Date: Fri, 27 Jan 2023 06:27:56 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash2ebcc7cd4c50e87a984668828c1e612e f693d36335f333e3647f9fb2460e34dd73e17421 27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 06:27:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| alas4kanmfa6a4mubte.com/lv/esnk/1841675/code.js |  62.122.171.6 | 200 OK | 43 kB |
URL HTTP/2alas4kanmfa6a4mubte.com/lv/esnk/1841675/code.js IP62.122.171.6:0
Hashcf23f26cc1efecaa6fcbcd4e89e69dc5 f190942e469e490e78d2310693448068a14732eb 321e262362abab5700c7dacd4571c65dd49e2cd9ecf84da3b0d9dccd7f44e097
GET /lv/esnk/1841675/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 13:21:09 GMT
vary: Accept-Encoding
etag: W/"63d27e45-1a2c5"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/lv/esnk/1841678/code.js | 62.122.171.6 | 200 OK | 43 kB |
URL HTTP/2alas4kanmfa6a4mubte.com/lv/esnk/1841678/code.js IP62.122.171.6:0
Hashdca1330f99c3f16128317916740b496d 01160dd8b3a793302602aeba9284d2a68b67a04e 5a1cd2a877dedc21d85df101e8ffd7647ebb41a2d20b18daace64bd1b1528bf5
GET /lv/esnk/1841678/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 13:21:09 GMT
vary: Accept-Encoding
etag: W/"63d27e45-1a2c5"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/css/style.css?v=0.1 | 172.67.70.190 | 200 OK | 222 kB |
URL HTTP/2i.doodcdn.co/theme_2/css/style.css?v=0.1 IP172.67.70.190:0
File typeASCII text, with very long lines (65465) Size222 kB (222117 bytes) Hashd65004df77f6074117845dc187998c64 5d3ef59100f3f8e10068f82905c656bc8cd59b20 09e03b0626039294f16de21c7a86fc580ba0c858dffe1e408487890a457f1429
GET /theme_2/css/style.css?v=0.1 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=249272
expires: Fri, 26 Jan 2024 08:53:34 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 46887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iYGhsoXI7rHfxOf5cYs0FaJ0grfHOmgbBkeNgcDcSx7xd6v%2B%2FNHZsDnw1pLPeOknXMIXqr45YSFsqumy2PL6DmkY5gJzey6zc7aQcFQAzc7xlLQUIlKLI4kRDzoXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ff6ce78e96b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashd84f383ade441229a3b8c3bdb440dec1 1a3fe5fbdb453238fd1bba1698ab7e42cc964455 00f8082421d59df44b61e96c4cdf71aec562e572fd3fbebfb2f1c5aa5fa22c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00F8082421D59DF44B61E96C4CDF71AEC562E572FD3FBEBFB2F1C5AA5FA22C6F"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12900
Expires: Fri, 27 Jan 2023 10:02:57 GMT
Date: Fri, 27 Jan 2023 06:27:57 GMT
Connection: keep-alive
|
|
| cdn.bncloudfl.com/bn/99e/db0/f73/99edb0f7354db0db5ed10b1ab1251079e6931fe8.png | 172.67.39.215 | 200 OK | 95 kB |
URL HTTP/2cdn.bncloudfl.com/bn/99e/db0/f73/99edb0f7354db0db5ed10b1ab1251079e6931fe8.png IP172.67.39.215:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashaf351dbc529966e7718828989ba2c7b0 ed763751307bfbcc2dcff9e5092ade42b472200e cc85e227b170aa7c1b1c73f9822a36f1a059dbbf47863368c0c0beda763a6ce7
GET /bn/99e/db0/f73/99edb0f7354db0db5ed10b1ab1251079e6931fe8.png HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: image/webp
content-length: 95312
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=166876
content-disposition: inline; filename="99edb0f7354db0db5ed10b1ab1251079e6931fe8.webp"
etag: 606c3960dbbf27f6eff7cd9bbb66d48a
expires: Sat, 28 Jan 2023 21:40:12 GMT
last-modified: Sat, 21 Jan 2023 10:07:12 GMT
vary: Accept
x-openstack-request-id: tx489c1dcb3ba7480c8bb85-0063cbb96d
x-proxy-cache: HIT
x-timestamp: 1674295631.45830
x-trans-id: tx489c1dcb3ba7480c8bb85-0063cbb96d
cf-cache-status: HIT
age: 31665
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 78ff6cea8c4ab509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.35.92.170 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.35.92.170:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vIdjtaWrgqvDm7jrNvUoJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fFyUJLk5BMOYG+622iARXfvraRo=
|
|
| alas4kanmfa6a4mubte.com/chicken.gif?z=1841678&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=afx7FW6cIxhVcaWIfUVx3m_pyvitlAWMh4vTA_Hb1b7ZxNUssHaF9uvYHOhHR4W5WkegOOeivthDSEuM7PBxytXk_02_9m6vv8JC-QG6-kxdhX6KjKg-KtFIK4sW86vDEaAxRdTbnBynLxRlTDIsYXNO7QpZ05xKqvmAiMhs-pK8hwVnhpq0XdKD5lPQItx5j6N8hJykVk_go4VYfIze1HwY2yNfoomGGDaxP93x0x65bHq6uJRiVSSuuKnEjlH6Yl-RG1mkv147gXJdLgw0DvE8TmNc2Pmr8X-H2RftZPVnFC52ylQODhCydpr8KriCs4FvXxxT2vPT4dQnRiU66KV5fg9W3pbVffUosWoHQePS0hb8IErjL7-QWl8Wwz_npyLTMw6lsRtZ39cfzapdnZgxiwY5HU8TPtOQoJ0WicsiAHeueTnlaWYpwqMg1nOj3yLHhrxIRhLP9isRGGyMhFnuGchki8D06cNQdWlYesE_D5DOa36psi2gnBGkGzIQ4__B7G_j2dWCUZ4eei7rgSr0qBgHC6oRia-Qw7dg3XteSKhmIlX4grHPNOCVQj6eQxPZEDr2mD4x_ooGBci7xn3G4Ts2KZQGz72Nit58k4uInaQ=&abvar=0&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2alas4kanmfa6a4mubte.com/chicken.gif?z=1841678&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=afx7FW6cIxhVcaWIfUVx3m_pyvitlAWMh4vTA_Hb1b7ZxNUssHaF9uvYHOhHR4W5WkegOOeivthDSEuM7PBxytXk_02_9m6vv8JC-QG6-kxdhX6KjKg-KtFIK4sW86vDEaAxRdTbnBynLxRlTDIsYXNO7QpZ05xKqvmAiMhs-pK8hwVnhpq0XdKD5lPQItx5j6N8hJykVk_go4VYfIze1HwY2yNfoomGGDaxP93x0x65bHq6uJRiVSSuuKnEjlH6Yl-RG1mkv147gXJdLgw0DvE8TmNc2Pmr8X-H2RftZPVnFC52ylQODhCydpr8KriCs4FvXxxT2vPT4dQnRiU66KV5fg9W3pbVffUosWoHQePS0hb8IErjL7-QWl8Wwz_npyLTMw6lsRtZ39cfzapdnZgxiwY5HU8TPtOQoJ0WicsiAHeueTnlaWYpwqMg1nOj3yLHhrxIRhLP9isRGGyMhFnuGchki8D06cNQdWlYesE_D5DOa36psi2gnBGkGzIQ4__B7G_j2dWCUZ4eei7rgSr0qBgHC6oRia-Qw7dg3XteSKhmIlX4grHPNOCVQj6eQxPZEDr2mD4x_ooGBci7xn3G4Ts2KZQGz72Nit58k4uInaQ=&abvar=0&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841678&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=afx7FW6cIxhVcaWIfUVx3m_pyvitlAWMh4vTA_Hb1b7ZxNUssHaF9uvYHOhHR4W5WkegOOeivthDSEuM7PBxytXk_02_9m6vv8JC-QG6-kxdhX6KjKg-KtFIK4sW86vDEaAxRdTbnBynLxRlTDIsYXNO7QpZ05xKqvmAiMhs-pK8hwVnhpq0XdKD5lPQItx5j6N8hJykVk_go4VYfIze1HwY2yNfoomGGDaxP93x0x65bHq6uJRiVSSuuKnEjlH6Yl-RG1mkv147gXJdLgw0DvE8TmNc2Pmr8X-H2RftZPVnFC52ylQODhCydpr8KriCs4FvXxxT2vPT4dQnRiU66KV5fg9W3pbVffUosWoHQePS0hb8IErjL7-QWl8Wwz_npyLTMw6lsRtZ39cfzapdnZgxiwY5HU8TPtOQoJ0WicsiAHeueTnlaWYpwqMg1nOj3yLHhrxIRhLP9isRGGyMhFnuGchki8D06cNQdWlYesE_D5DOa36psi2gnBGkGzIQ4__B7G_j2dWCUZ4eei7rgSr0qBgHC6oRia-Qw7dg3XteSKhmIlX4grHPNOCVQj6eQxPZEDr2mD4x_ooGBci7xn3G4Ts2KZQGz72Nit58k4uInaQ=&abvar=0&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301270127a998fef30e494468bc5e224e0f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OAICAP=ADD4PAAAAAAAAAAB; Path=/; Expires=Sun, 26 Feb 2023 06:27:57 GMT; Secure; SameSite=None
OAIBLOCK=ADD4PAAAAABj01pQ; Path=/; Expires=Sun, 26 Feb 2023 06:27:57 GMT; Secure; SameSite=None
OACICAP=ACRrVgAAAAAAAAAB; Path=/; Expires=Sun, 26 Feb 2023 06:27:57 GMT; Secure; SameSite=None
OACIBLOCK=ACRrVgAAAABj01pQ; Path=/; Expires=Sun, 26 Feb 2023 06:27:57 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sat, 28 Jan 2023 06:27:57 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/whob.gif?z=1841678&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=afx7FW6cIxhVcaWIfUVx3m_pyvitlAWMh4vTA_Hb1b7ZxNUssHaF9uvYHOhHR4W5WkegOOeivthDSEuM7PBxytXk_02_9m6vv8JC-QG6-kxdhX6KjKg-KtFIK4sW86vDEaAxRdTbnBynLxRlTDIsYXNO7QpZ05xKqvmAiMhs-pK8hwVnhpq0XdKD5lPQItx5j6N8hJykVk_go4VYfIze1HwY2yNfoomGGDaxP93x0x65bHq6uJRiVSSuuKnEjlH6Yl-RG1mkv147gXJdLgw0DvE8TmNc2Pmr8X-H2RftZPVnFC52ylQODhCydpr8KriCs4FvXxxT2vPT4dQnRiU66KV5fg9W3pbVffUosWoHQePS0hb8IErjL7-QWl8Wwz_npyLTMw6lsRtZ39cfzapdnZgxiwY5HU8TPtOQoJ0WicsiAHeueTnlaWYpwqMg1nOj3yLHhrxIRhLP9isRGGyMhFnuGchki8D06cNQdWlYesE_D5DOa36psi2gnBGkGzIQ4__B7G_j2dWCUZ4eei7rgSr0qBgHC6oRia-Qw7dg3XteSKhmIlX4grHPNOCVQj6eQxPZEDr2mD4x_ooGBci7xn3G4Ts2KZQGz72Nit58k4uInaQ=&abvar=0&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2alas4kanmfa6a4mubte.com/whob.gif?z=1841678&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=afx7FW6cIxhVcaWIfUVx3m_pyvitlAWMh4vTA_Hb1b7ZxNUssHaF9uvYHOhHR4W5WkegOOeivthDSEuM7PBxytXk_02_9m6vv8JC-QG6-kxdhX6KjKg-KtFIK4sW86vDEaAxRdTbnBynLxRlTDIsYXNO7QpZ05xKqvmAiMhs-pK8hwVnhpq0XdKD5lPQItx5j6N8hJykVk_go4VYfIze1HwY2yNfoomGGDaxP93x0x65bHq6uJRiVSSuuKnEjlH6Yl-RG1mkv147gXJdLgw0DvE8TmNc2Pmr8X-H2RftZPVnFC52ylQODhCydpr8KriCs4FvXxxT2vPT4dQnRiU66KV5fg9W3pbVffUosWoHQePS0hb8IErjL7-QWl8Wwz_npyLTMw6lsRtZ39cfzapdnZgxiwY5HU8TPtOQoJ0WicsiAHeueTnlaWYpwqMg1nOj3yLHhrxIRhLP9isRGGyMhFnuGchki8D06cNQdWlYesE_D5DOa36psi2gnBGkGzIQ4__B7G_j2dWCUZ4eei7rgSr0qBgHC6oRia-Qw7dg3XteSKhmIlX4grHPNOCVQj6eQxPZEDr2mD4x_ooGBci7xn3G4Ts2KZQGz72Nit58k4uInaQ=&abvar=0&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841678&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=afx7FW6cIxhVcaWIfUVx3m_pyvitlAWMh4vTA_Hb1b7ZxNUssHaF9uvYHOhHR4W5WkegOOeivthDSEuM7PBxytXk_02_9m6vv8JC-QG6-kxdhX6KjKg-KtFIK4sW86vDEaAxRdTbnBynLxRlTDIsYXNO7QpZ05xKqvmAiMhs-pK8hwVnhpq0XdKD5lPQItx5j6N8hJykVk_go4VYfIze1HwY2yNfoomGGDaxP93x0x65bHq6uJRiVSSuuKnEjlH6Yl-RG1mkv147gXJdLgw0DvE8TmNc2Pmr8X-H2RftZPVnFC52ylQODhCydpr8KriCs4FvXxxT2vPT4dQnRiU66KV5fg9W3pbVffUosWoHQePS0hb8IErjL7-QWl8Wwz_npyLTMw6lsRtZ39cfzapdnZgxiwY5HU8TPtOQoJ0WicsiAHeueTnlaWYpwqMg1nOj3yLHhrxIRhLP9isRGGyMhFnuGchki8D06cNQdWlYesE_D5DOa36psi2gnBGkGzIQ4__B7G_j2dWCUZ4eei7rgSr0qBgHC6oRia-Qw7dg3XteSKhmIlX4grHPNOCVQj6eQxPZEDr2mD4x_ooGBci7xn3G4Ts2KZQGz72Nit58k4uInaQ=&abvar=0&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301270127a998fef30e494468bc5e224e0f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/chicken.gif?z=1841675&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=uePFw_NIui64h8sNIrR75ZH8bX390Bfopbjgyecc6-0A2rMb1Av4GucfiB-qIsSN8pAFuAY8lKh7tJ4Wn1J5VxmMfDnk7cgAjolWNWTUJI--lIdj9RqJ1O-z8sCwmr3Pw_sTnynvOyquS_dE4H7QUskbUQKR7YOC8VkwRx_DiWJZaTf9cNCyjGD3eSiYrsnRxZFEX0i6QApbbd0oTuh1fCB7SYghXybO4LtH4qcc9c1dt0kLsh4og6Hi8caCPC7KNsZGC11NVIxoFzpujb3C5ZS_qX7l6k6h60LoFUQZq4k_xf7PEAcfrfMCnH-x6ITUC9_Lw0j2FFGjVvnsBinwZoh15b9xaLRZU_DTlipcEipYdKyMENEg8x2Wu3rfFasgLCScl-ldntWuIPlozeMewDmE2sk1ARteaL2dDjQcf99IiKoJiXh5dCEC9FezBqkEvq2vMRhVB2k1yCH4RYsuvxB3ZsVzkMK4i2TSkrMcIqyt9B0Rq9icCheRVWCBmYCasx_uvanZLqpkKSV48SuZSe2Zk6RdiTF-AATpWAULn6kv7YyHc8NZ_1QXosJRJcgGQzDHMkqfdiDyl8wMIZJ_9_2Wf5vHT6fuLMpIw-A3Gtonb3c=&abvar=0&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2alas4kanmfa6a4mubte.com/chicken.gif?z=1841675&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=uePFw_NIui64h8sNIrR75ZH8bX390Bfopbjgyecc6-0A2rMb1Av4GucfiB-qIsSN8pAFuAY8lKh7tJ4Wn1J5VxmMfDnk7cgAjolWNWTUJI--lIdj9RqJ1O-z8sCwmr3Pw_sTnynvOyquS_dE4H7QUskbUQKR7YOC8VkwRx_DiWJZaTf9cNCyjGD3eSiYrsnRxZFEX0i6QApbbd0oTuh1fCB7SYghXybO4LtH4qcc9c1dt0kLsh4og6Hi8caCPC7KNsZGC11NVIxoFzpujb3C5ZS_qX7l6k6h60LoFUQZq4k_xf7PEAcfrfMCnH-x6ITUC9_Lw0j2FFGjVvnsBinwZoh15b9xaLRZU_DTlipcEipYdKyMENEg8x2Wu3rfFasgLCScl-ldntWuIPlozeMewDmE2sk1ARteaL2dDjQcf99IiKoJiXh5dCEC9FezBqkEvq2vMRhVB2k1yCH4RYsuvxB3ZsVzkMK4i2TSkrMcIqyt9B0Rq9icCheRVWCBmYCasx_uvanZLqpkKSV48SuZSe2Zk6RdiTF-AATpWAULn6kv7YyHc8NZ_1QXosJRJcgGQzDHMkqfdiDyl8wMIZJ_9_2Wf5vHT6fuLMpIw-A3Gtonb3c=&abvar=0&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841675&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=uePFw_NIui64h8sNIrR75ZH8bX390Bfopbjgyecc6-0A2rMb1Av4GucfiB-qIsSN8pAFuAY8lKh7tJ4Wn1J5VxmMfDnk7cgAjolWNWTUJI--lIdj9RqJ1O-z8sCwmr3Pw_sTnynvOyquS_dE4H7QUskbUQKR7YOC8VkwRx_DiWJZaTf9cNCyjGD3eSiYrsnRxZFEX0i6QApbbd0oTuh1fCB7SYghXybO4LtH4qcc9c1dt0kLsh4og6Hi8caCPC7KNsZGC11NVIxoFzpujb3C5ZS_qX7l6k6h60LoFUQZq4k_xf7PEAcfrfMCnH-x6ITUC9_Lw0j2FFGjVvnsBinwZoh15b9xaLRZU_DTlipcEipYdKyMENEg8x2Wu3rfFasgLCScl-ldntWuIPlozeMewDmE2sk1ARteaL2dDjQcf99IiKoJiXh5dCEC9FezBqkEvq2vMRhVB2k1yCH4RYsuvxB3ZsVzkMK4i2TSkrMcIqyt9B0Rq9icCheRVWCBmYCasx_uvanZLqpkKSV48SuZSe2Zk6RdiTF-AATpWAULn6kv7YyHc8NZ_1QXosJRJcgGQzDHMkqfdiDyl8wMIZJ_9_2Wf5vHT6fuLMpIw-A3Gtonb3c=&abvar=0&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301270127a998fef30e494468bc5e224e0f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OAICAP=ADD4PAAAAAAAAAAB; Path=/; Expires=Sun, 26 Feb 2023 06:27:57 GMT; Secure; SameSite=None
OAIBLOCK=ADD4PAAAAABj01pQ; Path=/; Expires=Sun, 26 Feb 2023 06:27:57 GMT; Secure; SameSite=None
OACICAP=ACRrVgAAAAAAAAAB; Path=/; Expires=Sun, 26 Feb 2023 06:27:57 GMT; Secure; SameSite=None
OACIBLOCK=ACRrVgAAAABj01pQ; Path=/; Expires=Sun, 26 Feb 2023 06:27:57 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sat, 28 Jan 2023 06:27:57 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/whob.gif?z=1841675&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=uePFw_NIui64h8sNIrR75ZH8bX390Bfopbjgyecc6-0A2rMb1Av4GucfiB-qIsSN8pAFuAY8lKh7tJ4Wn1J5VxmMfDnk7cgAjolWNWTUJI--lIdj9RqJ1O-z8sCwmr3Pw_sTnynvOyquS_dE4H7QUskbUQKR7YOC8VkwRx_DiWJZaTf9cNCyjGD3eSiYrsnRxZFEX0i6QApbbd0oTuh1fCB7SYghXybO4LtH4qcc9c1dt0kLsh4og6Hi8caCPC7KNsZGC11NVIxoFzpujb3C5ZS_qX7l6k6h60LoFUQZq4k_xf7PEAcfrfMCnH-x6ITUC9_Lw0j2FFGjVvnsBinwZoh15b9xaLRZU_DTlipcEipYdKyMENEg8x2Wu3rfFasgLCScl-ldntWuIPlozeMewDmE2sk1ARteaL2dDjQcf99IiKoJiXh5dCEC9FezBqkEvq2vMRhVB2k1yCH4RYsuvxB3ZsVzkMK4i2TSkrMcIqyt9B0Rq9icCheRVWCBmYCasx_uvanZLqpkKSV48SuZSe2Zk6RdiTF-AATpWAULn6kv7YyHc8NZ_1QXosJRJcgGQzDHMkqfdiDyl8wMIZJ_9_2Wf5vHT6fuLMpIw-A3Gtonb3c=&abvar=0&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2alas4kanmfa6a4mubte.com/whob.gif?z=1841675&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=uePFw_NIui64h8sNIrR75ZH8bX390Bfopbjgyecc6-0A2rMb1Av4GucfiB-qIsSN8pAFuAY8lKh7tJ4Wn1J5VxmMfDnk7cgAjolWNWTUJI--lIdj9RqJ1O-z8sCwmr3Pw_sTnynvOyquS_dE4H7QUskbUQKR7YOC8VkwRx_DiWJZaTf9cNCyjGD3eSiYrsnRxZFEX0i6QApbbd0oTuh1fCB7SYghXybO4LtH4qcc9c1dt0kLsh4og6Hi8caCPC7KNsZGC11NVIxoFzpujb3C5ZS_qX7l6k6h60LoFUQZq4k_xf7PEAcfrfMCnH-x6ITUC9_Lw0j2FFGjVvnsBinwZoh15b9xaLRZU_DTlipcEipYdKyMENEg8x2Wu3rfFasgLCScl-ldntWuIPlozeMewDmE2sk1ARteaL2dDjQcf99IiKoJiXh5dCEC9FezBqkEvq2vMRhVB2k1yCH4RYsuvxB3ZsVzkMK4i2TSkrMcIqyt9B0Rq9icCheRVWCBmYCasx_uvanZLqpkKSV48SuZSe2Zk6RdiTF-AATpWAULn6kv7YyHc8NZ_1QXosJRJcgGQzDHMkqfdiDyl8wMIZJ_9_2Wf5vHT6fuLMpIw-A3Gtonb3c=&abvar=0&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841675&pb=67c96ee756818327f078a683cbbdd2de1674808077&psp=uePFw_NIui64h8sNIrR75ZH8bX390Bfopbjgyecc6-0A2rMb1Av4GucfiB-qIsSN8pAFuAY8lKh7tJ4Wn1J5VxmMfDnk7cgAjolWNWTUJI--lIdj9RqJ1O-z8sCwmr3Pw_sTnynvOyquS_dE4H7QUskbUQKR7YOC8VkwRx_DiWJZaTf9cNCyjGD3eSiYrsnRxZFEX0i6QApbbd0oTuh1fCB7SYghXybO4LtH4qcc9c1dt0kLsh4og6Hi8caCPC7KNsZGC11NVIxoFzpujb3C5ZS_qX7l6k6h60LoFUQZq4k_xf7PEAcfrfMCnH-x6ITUC9_Lw0j2FFGjVvnsBinwZoh15b9xaLRZU_DTlipcEipYdKyMENEg8x2Wu3rfFasgLCScl-ldntWuIPlozeMewDmE2sk1ARteaL2dDjQcf99IiKoJiXh5dCEC9FezBqkEvq2vMRhVB2k1yCH4RYsuvxB3ZsVzkMK4i2TSkrMcIqyt9B0Rq9icCheRVWCBmYCasx_uvanZLqpkKSV48SuZSe2Zk6RdiTF-AATpWAULn6kv7YyHc8NZ_1QXosJRJcgGQzDHMkqfdiDyl8wMIZJ_9_2Wf5vHT6fuLMpIw-A3Gtonb3c=&abvar=0&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301270127a998fef30e494468bc5e224e0f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash675dd553a1ba7530f23b697ceaa27a6e 4f75a3039291a1acafa0914b48c22f9e3d3f5241 52827a66fb24aafa6b2a2c8d2fa2986f5c2cbd82ab4b485ff7f6f5777ba7d474
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52827A66FB24AAFA6B2A2C8D2FA2986F5C2CBD82AB4B485FF7F6F5777BA7D474"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12640
Expires: Fri, 27 Jan 2023 09:58:37 GMT
Date: Fri, 27 Jan 2023 06:27:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashc1b3fefce08370c4766cb281baf553ad 400ef1068b7e8fdfc1f30d6b07019631efff43f7 711979ccc8239935fadc348132e84f37cec61a3f26f434235e137d1938bd3d3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "711979CCC8239935FADC348132E84F37CEC61A3F26F434235E137D1938BD3D3D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12721
Expires: Fri, 27 Jan 2023 09:59:58 GMT
Date: Fri, 27 Jan 2023 06:27:57 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashda6d1131f8c9ad77c09853b9bc65a467 dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba ea18b3e2c606aeb6128c798d0ce25827e7a630701a73248211b7d448805d2233
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 06:27:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:49:39 GMT
Expires: Wed, 01 Feb 2023 15:49:38 GMT
Etag: "dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba"
Cache-Control: max-age=465100,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ff6cecdd17b511-OSL
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2fd3b5487710791cafa87110d681647a 6f3de59c79cf8f93c3312d917e9bb225a8bb25f9 35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15559
Expires: Fri, 27 Jan 2023 10:47:16 GMT
Date: Fri, 27 Jan 2023 06:27:57 GMT
Connection: keep-alive
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f |  139.45.195.254 | 200 OK | 12 B |
URL HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f IP139.45.195.254:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 901
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 27 Jan 2023 06:28:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://dood.yt
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| my.rtmark.net/gid.js?userId=cf9a8852fe4240c2a4779ea81d823229 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=cf9a8852fe4240c2a4779ea81d823229 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash99cb5b8aca173f92ffd96bc5b688d66b 951f35de86b7b1b1614110cdda2de88c1ba4fb8c 99ab59c59f9d595bb2388defe762fbab8c9cf6dbc586ab6f263e2a96514987cc
GET /gid.js?userId=cf9a8852fe4240c2a4779ea81d823229 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dood.yt
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=cf9a8852fe4240c2a4779ea81d823229; expires=Sat, 27 Jan 2024 06:27:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| foortowatch.xyz/utx?tid=926820&top=dood.yt&cb=4UzJa8o2zO09 | 108.157.214.72 | 204 No Content | 0 B |
URL HTTP/2foortowatch.xyz/utx?tid=926820&top=dood.yt&cb=4UzJa8o2zO09 IP108.157.214.72:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=926820&top=dood.yt&cb=4UzJa8o2zO09 HTTP/1.1
Host: foortowatch.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 27 Jan 2023 06:27:57 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://dood.yt
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 27 Jan 2023 06:28:57 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 8TydQJhQSHEWJWdvPv4NyNKBKOIHpODfLRrZ-enuUNg6x1dmU8SUhQ==
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash5841ef884ec146c10c6975ea9e1ebf0f 69151a25648afb9fd4c1780f4b45bd4200c6edee 88fc9bfea9c6f046d43d0cc36467cd7133555056c977beee8a486c0f3ad64c51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88FC9BFEA9C6F046D43D0CC36467CD7133555056C977BEEE8A486C0F3AD64C51"
Last-Modified: Tue, 24 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15612
Expires: Fri, 27 Jan 2023 10:48:10 GMT
Date: Fri, 27 Jan 2023 06:27:58 GMT
Connection: keep-alive
|
|
| thecoveos.com/ | 52.20.131.174 | 200 OK | 0 B |
IP52.20.131.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 380
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15162
Expires: Fri, 27 Jan 2023 10:40:40 GMT
Date: Fri, 27 Jan 2023 06:27:58 GMT
Connection: keep-alive
|
|
| pringed.space/MzRBVjJIFjIhbUZGLXQIEVw1IkJADm55VlxbJXhLRxsyIRxZR2N6EEBZJ3QIAhhjJV9FFnt0Bh0EY3oQR1UmCVtXFnt0CwECeWQCERhjJUdRaygyABEOYzAHVwV4ZQVRGXNlVlEZdTdUABl4MAMDGXBiVgMCeGYFUgIjZBBO | 54.162.51.18 | 200 OK | 23 kB |
URL HTTP/2pringed.space/MzRBVjJIFjIhbUZGLXQIEVw1IkJADm55VlxbJXhLRxsyIRxZR2N6EEBZJ3QIAhhjJV9FFnt0Bh0EY3oQR1UmCVtXFnt0CwECeWQCERhjJUdRaygyABEOYzAHVwV4ZQVRGXNlVlEZdTdUABl4MAMDGXBiVgMCeGYFUgIjZBBO IP54.162.51.18:0
Hash75be750dfee89af159cbd599758dd847 fb96bcd3045a8774b64b52c971d816a781e67423 ded0f4ec8780fba00c68533ad316cf3c8a5fa61f1240a1d48090cb7e2f102190
GET /MzRBVjJIFjIhbUZGLXQIEVw1IkJADm55VlxbJXhLRxsyIRxZR2N6EEBZJ3QIAhhjJV9FFnt0Bh0EY3oQR1UmCVtXFnt0CwECeWQCERhjJUdRaygyABEOYzAHVwV4ZQVRGXNlVlEZdTdUABl4MAMDGXBiVgMCeGYFUgIjZBBO HTTP/1.1
Host: pringed.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: e546066984a768b4e841ca9cffc0927f=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0e6-saO074ETGQlT49AEdV6LnH7wGvA"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15162
Expires: Fri, 27 Jan 2023 10:40:40 GMT
Date: Fri, 27 Jan 2023 06:27:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15162
Expires: Fri, 27 Jan 2023 10:40:40 GMT
Date: Fri, 27 Jan 2023 06:27:58 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7364957de1b4c82a923bd947f0cce750 d8aa55b64a65757e043b4b1b63efd93c8261d275 f1f7059968d08adfa1c775c906ecb6e5b752210af0bcdcebfa77c2ba6f15bbf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: 2946b91b-1d7e-4eba-966d-600ae368cd3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzVxGw1oAMF-xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328b-04037751257e13ca156eee8d;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4TidB2H164ziAxKhEORFw4BBF0FB2pkkwNq3iMQfS4t7yObXCA59Pw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 14:49:11 GMT
age: 56327
etag: "d8aa55b64a65757e043b4b1b63efd93c8261d275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53bbd20e-50aa-4ce8-8565-a97b3c8ee694.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53bbd20e-50aa-4ce8-8565-a97b3c8ee694.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash02c8d9f27e0d17c38a55da6699dfb96e 6804d00e292afc0b7aadb08b11e7650488dacaa2 1ce3b93f1348649ddca495022525daf6d760823edd67bb9e506c7ee031a849b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53bbd20e-50aa-4ce8-8565-a97b3c8ee694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7973
x-amzn-requestid: acaa2abf-9789-4953-b3ab-98064a9a0137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fXrXvHvBIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2f297-2dc2c04e2a491b3f7f5e8370;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VEfYV5hz_1XQHIeHsNcf50Q1cTkCCe7zJzzxyYWGX62D99O8ZCuuSA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:43 GMT
age: 31215
etag: "6804d00e292afc0b7aadb08b11e7650488dacaa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7d2506ac511dfbea29e29ab14ba10f85 b2e2972ffa82b103c62ffde0fca99454e12d95e6 fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: d9ce236e-c2fa-42dc-b0ff-ffe53a03a5a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVr6RFnrIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d226a7-378aa8163ddd262944257578;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:07:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jbNIYT3pKuUF_8NaACEsgFv3KxUt5q_5tUqgsf1Bdtdsw7Oxf6kFfA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:38:46 GMT
age: 82152
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.141.224 | 200 OK | 12 kB |
IP172.67.141.224:0
File typeASCII text, with very long lines (13121), with no line terminators Hash7f5031c7a2f48db76244d6ef2155b18f c6de83383c3abee7d52356b823384c124b7170d1 b4269da316b86682a36e1368525d69f7b21c7604522456570c2487dc517f492e
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3316
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCObiOm1Q5K1maS6ZRUsfzfdfoq85ddfXDnGWCtRNKbB9TlkTHQWL3ukaKIDcnlMxXHmuk6vTEP6Zv58XkVPeahoiOShs0%2FXuV6ksLETj2%2FO1eJo5kEoR1F79na9FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ff6ceb6993b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha85badd84c0542610b94f22c4f265511 5b490095b5e02d9fef4b762888353998b645dfc9 23d6d9848caf36f0556438c371f112b40dcbf9b08b8b27bd37d4d73960c701c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 825c5e6b-8fda-445e-9ed3-f5d634943c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIZd0HqkIAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ccd5f1-2b31fe3001a1b04a406ff7ff;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 06:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 13clEFrwHH0RFfYGMW5jPHcaa3ezdkHAes8FPn6yA5-pxqRaddDPqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 05:42:19 GMT
age: 2739
etag: "5b490095b5e02d9fef4b762888353998b645dfc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| betotodilea.com/400/4857535 | 139.45.197.237 | 200 OK | 44 kB |
URL HTTP/2betotodilea.com/400/4857535 IP139.45.197.237:0
Hash4667861b73dcc0ac7028b6f44b1f293e e8b4f38ceb73ef0dc1b5abc7419eb5392a03865b 435e527ddc698f84c6454431ab62e2da9918e0fc077ce72e314818f620e9a9d1
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /400/4857535 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: application/javascript
x-trace-id: c6ed485767d88457332ea4875542212f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=e1e189c896f5475cbdc39753c932dae9; expires=Sat, 27 Jan 2024 06:27:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| thecoveos.com/ | 52.20.131.174 | 200 OK | 0 B |
IP52.20.131.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.yt/
Content-Type: text/plain;charset=UTF-8
Origin: https://dood.yt
Content-Length: 344
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| thecoveos.com/ | 52.20.131.174 | 200 OK | 0 B |
IP52.20.131.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.yt/
Content-Type: text/plain;charset=UTF-8
Origin: https://dood.yt
Content-Length: 346
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/4857535?excludes=&oaid=cf9a8852fe4240c2a4779ea81d823229&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fdq62jr7br7rg&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/500/4857535?excludes=&oaid=cf9a8852fe4240c2a4779ea81d823229&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fdq62jr7br7rg&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
OPTIONS /500/4857535?excludes=&oaid=cf9a8852fe4240c2a4779ea81d823229&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fdq62jr7br7rg&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dood.yt/
Origin: https://dood.yt
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:28:02 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dood.yt
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash5caa2b44f546d4d16dda3b5186d20cdd 321796dceaea32633ec414701991c28e4bef7699 ee8ca883755cc12fa8f71b8ed4b70c31f2e24df59abdbd037406bc2abb4c392f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1344
Cache-Control: max-age=154879
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 06:28:02 GMT
Etag: "63d323b1-116"
Expires: Sun, 29 Jan 2023 01:29:21 GMT
Last-Modified: Fri, 27 Jan 2023 01:06:57 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
|
|
| betotodilea.com/500/4857535?excludes=&oaid=cf9a8852fe4240c2a4779ea81d823229&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fdq62jr7br7rg&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 13 kB |
URL HTTP/2betotodilea.com/500/4857535?excludes=&oaid=cf9a8852fe4240c2a4779ea81d823229&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fdq62jr7br7rg&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd39c79fd0b508cee4f33174e7748e657 d62b873fa4b805eb50fa8b1200b12c5c957d87a8 fec0f215f447ca6097fb2e2d58d3e5446a6590ba4bf8c8c4db80bfbf3503b670
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /500/4857535?excludes=&oaid=cf9a8852fe4240c2a4779ea81d823229&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fdq62jr7br7rg&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Cookie: OAID=e1e189c896f5475cbdc39753c932dae9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:28:02 GMT
content-type: application/javascript
x-trace-id: 4c2e36a51f12afc61577833cae7af439
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://dood.yt
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=cf9a8852fe4240c2a4779ea81d823229; expires=Sat, 27 Jan 2024 06:28:02 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.18.6.185 | 302 Found | 0 B |
URL HTTP/2challenges.cloudflare.com/turnstile/v0/api.js IP104.18.6.185:0
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 27 Jan 2023 06:27:57 GMT
cache-control: max-age=300, public
vary: accept-encoding
location: /turnstile/v0/g/c595c5c5/api.js
set-cookie: __cf_bm=fYfEV7Snm79o_zJOejxCbBIq.YbmeqordvbjAc_9qWs-1674800877-0-ARmX6hyb/Lq8NpVgbaD50/H55oxu7s7ZDxYbKxffr0Mnk9+fJkeDspbgEH1TIH2mJP8NZusxELQhwLLOeoF6o4w=; path=/; expires=Fri, 27-Jan-23 06:57:57 GMT; domain=.challenges.cloudflare.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78ff6cea9cf1b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/apu.php?zoneid=5609943 | 139.45.197.236 | 200 OK | 0 B |
URL HTTP/2cdn.itskiddien.club/apu.php?zoneid=5609943 IP139.45.197.236:0
GET /apu.php?zoneid=5609943 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: application/javascript
x-trace-id: 8391ad4039a9be3c0d7df58fcfc43ca5
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=cf9a8852fe4240c2a4779ea81d823229; expires=Sat, 27 Jan 2024 06:27:57 GMT; path=/; secure; SameSite=None
oaidts=1674800877; expires=Sat, 27 Jan 2024 06:27:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dood.yt/d/dq62jr7br7rg | 172.64.202.19 | 200 OK | 0 B |
IP172.64.202.19:0
GET /d/dq62jr7br7rg HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 26 Jan 2023 06:27:56 GMT
set-cookie: lang=1; domain=.dood.yt; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A14aHg1GdnVjyLXaUd4oWjSwQj6aNGaEEQTmw1wp3vEyt9ly53%2FDb9w04f8oRFYVFPsG3dMVORVp83WP6CXccekuQZAU6mBuhiuvjgRsV%2FLceDGJiaWNUFwR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ff6ce44f258871-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap IP142.250.74.106:0
GET /css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 06:27:56 GMT
date: Fri, 27 Jan 2023 06:27:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/get/1841678?zoneid=1841678&jp=_clbf36h13tsft655vzwehk&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205984494075956 | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2alas4kanmfa6a4mubte.com/get/1841678?zoneid=1841678&jp=_clbf36h13tsft655vzwehk&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205984494075956 IP62.122.171.6:0
GET /get/1841678?zoneid=1841678&jp=_clbf36h13tsft655vzwehk&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205984494075956 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:57 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2301270127a998fef30e494468bc5e224e0f; Path=/; Expires=Sat, 27 Jan 2024 06:27:57 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| thecoveos.com/STNnWjMSEV5oBXEBV3gfaxFLeFV8V1ZjAH5RSmgALVFKblIvAEpjVXgDSmsHLQNRYwN%2BUlE4AWsfRW5WKgQCPwR%2EHlRjUS8eU25VLR4FYlZ9Hl9vVXhWXm8Df1BXbRFlERQtEWUREzJWKlwRP1w6HQQ1XmsfRWsDZwZFdlUoXxQ%2EHy9SCylWZVUGNkAsbg | 52.20.131.174 | 200 OK | 0 B |
URL HTTP/2thecoveos.com/STNnWjMSEV5oBXEBV3gfaxFLeFV8V1ZjAH5RSmgALVFKblIvAEpjVXgDSmsHLQNRYwN%2BUlE4AWsfRW5WKgQCPwR%2EHlRjUS8eU25VLR4FYlZ9Hl9vVXhWXm8Df1BXbRFlERQtEWUREzJWKlwRP1w6HQQ1XmsfRWsDZwZFdlUoXxQ%2EHy9SCylWZVUGNkAsbg IP52.20.131.174:0
GET /STNnWjMSEV5oBXEBV3gfaxFLeFV8V1ZjAH5RSmgALVFKblIvAEpjVXgDSmsHLQNRYwN%2BUlE4AWsfRW5WKgQCPwR%2EHlRjUS8eU25VLR4FYlZ9Hl9vVXhWXm8Df1BXbRFlERQtEWUREzJWKlwRP1w6HQQ1XmsfRWsDZwZFdlUoXxQ%2EHy9SCylWZVUGNkAsbg HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: bccda8ac61a00c320a9d2f97ea1d91f5=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8442-e8MF6h8hBY4JuSC60Iz/5DUuI54"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/css/bootstrap.min.css | 172.67.70.190 | 200 OK | 0 B |
URL HTTP/2i.doodcdn.co/theme_2/css/bootstrap.min.css IP172.67.70.190:0
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
expires: Fri, 26 Jan 2024 08:26:14 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 2396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyXKWBRHns1%2Fy6QahzbbqiUqwzGYAjLWY9sCf3fzgKZZUzGFvg8ZZQ9CsfP%2BRBQzfrDmy2S2okTamLNMjYw%2BtPAA%2FX6bC18OubPk0B6o8KOFCPBA91Xdr9jkbGDa9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ff6ce72e3fb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/get/1841675?zoneid=1841675&jp=_cl8dzx2kzltcf6dyorzljc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=954184680392312 | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2alas4kanmfa6a4mubte.com/get/1841675?zoneid=1841675&jp=_cl8dzx2kzltcf6dyorzljc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=954184680392312 IP62.122.171.6:0
GET /get/1841675?zoneid=1841675&jp=_cl8dzx2kzltcf6dyorzljc&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=954184680392312 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:27:56 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=23012701278ceb222f975749648425411146; Path=/; Expires=Sat, 27 Jan 2024 06:27:57 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|