dood.yt/d/v7c4uwp5qn33
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/v7c4uwp5qn33 HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 06:37:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Feb 2023 07:37:38 GMT
Location: https://dood.yt/d/v7c4uwp5qn33
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VmrtiaBMsQgf3aX573ruwBD%2B%2FOGMfvshXWjw85qnJ2h68dDXpjS0L9hzLzZrbI9l4n7V1rX4xCWTbun8GDm6uIlDiI1jgXAqt3W4%2Fn49HOj4aoooCt5LlRu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79625b99fc7471ed-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20412
Expires: Wed, 08 Feb 2023 12:17:50 GMT
Date: Wed, 08 Feb 2023 06:37:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4211
Expires: Wed, 08 Feb 2023 07:47:49 GMT
Date: Wed, 08 Feb 2023 06:37:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 06:36:36 GMT
content-type: application/json
age: 62
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11902
Expires: Wed, 08 Feb 2023 09:56:00 GMT
Date: Wed, 08 Feb 2023 06:37:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vSlD5Kuj+Dfkqkjk1IqE0txNhZpiEL5NmDf9pCZw5HNOZskDxSOLRRsViaKhOzStjNThOPNQWRBT3Z+WWtf6CA==
x-amz-request-id: R5DETYSQM47Q4983
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 06:35:50 GMT
age: 108
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 05:51:20 GMT
age: 2778
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3236
Expires: Wed, 08 Feb 2023 07:31:35 GMT
Date: Wed, 08 Feb 2023 06:37:39 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jKedg/FFAtzCSv4D7e65Aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lDkItHj74+AF1FCecoMfHclygGc=
ocsp.digicert.com/
200 OK 280 B IP
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5161
Cache-Control: max-age=141207
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:39 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:51:06 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5489
Cache-Control: max-age=141536
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:39 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:56:35 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
200 OK 591 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
File type ASCII text, with very long lines (1266)
Hash 414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8432152
expires: Mon, 29 Jan 2024 06:37:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9uBfPO7iwLVi4FzYvtA9Pwnphacv6qkXbGSRUra89rJXM6eRdpYc08eYvpSN70gTu7DrODnP%2F499fv98mLjaowYG1gAmNC8cW5Z3zHSmD3nPO4t%2F%2Ba32piR7Deg%2FY%2BlCQUGgfyy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79625ba34d11b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 638a4990025383a0f83ebf29bdb84a68
153e8818dc42f598e47fde8cf398f1447649a4d0
878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1570843
expires: Mon, 29 Jan 2024 06:37:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrDl27M8JI0aYWDRifRKd8UJZVpENHHcSnL1wmtqpac5VbS0RXFKohS3MEdrnj9iMLj%2FOv7AmLJjY7f3l405N%2By%2Bc%2Fhak%2Fcz%2BhoZHlMzEwry3BOgcBsGPShOkrP0Me7prHaPdrqJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79625ba33d0fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5161
Cache-Control: max-age=141207
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:39 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 21:51:06 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
ocsp.buypass.com/
200 OK 1.7 kB IP
ASN #20940 Akamai International B.V.
Hash 995b0a1d0d31c7c1564fd14bef3018f4
bbffcb76fde51c68d11a844d2c4b599118d6dcc8
0104ac0875124f559b14e2c1e0cb2b9018a2f2bb6cd41c182b13a2d4fd164ea0
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 0571319a-cdf2-4d78-9944-131d97132ff2
Content-Length: 1701
Date: Wed, 08 Feb 2023 06:37:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dood.yt/sw.js
200 OK 39 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 18ac260151966d4e511dda210db97721
2beff4266640e5257180303611499daf8c80f79d
4020a9fe63dbfd56202e42615b687a2fcce2ecd7ad7a71c91a2554fe560799e3
GET /sw.js HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/d/v7c4uwp5qn33
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:39 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=102634
access-control-allow-origin: *
cache-control: public, max-age=2592000
expires: Fri, 19 Jan 2024 18:40:58 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1684601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cfb7qwfmd8tK987awovKYjDytpPoubjSXt9BakcEhgySvnMtaJabNP51jPiUNQz5XOWdSBnX8nXS2eqhaKyK7baglJIe3F7IY5%2BRvcZwoFZRpTienTXXY7MV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79625ba2fd6d76a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S8zeMZ-IZHNe6x_IFZJgCv1V8fwSkBh0aNnKfwgGOP5r6U7LjT61qg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:48:02 GMT
age: 2978
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 29903
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xc32O6lBfn7jYg9I3VlZ5FnR9YpJtU3DbYD_ozsf_-R_Ih1-2e1-CQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:10 GMT
age: 32130
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 32137
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 32019
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dood.yt/d/v7c4uwp5qn33
200 OK 5.5 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5674), with no line terminators
Hash 317c9ce13afa050d7e145b09ca5d86e2
40459a9ccf064c74da555e2029b34e8c992d1d81
dc1184368b7e59f171611dfd9b9c2c9b6f7739bc560fc8ea5d237d283a1c0bd3
GET /d/v7c4uwp5qn33 HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:39 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 07 Feb 2023 06:37:39 GMT
set-cookie: lang=1; domain=.dood.yt; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4Eu71pra81pZwokjyPgT2yRzgnLWRwEGXyPJMrKEn19T86SNctyT12qQtiLlwJF4DhckHlFm1U5F%2BZa2nraJA2aPeRwVXHiXTnZHp5aH3pYSOn48%2FdNBIPE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79625ba1fcdb76a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/img/no_video_3.svg
200 OK 2.8 kB URL HTTP/2 i.doodcdn.co/img/no_video_3.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789)
Hash 077bfdaa49ae4877a42611b739ec4752
a2f9e1222b7af9abc05122411ab8902efcc08ead
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Thu, 09 Mar 2023 08:28:58 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 32148
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7UpZXVT23P2B7R5OVUrBeS2XadEAZF0CsFNY5uQqPNP2BzIy5lFkawtJO3yQvYznX4inoZa2qNE3tJxYw93nzk1W4l35D59mPRKETeC0B73OIzhRziFjDhiMYPgsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79625ba95a6cb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/theme_2/fonts/avertastd-regular-webfont.woff2
200 OK 24 kB URL HTTP/2 i.doodcdn.co/theme_2/fonts/avertastd-regular-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23812, version 1.524\012- data
Hash eb586e5a1b86dbf1c866e3ed80f9d18e
280ee78d19c017ab9335f769595e5157d3c4a343
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
GET /theme_2/fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.yt
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: font/woff2
content-length: 23812
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Thu, 09 Mar 2023 18:41:59 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 41375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ks0hdB61KBiJ6zOFG8fTmWBNGWqLyJBISGSc9QDoYDaVu1LW06QdMbzquRX2PDubQ%2BB%2F2TSVGlXiRpgFQJnIp40HeiP0GWybZOnoajpw%2FAZujIOXrUahe3lpFKUTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79625ba9daf2b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2
200 OK 184 kB URL HTTP/2 i.doodcdn.co/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 184476, version 330.-16253\012- data
Size 184 kB (184476 bytes)
Hash 2a6dec1227f9970376f578270a642d06
150a6a7ffdec6e2e2ff4c712d7cee8bd9b930284
e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996
GET /theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.yt
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: font/woff2
content-length: 184476
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Thu, 09 Mar 2023 18:42:08 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 41375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0adGDedOoxemK0SCrN7OHboWDj1NLWJx3gT4vrRs5b8jiupNeICp4WVesK9RNPF%2FOwJN9cARV3dp2o9i2BAgnrPwQuKLcZUZsoJqFjd2X705WLZ4XfzvHRyCG6oIyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79625ba9eafab503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/theme_2/fonts/avertastd-bold-webfont.woff2
200 OK 24 kB URL HTTP/2 i.doodcdn.co/theme_2/fonts/avertastd-bold-webfont.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23604, version 1.0\012- data
Hash e9133fd11f14c09a2e4556c395a0ef7d
00fad09605f3342df5c9aeba130156fe19ade8b0
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91
GET /theme_2/fonts/avertastd-bold-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.yt
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: font/woff2
content-length: 23604
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Thu, 09 Mar 2023 18:43:02 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 41375
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmtY%2FrbWynlf0GtqCuOF9yyJwPAVUraAu1X7%2BsHObWEhYePQ0h%2BgaEfMMMfXBh%2BQ8pofTFmB34rhn4fyLknyQEaPpBxc4Vy9YxPdDax4RvP3K9CN2e2Ae5363hxOZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79625ba9fb14b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/css/embed.css
200 OK 80 kB URL HTTP/2 i.doodcdn.co/css/embed.css
IP
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 010e9740f2148647b93ae896d452119c
888e44accbd7e78a0654fd4eaf7541269d95e4e9
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47
GET /css/embed.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: text/css
content-length: 79720
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: minify
cf-polished: origSize=79890
etag: "61d3187c-13812"
expires: Thu, 09 Mar 2023 05:04:28 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cf-cache-status: HIT
age: 22286
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYqn371KxfNIMpj0mtwu7lkw7mNtz4cELVumw61IHtKsdte%2F%2BDdtQfjaMw1tSOAnx%2Fom1WGXSEjQ3VEXaL7EVONI5ozQLsVdzVEPvVW%2BIgre9vcaErpcpjYVvoufLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79625baa4b63b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62682535c439a55b781222ec36a7fd3a
1d751ec0b7599f4fc9b80e876cf52f1427a70c23
623daa175f96467b32eeed5e2d2c6152265c8e6f7df3d2fbaa7462902471a006
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "623DAA175F96467B32EEED5E2D2C6152265C8E6F7DF3D2FBAA7462902471A006"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3066
Expires: Wed, 08 Feb 2023 07:28:46 GMT
Date: Wed, 08 Feb 2023 06:37:40 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 7c5aac1d645d65fb40f98bce9ea50197
367f1313c0fe9b189f1bb7fb50acff3e528b0ba0
c92c4f1f857c091be82eac51197cfbb9fbf375e2d73d95ce7ec5d7a4831f881d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1012
Cache-Control: max-age=116905
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:40 GMT
Etag: "63e264e9-117"
Expires: Thu, 09 Feb 2023 15:06:05 GMT
Last-Modified: Tue, 07 Feb 2023 14:49:13 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 7c5aac1d645d65fb40f98bce9ea50197
367f1313c0fe9b189f1bb7fb50acff3e528b0ba0
c92c4f1f857c091be82eac51197cfbb9fbf375e2d73d95ce7ec5d7a4831f881d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:40 GMT
Last-Modified: Wed, 08 Feb 2023 04:51:36 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
img.doodcdn.co/splash/mhlvzzx27p329kjn.jpg
200 OK 42 kB URL HTTP/2 img.doodcdn.co/splash/mhlvzzx27p329kjn.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 394x715, components 3\012- data
Hash 02662ce3d5ba59651b8baf2be31d0b34
186e26222ef76e58d94226cc8b893814d9548e3f
943aefceef6060cd636bdefd0ce3ee7b3cbdca4733374db52ed4d885155c5ef8
GET /splash/mhlvzzx27p329kjn.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: image/jpeg
content-length: 42079
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=43309, status=webp_bigger
etag: "63d6f937-a92d"
expires: Tue, 21 Feb 2023 11:30:46 GMT
last-modified: Sun, 29 Jan 2023 22:54:47 GMT
cf-cache-status: HIT
age: 30166
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1w4Fw7WK4pnvyDUPdseN32mwd%2FdBP6qZxOBbYXejNaTjMiVwvqysvaw7R8KydN5RktZelr%2BxQohTQoBAHLYNcw7cWX%2FoImzXJd2fCCklGhamL2MvsuQwTbh3wA4Q8%2FMi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79625baaebe4b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg
200 OK 49 kB URL HTTP/2 cdn.pncloudfl.com/pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash eedf689c4a33b79c440062e703d60ff6
a8300edf1b950a50086eb44165a6f6ae278e5057
b8b368d98eb9d04ce213fa62fa781f3bad8d48e5a57f98359cb880ab9600579f
GET /pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: image/webp
content-length: 48676
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=83221
content-disposition: inline; filename="71add27d5bb61aab24af91ebe2af7f4205a35feb.webp"
etag: 1df69ad2c9b78c9186aaa33fa40c237f
expires: Thu, 09 Feb 2023 22:41:14 GMT
last-modified: Thu, 06 Oct 2022 02:00:51 GMT
vary: Accept
x-openstack-request-id: txe73bad396e604f28ab17d-00633e3eef
x-proxy-cache: HIT
x-timestamp: 1665021650.87526
x-trans-id: txe73bad396e604f28ab17d-00633e3eef
cf-cache-status: HIT
age: 28586
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 79625bab0c31b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash e67efc6f0af64f872609d5d403755d7c
2b6785c96ff51a0caa7a7c90d8e9097a0f418ada
f82e0c5f45fb5a7b666436b1311347d64bec36fbce5458bb9f90af76ef3e9f5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1717
Cache-Control: max-age=124060
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:40 GMT
Etag: "63e27e1b-117"
Expires: Thu, 09 Feb 2023 17:05:20 GMT
Last-Modified: Tue, 07 Feb 2023 16:36:43 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
cdn.bncloudfl.com/bn/8bb/9f7/8bf/8bb9f78bf7d01a053ac73b34735468c1c488b3cc.jpg
200 OK 25 kB URL HTTP/2 cdn.bncloudfl.com/bn/8bb/9f7/8bf/8bb9f78bf7d01a053ac73b34735468c1c488b3cc.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 300x250, components 3\012- data
Hash 86cb270cc41259bae3cb57b58853a364
105f5dab91e4fe599cf57d788d480ff3adb5f944
e76b1868cedc8517a332b92f76b022550dce5d9f6da597d94d52fa441735c88c
GET /bn/8bb/9f7/8bf/8bb9f78bf7d01a053ac73b34735468c1c488b3cc.jpg HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:41 GMT
content-type: image/jpeg
content-length: 24956
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=25602, status=webp_bigger
etag: 8111d6709b49f39d21f280836ae2b038
expires: Wed, 08 Feb 2023 13:55:13 GMT
last-modified: Fri, 30 Dec 2022 09:28:13 GMT
x-openstack-request-id: txb4f123edf91e42e286674-0063aeaf77
x-proxy-cache: HIT
x-timestamp: 1672392492.78160
x-trans-id: txb4f123edf91e42e286674-0063aeaf77
cf-cache-status: HIT
age: 146547
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 79625bab3c71b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8044af11460844840cb4106586a4e16a
0c3ba003a5976445e12b1321d0db293b693aa6d6
1b57a3e895c9b930ace13f64b2b03f1c0892ab2887fd5022560212b7a8b8af76
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B57A3E895C9B930ACE13F64B2B03F1C0892AB2887FD5022560212B7A8B8AF76"
Last-Modified: Tue, 07 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1870
Expires: Wed, 08 Feb 2023 07:08:51 GMT
Date: Wed, 08 Feb 2023 06:37:41 GMT
Connection: keep-alive
alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=pPN48SpBsWtNbE0ZMNHZ3-fCXK3qwdPy_cP-d48AiLC3bHS_kvIMpcehBbXw5SYlYh0JDcjKvM8OQ5PVkgIBg07ttGtd1gzJA3oUyP5qxnba1p1juZPn0YDLEeQVgXw1d52SCnzKDLN7Nh8sJAgPUnUNUDt4BFA1I6ZaMnYOji2isHcFKUuztwsLcRn-XrNn75fo2OzV8beQ0f_Y78fPxk8OP3nhxRqCpHv4x41_5h4RydHTRkCpPwaR0J7AuMWY0bX_cXx59oixWKJkqjCu9XJhtVHkzpvtjxXqjgqhrC0_vlI26Me0eqEfbiIlVjsa_qsD1nTDG1Qoyf-qVJx-6FZNY45v7uusYcF1C0ed_0oB-RdFeIIZNy4Rci68Wz0sFYHQT_X0wW37puUyy-GkS_4TNn8zr4BDSMhL5CgllvgtWUl9cw_7YUILHwE33y-3i9UYamG6A-Hu--8BkEpfEak4lCI29QslYBuQQiu2m0cTP3f11lzEVF-MabHhZu2zbAQHH06_JUXsgUJseNlh0KgpjLkfwTd0tnzyGRjFjbTJju9m5L6wqNL2IYKAS9vgk-9MYuOl_obc_JFK3evzZvwkk8vTZXnlbo6BS8voMuqDOH6yv0vbicOXl3bKBs-wFe4ZpN0ysiOTbL9rOowyI_JJI3RjORt6KWTOyKm4mSg4vli0B34q18AnSBS-ztvN0XPVRnqBToOeON_kOn7i3lEFWm74CIzTZAs3_RBHjZGeeN6MvkVJwxXPCcLigLyD9HCUPHixnxj-bzG4k8291D4U4tAS5JF-9HN51w2kx_Ps_JLuJol7rosPV1Y7CJhsiCO9tygQtVPUsW8=&abvar=0&os=0
200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=pPN48SpBsWtNbE0ZMNHZ3-fCXK3qwdPy_cP-d48AiLC3bHS_kvIMpcehBbXw5SYlYh0JDcjKvM8OQ5PVkgIBg07ttGtd1gzJA3oUyP5qxnba1p1juZPn0YDLEeQVgXw1d52SCnzKDLN7Nh8sJAgPUnUNUDt4BFA1I6ZaMnYOji2isHcFKUuztwsLcRn-XrNn75fo2OzV8beQ0f_Y78fPxk8OP3nhxRqCpHv4x41_5h4RydHTRkCpPwaR0J7AuMWY0bX_cXx59oixWKJkqjCu9XJhtVHkzpvtjxXqjgqhrC0_vlI26Me0eqEfbiIlVjsa_qsD1nTDG1Qoyf-qVJx-6FZNY45v7uusYcF1C0ed_0oB-RdFeIIZNy4Rci68Wz0sFYHQT_X0wW37puUyy-GkS_4TNn8zr4BDSMhL5CgllvgtWUl9cw_7YUILHwE33y-3i9UYamG6A-Hu--8BkEpfEak4lCI29QslYBuQQiu2m0cTP3f11lzEVF-MabHhZu2zbAQHH06_JUXsgUJseNlh0KgpjLkfwTd0tnzyGRjFjbTJju9m5L6wqNL2IYKAS9vgk-9MYuOl_obc_JFK3evzZvwkk8vTZXnlbo6BS8voMuqDOH6yv0vbicOXl3bKBs-wFe4ZpN0ysiOTbL9rOowyI_JJI3RjORt6KWTOyKm4mSg4vli0B34q18AnSBS-ztvN0XPVRnqBToOeON_kOn7i3lEFWm74CIzTZAs3_RBHjZGeeN6MvkVJwxXPCcLigLyD9HCUPHixnxj-bzG4k8291D4U4tAS5JF-9HN51w2kx_Ps_JLuJol7rosPV1Y7CJhsiCO9tygQtVPUsW8=&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841674&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=pPN48SpBsWtNbE0ZMNHZ3-fCXK3qwdPy_cP-d48AiLC3bHS_kvIMpcehBbXw5SYlYh0JDcjKvM8OQ5PVkgIBg07ttGtd1gzJA3oUyP5qxnba1p1juZPn0YDLEeQVgXw1d52SCnzKDLN7Nh8sJAgPUnUNUDt4BFA1I6ZaMnYOji2isHcFKUuztwsLcRn-XrNn75fo2OzV8beQ0f_Y78fPxk8OP3nhxRqCpHv4x41_5h4RydHTRkCpPwaR0J7AuMWY0bX_cXx59oixWKJkqjCu9XJhtVHkzpvtjxXqjgqhrC0_vlI26Me0eqEfbiIlVjsa_qsD1nTDG1Qoyf-qVJx-6FZNY45v7uusYcF1C0ed_0oB-RdFeIIZNy4Rci68Wz0sFYHQT_X0wW37puUyy-GkS_4TNn8zr4BDSMhL5CgllvgtWUl9cw_7YUILHwE33y-3i9UYamG6A-Hu--8BkEpfEak4lCI29QslYBuQQiu2m0cTP3f11lzEVF-MabHhZu2zbAQHH06_JUXsgUJseNlh0KgpjLkfwTd0tnzyGRjFjbTJju9m5L6wqNL2IYKAS9vgk-9MYuOl_obc_JFK3evzZvwkk8vTZXnlbo6BS8voMuqDOH6yv0vbicOXl3bKBs-wFe4ZpN0ysiOTbL9rOowyI_JJI3RjORt6KWTOyKm4mSg4vli0B34q18AnSBS-ztvN0XPVRnqBToOeON_kOn7i3lEFWm74CIzTZAs3_RBHjZGeeN6MvkVJwxXPCcLigLyD9HCUPHixnxj-bzG4k8291D4U4tAS5JF-9HN51w2kx_Ps_JLuJol7rosPV1Y7CJhsiCO9tygQtVPUsW8=&abvar=0&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=230208013701fbbf41ef3344ce9c97df5063
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAAB; Path=/; Expires=Fri, 10 Mar 2023 06:37:40 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj4yxQ; Path=/; Expires=Fri, 10 Mar 2023 06:37:40 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 09 Feb 2023 06:37:40 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash e67efc6f0af64f872609d5d403755d7c
2b6785c96ff51a0caa7a7c90d8e9097a0f418ada
f82e0c5f45fb5a7b666436b1311347d64bec36fbce5458bb9f90af76ef3e9f5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1857
Cache-Control: max-age=124199
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:37:41 GMT
Etag: "63e27e1b-117"
Expires: Thu, 09 Feb 2023 17:07:40 GMT
Last-Modified: Tue, 07 Feb 2023 16:36:43 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=dSawrGrr6OJBeRV95M_eBvkfZhU8uCluFWPVHK_Hz0j-faZqNu0w3GMkVtjlGX7ynNq2Y31NScbiRLNPzO21nldszJ76w1zyFpty1hPT_T4HxiVJJwAX4wb5Mt3w5GM4l65mye6Ajhhym6S4MbyKoXOxcRysrGXLfAeqFXuJcV4T7QPw35bhi1PFmrIS-4IzG_WROga80SsnvVDPDXUVDLTO695baUPDJwDtWh3xdSVoMbpKq3tgmDdnHRFJ72q2vjEUNzI0husjW_bxa2HeW4SekWRlOZD7h6Rd59mSlBifHVtOjQrBq5rnA05rzetoldwLyzR-BNtG5Ngt6SplRVUU3mg6Eejz2iRYN5k4fb5xGAz44hAGaOECKSUJifO0vjyZ7p18-EsRZ5WJcgZV6x01j4W0ywFFJJkmbFL3bRZ60pKquDm_5EgcAYXop4S7xHDf7Zd8GZ3i4jwVtuyw9rY11usmrukdzhm57OYhDXhqsOqVJiSjt3gYeeNr1QBoT27yYnlktCicKapDx1n2Bh__ci1NPk0uEBGtN9IaJWo2I-iU6VTNdNAfEJXupg0ozZOzLrhbVumxY8vchzcxrH40LYhCQtrLXgldpfByPOzK24ePfioZMw_O3R8LPHgI9_fI-Yw1lOhsYBU66OmStZB1XSXVOWXqpczagaUbEPK48nHBjygpx7v1fnz2pAVH-vV-8nm2gatyrnLvod_ZUPsyU2BzZebXvXBcdWyhFTfCHOgcirUJWIvOG9HmeXWh5Dcjd-VvnBDsAS9jJ9ASmPTDkVFRhf6rMwqLnu-0UhHGOxGhxJLvRPNukIwJB97MPA43Kw7NAzbvQXE_RtInevDaVvSfutcpmEle4bosCPlQMbNEqyt2u8kTQF0rFRnFA5PXKqVb8d_ZA1r7spGg0w8h34rM6TeQSZmjzKBv2a9DQYxaDzruAZS4-UXUdWD-5ybFMMBXd_U=&abvar=0&os=0
200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=dSawrGrr6OJBeRV95M_eBvkfZhU8uCluFWPVHK_Hz0j-faZqNu0w3GMkVtjlGX7ynNq2Y31NScbiRLNPzO21nldszJ76w1zyFpty1hPT_T4HxiVJJwAX4wb5Mt3w5GM4l65mye6Ajhhym6S4MbyKoXOxcRysrGXLfAeqFXuJcV4T7QPw35bhi1PFmrIS-4IzG_WROga80SsnvVDPDXUVDLTO695baUPDJwDtWh3xdSVoMbpKq3tgmDdnHRFJ72q2vjEUNzI0husjW_bxa2HeW4SekWRlOZD7h6Rd59mSlBifHVtOjQrBq5rnA05rzetoldwLyzR-BNtG5Ngt6SplRVUU3mg6Eejz2iRYN5k4fb5xGAz44hAGaOECKSUJifO0vjyZ7p18-EsRZ5WJcgZV6x01j4W0ywFFJJkmbFL3bRZ60pKquDm_5EgcAYXop4S7xHDf7Zd8GZ3i4jwVtuyw9rY11usmrukdzhm57OYhDXhqsOqVJiSjt3gYeeNr1QBoT27yYnlktCicKapDx1n2Bh__ci1NPk0uEBGtN9IaJWo2I-iU6VTNdNAfEJXupg0ozZOzLrhbVumxY8vchzcxrH40LYhCQtrLXgldpfByPOzK24ePfioZMw_O3R8LPHgI9_fI-Yw1lOhsYBU66OmStZB1XSXVOWXqpczagaUbEPK48nHBjygpx7v1fnz2pAVH-vV-8nm2gatyrnLvod_ZUPsyU2BzZebXvXBcdWyhFTfCHOgcirUJWIvOG9HmeXWh5Dcjd-VvnBDsAS9jJ9ASmPTDkVFRhf6rMwqLnu-0UhHGOxGhxJLvRPNukIwJB97MPA43Kw7NAzbvQXE_RtInevDaVvSfutcpmEle4bosCPlQMbNEqyt2u8kTQF0rFRnFA5PXKqVb8d_ZA1r7spGg0w8h34rM6TeQSZmjzKBv2a9DQYxaDzruAZS4-UXUdWD-5ybFMMBXd_U=&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841679&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=dSawrGrr6OJBeRV95M_eBvkfZhU8uCluFWPVHK_Hz0j-faZqNu0w3GMkVtjlGX7ynNq2Y31NScbiRLNPzO21nldszJ76w1zyFpty1hPT_T4HxiVJJwAX4wb5Mt3w5GM4l65mye6Ajhhym6S4MbyKoXOxcRysrGXLfAeqFXuJcV4T7QPw35bhi1PFmrIS-4IzG_WROga80SsnvVDPDXUVDLTO695baUPDJwDtWh3xdSVoMbpKq3tgmDdnHRFJ72q2vjEUNzI0husjW_bxa2HeW4SekWRlOZD7h6Rd59mSlBifHVtOjQrBq5rnA05rzetoldwLyzR-BNtG5Ngt6SplRVUU3mg6Eejz2iRYN5k4fb5xGAz44hAGaOECKSUJifO0vjyZ7p18-EsRZ5WJcgZV6x01j4W0ywFFJJkmbFL3bRZ60pKquDm_5EgcAYXop4S7xHDf7Zd8GZ3i4jwVtuyw9rY11usmrukdzhm57OYhDXhqsOqVJiSjt3gYeeNr1QBoT27yYnlktCicKapDx1n2Bh__ci1NPk0uEBGtN9IaJWo2I-iU6VTNdNAfEJXupg0ozZOzLrhbVumxY8vchzcxrH40LYhCQtrLXgldpfByPOzK24ePfioZMw_O3R8LPHgI9_fI-Yw1lOhsYBU66OmStZB1XSXVOWXqpczagaUbEPK48nHBjygpx7v1fnz2pAVH-vV-8nm2gatyrnLvod_ZUPsyU2BzZebXvXBcdWyhFTfCHOgcirUJWIvOG9HmeXWh5Dcjd-VvnBDsAS9jJ9ASmPTDkVFRhf6rMwqLnu-0UhHGOxGhxJLvRPNukIwJB97MPA43Kw7NAzbvQXE_RtInevDaVvSfutcpmEle4bosCPlQMbNEqyt2u8kTQF0rFRnFA5PXKqVb8d_ZA1r7spGg0w8h34rM6TeQSZmjzKBv2a9DQYxaDzruAZS4-UXUdWD-5ybFMMBXd_U=&abvar=0&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=230208013701fbbf41ef3344ce9c97df5063; OACICAP=ACQ6xAAAAAAAAAAB; OACIBLOCK=ACQ6xAAAAABj4yxQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:41 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAABACPunQAAAAAAAAAB; Path=/; Expires=Fri, 10 Mar 2023 06:37:41 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj4yxQACPunQAAAABj4zpg; Path=/; Expires=Fri, 10 Mar 2023 06:37:41 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 09 Feb 2023 06:37:41 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 30ef3d72580191b0a8f7d6abd8ac7912
492c2fa09ee06f5d55307fff8da2c18bcd996c8c
f64a13a8ac93a2cacf4ab9602d8a3effa1ded275b3c7f40236f240cf7e4ca0cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F64A13A8AC93A2CACF4AB9602D8A3EFFA1DED275B3C7F40236F240CF7E4CA0CD"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2035
Expires: Wed, 08 Feb 2023 07:11:36 GMT
Date: Wed, 08 Feb 2023 06:37:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c870022f76a19ae661adbbe5ebac68c1
91479e99e109e7cf5b2506f90aac6e89c4bf60d3
fd061980d6e4498c5c5529702297f81194ac5ce7a13bd04fd51d38e56a202177
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD061980D6E4498C5C5529702297F81194AC5CE7A13BD04FD51D38E56A202177"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15628
Expires: Wed, 08 Feb 2023 10:58:09 GMT
Date: Wed, 08 Feb 2023 06:37:41 GMT
Connection: keep-alive
alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=dSawrGrr6OJBeRV95M_eBvkfZhU8uCluFWPVHK_Hz0j-faZqNu0w3GMkVtjlGX7ynNq2Y31NScbiRLNPzO21nldszJ76w1zyFpty1hPT_T4HxiVJJwAX4wb5Mt3w5GM4l65mye6Ajhhym6S4MbyKoXOxcRysrGXLfAeqFXuJcV4T7QPw35bhi1PFmrIS-4IzG_WROga80SsnvVDPDXUVDLTO695baUPDJwDtWh3xdSVoMbpKq3tgmDdnHRFJ72q2vjEUNzI0husjW_bxa2HeW4SekWRlOZD7h6Rd59mSlBifHVtOjQrBq5rnA05rzetoldwLyzR-BNtG5Ngt6SplRVUU3mg6Eejz2iRYN5k4fb5xGAz44hAGaOECKSUJifO0vjyZ7p18-EsRZ5WJcgZV6x01j4W0ywFFJJkmbFL3bRZ60pKquDm_5EgcAYXop4S7xHDf7Zd8GZ3i4jwVtuyw9rY11usmrukdzhm57OYhDXhqsOqVJiSjt3gYeeNr1QBoT27yYnlktCicKapDx1n2Bh__ci1NPk0uEBGtN9IaJWo2I-iU6VTNdNAfEJXupg0ozZOzLrhbVumxY8vchzcxrH40LYhCQtrLXgldpfByPOzK24ePfioZMw_O3R8LPHgI9_fI-Yw1lOhsYBU66OmStZB1XSXVOWXqpczagaUbEPK48nHBjygpx7v1fnz2pAVH-vV-8nm2gatyrnLvod_ZUPsyU2BzZebXvXBcdWyhFTfCHOgcirUJWIvOG9HmeXWh5Dcjd-VvnBDsAS9jJ9ASmPTDkVFRhf6rMwqLnu-0UhHGOxGhxJLvRPNukIwJB97MPA43Kw7NAzbvQXE_RtInevDaVvSfutcpmEle4bosCPlQMbNEqyt2u8kTQF0rFRnFA5PXKqVb8d_ZA1r7spGg0w8h34rM6TeQSZmjzKBv2a9DQYxaDzruAZS4-UXUdWD-5ybFMMBXd_U=&abvar=0&os=0
200 OK 43 B URL HTTP/2 alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=dSawrGrr6OJBeRV95M_eBvkfZhU8uCluFWPVHK_Hz0j-faZqNu0w3GMkVtjlGX7ynNq2Y31NScbiRLNPzO21nldszJ76w1zyFpty1hPT_T4HxiVJJwAX4wb5Mt3w5GM4l65mye6Ajhhym6S4MbyKoXOxcRysrGXLfAeqFXuJcV4T7QPw35bhi1PFmrIS-4IzG_WROga80SsnvVDPDXUVDLTO695baUPDJwDtWh3xdSVoMbpKq3tgmDdnHRFJ72q2vjEUNzI0husjW_bxa2HeW4SekWRlOZD7h6Rd59mSlBifHVtOjQrBq5rnA05rzetoldwLyzR-BNtG5Ngt6SplRVUU3mg6Eejz2iRYN5k4fb5xGAz44hAGaOECKSUJifO0vjyZ7p18-EsRZ5WJcgZV6x01j4W0ywFFJJkmbFL3bRZ60pKquDm_5EgcAYXop4S7xHDf7Zd8GZ3i4jwVtuyw9rY11usmrukdzhm57OYhDXhqsOqVJiSjt3gYeeNr1QBoT27yYnlktCicKapDx1n2Bh__ci1NPk0uEBGtN9IaJWo2I-iU6VTNdNAfEJXupg0ozZOzLrhbVumxY8vchzcxrH40LYhCQtrLXgldpfByPOzK24ePfioZMw_O3R8LPHgI9_fI-Yw1lOhsYBU66OmStZB1XSXVOWXqpczagaUbEPK48nHBjygpx7v1fnz2pAVH-vV-8nm2gatyrnLvod_ZUPsyU2BzZebXvXBcdWyhFTfCHOgcirUJWIvOG9HmeXWh5Dcjd-VvnBDsAS9jJ9ASmPTDkVFRhf6rMwqLnu-0UhHGOxGhxJLvRPNukIwJB97MPA43Kw7NAzbvQXE_RtInevDaVvSfutcpmEle4bosCPlQMbNEqyt2u8kTQF0rFRnFA5PXKqVb8d_ZA1r7spGg0w8h34rM6TeQSZmjzKBv2a9DQYxaDzruAZS4-UXUdWD-5ybFMMBXd_U=&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841679&pb=07958d1699b8c9150ac446614b2064c11675845460&psp=dSawrGrr6OJBeRV95M_eBvkfZhU8uCluFWPVHK_Hz0j-faZqNu0w3GMkVtjlGX7ynNq2Y31NScbiRLNPzO21nldszJ76w1zyFpty1hPT_T4HxiVJJwAX4wb5Mt3w5GM4l65mye6Ajhhym6S4MbyKoXOxcRysrGXLfAeqFXuJcV4T7QPw35bhi1PFmrIS-4IzG_WROga80SsnvVDPDXUVDLTO695baUPDJwDtWh3xdSVoMbpKq3tgmDdnHRFJ72q2vjEUNzI0husjW_bxa2HeW4SekWRlOZD7h6Rd59mSlBifHVtOjQrBq5rnA05rzetoldwLyzR-BNtG5Ngt6SplRVUU3mg6Eejz2iRYN5k4fb5xGAz44hAGaOECKSUJifO0vjyZ7p18-EsRZ5WJcgZV6x01j4W0ywFFJJkmbFL3bRZ60pKquDm_5EgcAYXop4S7xHDf7Zd8GZ3i4jwVtuyw9rY11usmrukdzhm57OYhDXhqsOqVJiSjt3gYeeNr1QBoT27yYnlktCicKapDx1n2Bh__ci1NPk0uEBGtN9IaJWo2I-iU6VTNdNAfEJXupg0ozZOzLrhbVumxY8vchzcxrH40LYhCQtrLXgldpfByPOzK24ePfioZMw_O3R8LPHgI9_fI-Yw1lOhsYBU66OmStZB1XSXVOWXqpczagaUbEPK48nHBjygpx7v1fnz2pAVH-vV-8nm2gatyrnLvod_ZUPsyU2BzZebXvXBcdWyhFTfCHOgcirUJWIvOG9HmeXWh5Dcjd-VvnBDsAS9jJ9ASmPTDkVFRhf6rMwqLnu-0UhHGOxGhxJLvRPNukIwJB97MPA43Kw7NAzbvQXE_RtInevDaVvSfutcpmEle4bosCPlQMbNEqyt2u8kTQF0rFRnFA5PXKqVb8d_ZA1r7spGg0w8h34rM6TeQSZmjzKBv2a9DQYxaDzruAZS4-UXUdWD-5ybFMMBXd_U=&abvar=0&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=230208013701fbbf41ef3344ce9c97df5063; OACICAP=ACQ6xAAAAAAAAAABACPunQAAAAAAAAAB; OACIBLOCK=ACQ6xAAAAABj4yxQACPunQAAAABj4zpg; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:41 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=81c13afee82149788c8c6a19e6b5d558
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=81c13afee82149788c8c6a19e6b5d558
IP
File type JSON data\012- , ASCII text
Hash 05d71e0fa3f33b1c514b8909205c0022
0b7551ae00f944eae174f83cefa481cb47ef1584
156fc82a9d4c3f06603414138dc8bd02d35761652e591a98d52ec6e0d5abcc0c
GET /gid.js?userId=81c13afee82149788c8c6a19e6b5d558 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dood.yt
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=81c13afee82149788c8c6a19e6b5d558; expires=Thu, 08 Feb 2024 06:37:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pringed.space/TUpSOUg2aCFOFzg4PhtybyImTTg%2BcH0WLCIlNhcxOWUhTmYnOXAVaj4nNBtyfGZwSiU7aGgbfGN6cBVqOSs1ZiEpaGgbcX98agt4b2ZwSj0vFTtdem9wcF99KXtrCn8vZ2AKLC9nZlgufmdrX3l9Z2MNLH18awl%2FLHwwC2ow
200 OK 23 kB URL HTTP/2 pringed.space/TUpSOUg2aCFOFzg4PhtybyImTTg%2BcH0WLCIlNhcxOWUhTmYnOXAVaj4nNBtyfGZwSiU7aGgbfGN6cBVqOSs1ZiEpaGgbcX98agt4b2ZwSj0vFTtdem9wcF99KXtrCn8vZ2AKLC9nZlgufmdrX3l9Z2MNLH18awl%2FLHwwC2ow
IP
File type ASCII text, with very long lines (57578), with no line terminators
Hash 38c37760d6f334dd163d70918c6c0261
3ec7a847e6d2a7a1d43334f90cfbcf7981336ad9
2eff35fd435e01c3c06013ac6bb333c359762032b9bf6521f682206c3ac53ccd
GET /TUpSOUg2aCFOFzg4PhtybyImTTg%2BcH0WLCIlNhcxOWUhTmYnOXAVaj4nNBtyfGZwSiU7aGgbfGN6cBVqOSs1ZiEpaGgbcX98agt4b2ZwSj0vFTtdem9wcF99KXtrCn8vZ2AKLC9nZlgufmdrX3l9Z2MNLH18awl%2FLHwwC2ow HTTP/1.1
Host: pringed.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: d91ef1f566149c8e637de934310a896d=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0ea-bnn1YWv9O8D6EoUKY/k4wuuE4DU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bff3ea895aa5406e1b3d72020e12bcf5
fe8937472ced52b2597203bbc5d4d3f7065cb51e
b57fc45e0e03265fb1805ea53d52094834baf007f8c93a3dadafe28e1db64796
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B57FC45E0E03265FB1805EA53D52094834BAF007F8C93A3DADAFE28E1DB64796"
Last-Modified: Tue, 07 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2954
Expires: Wed, 08 Feb 2023 07:26:55 GMT
Date: Wed, 08 Feb 2023 06:37:41 GMT
Connection: keep-alive
xtthefirean.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xtthefirean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 392
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/get/1841674?zoneid=1841674&jp=_cl20pcrq3uintqwhtx3xkp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2643102530129074
200 OK 1.8 kB URL HTTP/2 alas4kanmfa6a4mubte.com/get/1841674?zoneid=1841674&jp=_cl20pcrq3uintqwhtx3xkp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2643102530129074
IP
Hash ee3a669a16b1e93163809e973415c219
19bcae34d4d077030c8e45380b321fa5b4e29ca9
f8b548e0ad30e85d7ea371000c71aa508ea46b826c82b402901e65592f3fdc84
GET /get/1841674?zoneid=1841674&jp=_cl20pcrq3uintqwhtx3xkp&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=2643102530129074 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2302080137e627d61417274b1fadac6ac621; Path=/; Expires=Thu, 08 Feb 2024 06:37:40 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1175
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 08 Feb 2023 06:37:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://dood.yt
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
xtthefirean.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xtthefirean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.yt/
Content-Type: text/plain;charset=UTF-8
Origin: https://dood.yt
Content-Length: 347
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
xtthefirean.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xtthefirean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.yt/
Content-Type: text/plain;charset=UTF-8
Origin: https://dood.yt
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7697994f8ed09d97fe5cc92fcaeb45bf
a72c1f17084c32c2b8341be2d12de85a8700f077
4f10edc856ec95855d30d603161121ad22bd02332b0b1b9d05389629cd5882d5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F10EDC856EC95855D30D603161121AD22BD02332B0B1B9D05389629CD5882D5"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15554
Expires: Wed, 08 Feb 2023 10:56:57 GMT
Date: Wed, 08 Feb 2023 06:37:43 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7697994f8ed09d97fe5cc92fcaeb45bf
a72c1f17084c32c2b8341be2d12de85a8700f077
4f10edc856ec95855d30d603161121ad22bd02332b0b1b9d05389629cd5882d5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F10EDC856EC95855D30D603161121AD22BD02332B0B1B9D05389629CD5882D5"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15554
Expires: Wed, 08 Feb 2023 10:56:57 GMT
Date: Wed, 08 Feb 2023 06:37:43 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash f8fe4fe7345dd0cfb39639cab548e175
ed1742f0dbff0e398750a70c9c490e31cddbb4b5
08c8be95830b7c2319129a15f3fa7e218d3b9a76940b493a87e4a127d57bb274
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "08C8BE95830B7C2319129A15F3FA7E218D3B9A76940B493A87E4A127D57BB274"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5485
Expires: Wed, 08 Feb 2023 08:09:08 GMT
Date: Wed, 08 Feb 2023 06:37:43 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7697994f8ed09d97fe5cc92fcaeb45bf
a72c1f17084c32c2b8341be2d12de85a8700f077
4f10edc856ec95855d30d603161121ad22bd02332b0b1b9d05389629cd5882d5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F10EDC856EC95855D30D603161121AD22BD02332B0B1B9D05389629CD5882D5"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15554
Expires: Wed, 08 Feb 2023 10:56:57 GMT
Date: Wed, 08 Feb 2023 06:37:43 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash f8fe4fe7345dd0cfb39639cab548e175
ed1742f0dbff0e398750a70c9c490e31cddbb4b5
08c8be95830b7c2319129a15f3fa7e218d3b9a76940b493a87e4a127d57bb274
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "08C8BE95830B7C2319129A15F3FA7E218D3B9A76940B493A87E4A127D57BB274"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5485
Expires: Wed, 08 Feb 2023 08:09:08 GMT
Date: Wed, 08 Feb 2023 06:37:43 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7697994f8ed09d97fe5cc92fcaeb45bf
a72c1f17084c32c2b8341be2d12de85a8700f077
4f10edc856ec95855d30d603161121ad22bd02332b0b1b9d05389629cd5882d5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F10EDC856EC95855D30D603161121AD22BD02332B0B1B9D05389629CD5882D5"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15554
Expires: Wed, 08 Feb 2023 10:56:57 GMT
Date: Wed, 08 Feb 2023 06:37:43 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 7697994f8ed09d97fe5cc92fcaeb45bf
a72c1f17084c32c2b8341be2d12de85a8700f077
4f10edc856ec95855d30d603161121ad22bd02332b0b1b9d05389629cd5882d5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F10EDC856EC95855D30D603161121AD22BD02332B0B1B9D05389629CD5882D5"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15554
Expires: Wed, 08 Feb 2023 10:56:57 GMT
Date: Wed, 08 Feb 2023 06:37:43 GMT
Connection: keep-alive
cdn.itskiddien.club/apu.php?zoneid=5609943
200 OK 30 kB URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5609943
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2d0faaf8f0a016cd9a5034ce09e43691
10b07e133a43dff41c044e0833400be2a06948b0
bd1debcfd8a2e8d6d97191b39d9999541586f5d9b1fa7f720c9b8311de7fef6e
GET /apu.php?zoneid=5609943 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:41 GMT
content-type: application/javascript
x-trace-id: e0a4f7f77d59459b39b95fc451ced603
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=81c13afee82149788c8c6a19e6b5d558; expires=Thu, 08 Feb 2024 06:37:41 GMT; path=/; secure; SameSite=None
oaidts=1675838261; expires=Thu, 08 Feb 2024 06:37:41 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/4857535?excludes=&oaid=81c13afee82149788c8c6a19e6b5d558&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fv7c4uwp5qn33&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
200 OK 1.3 kB URL HTTP/2 betotodilea.com/500/4857535?excludes=&oaid=81c13afee82149788c8c6a19e6b5d558&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fv7c4uwp5qn33&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
Hash dea2ca53a394c90310ac1d5c094bec37
81e2e55eb02675b801af92e948222592d341696f
7e8178e31a4eadedd981d67c47474ba72b8739dff6ca7eebc7d7adfebb8c63e1
Analyzer Verdict Alert quad9 Sinkholed
GET /500/4857535?excludes=&oaid=81c13afee82149788c8c6a19e6b5d558&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fv7c4uwp5qn33&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Cookie: OAID=a1bc8b2fd8b64cd3ba05e70000d64c34
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:46 GMT
content-type: application/javascript
x-trace-id: 820870516ac1a5ca4c8e031f28dde1d7
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dood.yt
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=81c13afee82149788c8c6a19e6b5d558; expires=Thu, 08 Feb 2024 06:37:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
offerimage.com/www/images/6c0c198b9685b0a9c36463e9e5628e2a.jpeg
200 OK 17 kB URL HTTP/2 offerimage.com/www/images/6c0c198b9685b0a9c36463e9e5628e2a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 6c0c198b9685b0a9c36463e9e5628e2a
c785a908f82a6a7525025bef53494375adacce19
5daf8cd7000ee973cf17cac44f4563830eaf4f6fa9f044a3bbb1b93e37be6bb6
GET /www/images/6c0c198b9685b0a9c36463e9e5628e2a.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:46 GMT
content-type: image/jpeg
content-length: 16576
cache-control: max-age=86400
cf-bgj: h2pri
etag: "60f80882-40c0"
expires: Wed, 08 Feb 2023 17:43:00 GMT
last-modified: Wed, 21 Jul 2021 11:44:02 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 46486
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79625bcd080f0b45-OSL
X-Firefox-Spdy: h2
i.doodcdn.co/theme_2/css/bootstrap.min.css
200 OK 0 B URL HTTP/2 i.doodcdn.co/theme_2/css/bootstrap.min.css
IP
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
expires: Wed, 07 Feb 2024 08:28:17 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 2120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRmApDNgbfDnQj3HrXImCXIFL5QMCOU6dKxtA1GDzom3HAcZuNlKFIfRMF6p3xW1Pb%2FuprqHLTubwiEkOGni37C2Z3zFKRT9WG9eVjlEQDUxRB%2FfAN%2F%2F2lrTJMtbfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79625ba95a79b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap
IP
GET /css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 06:37:39 GMT
date: Wed, 08 Feb 2023 06:37:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/lv/esnk/1841674/code.js
200 OK 0 B URL HTTP/2 alas4kanmfa6a4mubte.com/lv/esnk/1841674/code.js
IP
GET /lv/esnk/1841674/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:39 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 10:48:43 GMT
vary: Accept-Encoding
etag: W/"63d8f20b-1a5bb"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/lv/esnk/1841679/code.js
200 OK 0 B URL HTTP/2 alas4kanmfa6a4mubte.com/lv/esnk/1841679/code.js
IP
GET /lv/esnk/1841679/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:39 GMT
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 10:48:43 GMT
vary: Accept-Encoding
etag: W/"63d8f20b-1a5bb"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/api.js
302 Found 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js
IP
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 08 Feb 2023 06:37:40 GMT
cache-control: max-age=300, public
location: /turnstile/v0/g/11998cc3/api.js
vary: accept-encoding
set-cookie: __cf_bm=XPiXLhxqqQAzmfYlUB2KBzqL9T4OniSwrrnYR6h1tCk-1675838260-0-AavTu2C7Nm0Sr3o5NpNtN9gTpZrIH/qzZXsAl83LRhd3gU+J2h0odNq1vmeRM7JupQ9iqlJLoykXSuJ4GFFYJVY=; path=/; expires=Wed, 08-Feb-23 07:07:40 GMT; domain=.challenges.cloudflare.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 79625baaa8bf0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/theme_2/css/style.css?v=0.1
200 OK 0 B URL HTTP/2 i.doodcdn.co/theme_2/css/style.css?v=0.1
IP
GET /theme_2/css/style.css?v=0.1 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=249272
expires: Wed, 07 Feb 2024 08:55:17 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 46920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMhga3qCiqoa8Og5Wl13Va823mw1jaDSOiu8MlthAAT8Za0J%2FpJktrR5WTwBHJsl2EYFXQQiSrXTscHPTJIMVYyYYchYwq5YImENj1d2yXluhnWgQfyvqEfu%2FcM6OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79625ba95a69b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alas4kanmfa6a4mubte.com/get/1841679?zoneid=1841679&jp=_clml4sexliaqdrqhpy9wva&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=672777693181994
200 OK 0 B URL HTTP/2 alas4kanmfa6a4mubte.com/get/1841679?zoneid=1841679&jp=_clml4sexliaqdrqhpy9wva&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=672777693181994
IP
GET /get/1841679?zoneid=1841679&jp=_clml4sexliaqdrqhpy9wva&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=672777693181994 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=230208013701fbbf41ef3344ce9c97df5063; Path=/; Expires=Thu, 08 Feb 2024 06:37:40 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/g/11998cc3/api.js
200 OK 0 B URL HTTP/2 challenges.cloudflare.com/turnstile/v0/g/11998cc3/api.js
IP
GET /turnstile/v0/g/11998cc3/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.yt/
Connection: keep-alive
Cookie: __cf_bm=XPiXLhxqqQAzmfYlUB2KBzqL9T4OniSwrrnYR6h1tCk-1675838260-0-AavTu2C7Nm0Sr3o5NpNtN9gTpZrIH/qzZXsAl83LRhd3gU+J2h0odNq1vmeRM7JupQ9iqlJLoykXSuJ4GFFYJVY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 79625baab8cf0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
betotodilea.com/400/4857535
200 OK 0 B URL HTTP/2 betotodilea.com/400/4857535
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4857535 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:40 GMT
content-type: application/javascript
x-trace-id: 666d7d43402ec62f748d5d6404917c86
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a1bc8b2fd8b64cd3ba05e70000d64c34; expires=Thu, 08 Feb 2024 06:37:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
xtthefirean.com/djNRSDQtEWh6Ak4BYWoYVBF9alJDV2BxB0FRfHoHElF8fFUQAHxxUkcDfHkAEgNncQRBUmcqBlQfc3BQQgozcAJOHjN9ARUeZX8AQB5peFcUHml%2BBhBRN30MQgZkfRZaESI%2EFloRKTxAHlY3IUYTUj9mVxlec2QWRwN%2EfRZaVTAkRxMfNylYBVZ9LlUaQDQV
200 OK 0 B URL HTTP/2 xtthefirean.com/djNRSDQtEWh6Ak4BYWoYVBF9alJDV2BxB0FRfHoHElF8fFUQAHxxUkcDfHkAEgNncQRBUmcqBlQfc3BQQgozcAJOHjN9ARUeZX8AQB5peFcUHml%2BBhBRN30MQgZkfRZaESI%2EFloRKTxAHlY3IUYTUj9mVxlec2QWRwN%2EfRZaVTAkRxMfNylYBVZ9LlUaQDQV
IP
GET /djNRSDQtEWh6Ak4BYWoYVBF9alJDV2BxB0FRfHoHElF8fFUQAHxxUkcDfHkAEgNncQRBUmcqBlQfc3BQQgozcAJOHjN9ARUeZX8AQB5peFcUHml%2BBhBRN30MQgZkfRZaESI%2EFloRKTxAHlY3IUYTUj9mVxlec2QWRwN%2EfRZaVTAkRxMfNylYBVZ9LlUaQDQV HTTP/1.1
Host: xtthefirean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: b4c001d311ae26f2e6ed40591c0a519b=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-yvDveXOzhcnvW3MlOotLZskqLyo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=j3J5ZKSpOrK-wp0rsrJZmG35ckyLfaQAwUFdIXaS8tFbTSSrR10bqDtuzkaupW4VuuZMvyWSYV0SpwDFwcolmTnvEaWMD74Mo1TyNdVWzivY98qzZb86rI1Qao-Ary0zn6UGFEBOcx_mNdudWglykUliculLCjFanCquvKzAJy6ebp3hrdNQlnlpq5HwQfD9tnURzXuBbKvnDtpSplSmY5CU8r7sTFV5&request_ab2=0&zoneid=5609943&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fv7c4uwp5qn33&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=b8d5a517-e541-4d72-b378-19b47eaa0472&userId=81c13afee82149788c8c6a19e6b5d558&m=link
200 OK 0 B URL HTTP/2 cdn.itskiddien.club/?rb=j3J5ZKSpOrK-wp0rsrJZmG35ckyLfaQAwUFdIXaS8tFbTSSrR10bqDtuzkaupW4VuuZMvyWSYV0SpwDFwcolmTnvEaWMD74Mo1TyNdVWzivY98qzZb86rI1Qao-Ary0zn6UGFEBOcx_mNdudWglykUliculLCjFanCquvKzAJy6ebp3hrdNQlnlpq5HwQfD9tnURzXuBbKvnDtpSplSmY5CU8r7sTFV5&request_ab2=0&zoneid=5609943&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fv7c4uwp5qn33&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=b8d5a517-e541-4d72-b378-19b47eaa0472&userId=81c13afee82149788c8c6a19e6b5d558&m=link
IP
GET /?rb=j3J5ZKSpOrK-wp0rsrJZmG35ckyLfaQAwUFdIXaS8tFbTSSrR10bqDtuzkaupW4VuuZMvyWSYV0SpwDFwcolmTnvEaWMD74Mo1TyNdVWzivY98qzZb86rI1Qao-Ary0zn6UGFEBOcx_mNdudWglykUliculLCjFanCquvKzAJy6ebp3hrdNQlnlpq5HwQfD9tnURzXuBbKvnDtpSplSmY5CU8r7sTFV5&request_ab2=0&zoneid=5609943&js_build=iclick-v1.482.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2Fv7c4uwp5qn33&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.482.0&bs=b8d5a517-e541-4d72-b378-19b47eaa0472&userId=81c13afee82149788c8c6a19e6b5d558&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.yt/
Origin: https://dood.yt
Connection: keep-alive
Cookie: OAID=81c13afee82149788c8c6a19e6b5d558; oaidts=1675838261
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:37:41 GMT
content-type: application/json
x-trace-id: 21ea822584122fd1a5e9059fb5757477
access-control-allow-origin: https://dood.yt
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=81c13afee82149788c8c6a19e6b5d558; expires=Thu, 08 Feb 2024 06:37:41 GMT; path=/; secure; SameSite=None
oaidts=1675838261; expires=Thu, 08 Feb 2024 06:37:41 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 Feb 2023 06:37:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
172.64.173.36
104.22.58.221
139.45.195.8
23.36.76.226
62.122.171.6