| dood.yt/d/3c84kfuwt19t |  172.64.96.8 | 301 Moved Permanently | 0 B |
IP172.64.96.8:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/3c84kfuwt19t HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 23:06:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 31 Jan 2023 00:06:09 GMT
Location: https://dood.yt/d/3c84kfuwt19t
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baLRfAXboKq7CZUC%2F0jdyn167aexB27iF%2BHyAgD2gBluZJbbr0tw0Mbjik4spi%2FkvtB4axRWBmkIkAheWZoX%2Bo3heg1DHGyiDPUjld7yMl5ljtY11sHcAaB4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791ddb438ec8d188-LHR
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashd2e72d45afe3d391c204b5391599607c 149d68b9d00a720b6f380fa2324779dca9dbe26d f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18792
Expires: Tue, 31 Jan 2023 04:19:22 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash0c35c3ec659d3a26ea97e68d787bb043 d97e3672244efec5b7814f2d8a734cd1a9387854 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2764
Expires: Mon, 30 Jan 2023 23:52:14 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 22:35:47 GMT
content-type: application/json
age: 1823
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash302c7548412192add063ad6c8b99cf3b e5d178931a27db036ce8daae302594d3ff7050b8 fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6821
Expires: Tue, 31 Jan 2023 00:59:51 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zW2hw5Qy1Q/vijknB1uLieyjzu/6Ki5SPmssuodtapOCdErYvHBfUh9EvntefE0c/aMngQrLUXc=
x-amz-request-id: 1831516DBQYHFBZF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 22:21:58 GMT
age: 2652
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 344 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash58927c4ce1aad1c04d6eb75fc484150f c18ba77b8b9c06bd36ced0129ff682aa2c83939b eb6a6b8e8a1d007d0ea6065f7d8a389214b2c1daa422a8af623a816ccea17138
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "EB6A6B8E8A1D007D0EA6065F7D8A389214B2C1DAA422A8AF623A816CCEA17138"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2259
Expires: Mon, 30 Jan 2023 23:43:49 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 344 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash58927c4ce1aad1c04d6eb75fc484150f c18ba77b8b9c06bd36ced0129ff682aa2c83939b eb6a6b8e8a1d007d0ea6065f7d8a389214b2c1daa422a8af623a816ccea17138
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "EB6A6B8E8A1D007D0EA6065F7D8A389214B2C1DAA422A8AF623A816CCEA17138"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2259
Expires: Mon, 30 Jan 2023 23:43:49 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js |  104.17.25.14 | 200 OK | 28 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (65451) Hash638a4990025383a0f83ebf29bdb84a68 153e8818dc42f598e47fde8cf398f1447649a4d0 878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 852554
expires: Sat, 20 Jan 2024 23:06:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoL4tGfmh1aHjFG57mrqOvZuTvF%2BEuGnp4uBOP347mP6NmUrSjlSVIFkheuW7ZJlZaUHsuhg4mtm91nGdAabXhgGnWnD48L7W%2FQPwWwkESvifBMHlKiCKuUzFRD0c98VbPdPWZIw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791ddb472e0cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js | 104.17.25.14 | 200 OK | 591 B |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (1266) Hash414869f16aa77a65b4928a018f7f1abb cea521f7a2958a50239526ed6b068f0937527653 afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7713863
expires: Sat, 20 Jan 2024 23:06:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlyJlWTOi04x8jDVRELXXFOr5nSBkhShxF%2FeUBlhBAXon6aGVxgplHOwCGgPeGDW4MGhbCa%2BDDbRV1lgcGHE5X1Hp%2BCYikXXxjszxsJrXVo5l94H8w1EQRo8CDq0YzlzBS1BRMwE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791ddb472e19b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2a3cd0859e6d5058085bb0dc33a709f0 bdaf1b376e109ebb176c65169491512c7ddbebef bbac868bef19c546e809184809721608288978de165a3832baebf8d30f75a174
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BBAC868BEF19C546E809184809721608288978DE165A3832BAEBF8D30F75A174"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19319
Expires: Tue, 31 Jan 2023 04:28:09 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2a3cd0859e6d5058085bb0dc33a709f0 bdaf1b376e109ebb176c65169491512c7ddbebef bbac868bef19c546e809184809721608288978de165a3832baebf8d30f75a174
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BBAC868BEF19C546E809184809721608288978DE165A3832BAEBF8D30F75A174"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19319
Expires: Tue, 31 Jan 2023 04:28:09 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2a3cd0859e6d5058085bb0dc33a709f0 bdaf1b376e109ebb176c65169491512c7ddbebef bbac868bef19c546e809184809721608288978de165a3832baebf8d30f75a174
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BBAC868BEF19C546E809184809721608288978DE165A3832BAEBF8D30F75A174"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19319
Expires: Tue, 31 Jan 2023 04:28:09 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 23:06:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.doodcdn.co/img/no_video_3.svg | 172.67.70.190 | 200 OK | 2.8 kB |
URL HTTP/2i.doodcdn.co/img/no_video_3.svg IP172.67.70.190:0
File typeSVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789) Hash077bfdaa49ae4877a42611b739ec4752 a2f9e1222b7af9abc05122411ab8902efcc08ead 70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Wed, 01 Mar 2023 08:23:51 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 5088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpiqAWkQtgP%2FWSO64%2Fl5Zcu4fgR0UZ9YIDeMUAnHmgx7ienhRtKrvG1IF6lxvrwddq5S%2FWq81YLEu%2FDFENjvGlGqlfihlRGjab6HfQoaKr9jVt75WCXmksZwW%2BlLFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791ddb47a81fb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 95.101.11.115 | 200 OK | 346 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash2a3cd0859e6d5058085bb0dc33a709f0 bdaf1b376e109ebb176c65169491512c7ddbebef bbac868bef19c546e809184809721608288978de165a3832baebf8d30f75a174
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BBAC868BEF19C546E809184809721608288978DE165A3832BAEBF8D30F75A174"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19319
Expires: Tue, 31 Jan 2023 04:28:09 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 23:06:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash8581259558c3ff3954763c73c2407040 d83252adbe63d377fdd3a1bc883fff72cce42f69 e987eb1e468493aa7ac499039a3affd2f84dcac161498619825309b1256155cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E987EB1E468493AA7AC499039A3AFFD2F84DCAC161498619825309B1256155CC"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5161
Expires: Tue, 31 Jan 2023 00:32:11 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash17234afade9bbc17ceea1cbfcb17dfda 0f89f397eda5009be0e9efe14c6a980b19e7fda1 4b488db50d11b1493f762afea16eb068e50932106c599db637521d7532c3a27a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5321
Cache-Control: max-age=148308
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 23:06:10 GMT
Etag: "63d7d8ed-117"
Expires: Wed, 01 Feb 2023 16:17:58 GMT
Last-Modified: Mon, 30 Jan 2023 14:49:17 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
|
|
| cdn.pncloudfl.com/pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png | 172.67.25.161 | 200 OK | 27 kB |
URL HTTP/2cdn.pncloudfl.com/pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png IP172.67.25.161:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash0bc7572129e84749c119db04346b0f07 bf8ae67f194c2faeb6a47d419d130dde27b9ae6f 6363f6dc72449ab775a6af3103e61617ecf70ebb8140996b9384a3eaa8b3698d
GET /pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: image/webp
content-length: 26892
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=70331
content-disposition: inline; filename="b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.webp"
etag: def74d9769fe75363891a2868865d99a
expires: Wed, 01 Feb 2023 21:53:33 GMT
last-modified: Tue, 22 Nov 2022 09:19:36 GMT
vary: Accept
x-openstack-request-id: txa3bf70e532dd40ea8f5b2-00637c9634
x-proxy-cache: HIT
x-timestamp: 1669108775.40440
x-trans-id: txa3bf70e532dd40ea8f5b2-00637c9634
cf-cache-status: HIT
age: 4357
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 791ddb497c481c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.pncloudfl.com/pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg | 172.67.25.161 | 200 OK | 49 kB |
URL HTTP/2cdn.pncloudfl.com/pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg IP172.67.25.161:0
File typeRIFF (little-endian) data, Web/P image\012- data Hasheedf689c4a33b79c440062e703d60ff6 a8300edf1b950a50086eb44165a6f6ae278e5057 b8b368d98eb9d04ce213fa62fa781f3bad8d48e5a57f98359cb880ab9600579f
GET /pn/71a/dd2/7d5/71add27d5bb61aab24af91ebe2af7f4205a35feb.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: image/webp
content-length: 48676
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=83221
content-disposition: inline; filename="71add27d5bb61aab24af91ebe2af7f4205a35feb.webp"
etag: 1df69ad2c9b78c9186aaa33fa40c237f
expires: Wed, 01 Feb 2023 22:18:49 GMT
last-modified: Thu, 06 Oct 2022 02:00:51 GMT
vary: Accept
x-openstack-request-id: txe73bad396e604f28ab17d-00633e3eef
x-proxy-cache: HIT
x-timestamp: 1665021650.87526
x-trans-id: txe73bad396e604f28ab17d-00633e3eef
cf-cache-status: HIT
age: 2841
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 791ddb498c611c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash69eca46c177eab29667b52b28174ec5c e632b73ff88f0bcb901f6dc5182bc9f300877845 ef1c5b83a38ceea21c12fb63d148f6109c7f2f444e74450c5d3f8e704e3e4953
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF1C5B83A38CEEA21C12FB63D148F6109C7F2F444E74450C5D3F8E704E3E4953"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9693
Expires: Tue, 31 Jan 2023 01:47:43 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| betotodilea.com/400/4857535 | 139.45.197.237 | 200 OK | 33 kB |
URL HTTP/2betotodilea.com/400/4857535 IP139.45.197.237:0
Hashed3f7f723e9647eab72e2cb91ff5767b ae2b24d6ec4167c174d521ba7b31301cfce3b544 b723166f5b7eeba1efa6e0afb2f2bcb461ab2899e799fdfbb0600ae590e81906
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /400/4857535 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/javascript
x-trace-id: 3781b7019e61fd559cb989fef89c90ae
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a2d16a1d2117415c95993740afcb9ef4; expires=Tue, 30 Jan 2024 23:06:10 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 22:41:41 GMT
age: 1469
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=kWTI-tRR8HWX_ukMEwCc-_Wgm9crWq6p5e6GVPj1_04OU0wAQoI8JVq_iRRbbYlcDRRLprqd56wSz9riHquH50n9f51rVtDxR1o4udlQ0zINUZ6ndWp6dWtsMKvKhizu3EAKMalZXFobUXWPGflDMzqUOATSUbB2m0EvAQ29TGWdc5zZlV_qTnyd9zdb266TDn-jFiyL8XFO-vSdyoWFIlqY6717G-k__x6aav8EFEDucyTSSiFLLfCQpYTeTIz_NPzexxom4sMKURYWVZJTGDUTmiL_BrWxje6-VWWsmp5D_YiXic1lEtt9R7ENrilURGtTyYOlyFQdC-LwgBejiXg9wZOicCM958zpYPgaLhdlVjgZC7En5V8WdZyTUIdxhAFTa6GcW4DCLa6ZwxUAEAqCJS0gPoSomDCYEDk03BmJSyx8n4PyU15cag9_fMfh90aNCn0bRkZ2rq9neg4owIue70Hwk6Rpv_JwD_nEOV0QMsDbZgxBx0cqHstKso2D3oelrZGWF6j4QksMpf176NE_mr3FdES_NjcKbWlFoXIq2cT3XoQZCmlCWiFLlQDJMgM4V5ywzpPHqa1CifvP7Otx6yL2XcALsm-T94nngn2SSPwMKPKlN5lSr-mihoZXCdVvxneyE6s5kRHGRM0vNkTFNnj2xFB9-VFkunJ6hDyZ_bRr0pymFjjy6HATz9VseejzK6f_nVQZg_Jo4YSkPZX79UZ_frfuvCa1mTdSQOooj90EP8-jFLOeyaKsr_PdJTsA11OhY_bU9kbMH4Vn5rdSRPtAu8ocRolB5IJUWYnwZCRySIb5RKYI9zuxZmLg8sqCcx_wEIl5ISPE_8kLXqRwTfdoDGClvto=&abvar=22&os=0 |  62.122.171.6 | 200 OK | 43 B |
URL HTTP/2alas4kanmfa6a4mubte.com/chicken.gif?z=1841674&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=kWTI-tRR8HWX_ukMEwCc-_Wgm9crWq6p5e6GVPj1_04OU0wAQoI8JVq_iRRbbYlcDRRLprqd56wSz9riHquH50n9f51rVtDxR1o4udlQ0zINUZ6ndWp6dWtsMKvKhizu3EAKMalZXFobUXWPGflDMzqUOATSUbB2m0EvAQ29TGWdc5zZlV_qTnyd9zdb266TDn-jFiyL8XFO-vSdyoWFIlqY6717G-k__x6aav8EFEDucyTSSiFLLfCQpYTeTIz_NPzexxom4sMKURYWVZJTGDUTmiL_BrWxje6-VWWsmp5D_YiXic1lEtt9R7ENrilURGtTyYOlyFQdC-LwgBejiXg9wZOicCM958zpYPgaLhdlVjgZC7En5V8WdZyTUIdxhAFTa6GcW4DCLa6ZwxUAEAqCJS0gPoSomDCYEDk03BmJSyx8n4PyU15cag9_fMfh90aNCn0bRkZ2rq9neg4owIue70Hwk6Rpv_JwD_nEOV0QMsDbZgxBx0cqHstKso2D3oelrZGWF6j4QksMpf176NE_mr3FdES_NjcKbWlFoXIq2cT3XoQZCmlCWiFLlQDJMgM4V5ywzpPHqa1CifvP7Otx6yL2XcALsm-T94nngn2SSPwMKPKlN5lSr-mihoZXCdVvxneyE6s5kRHGRM0vNkTFNnj2xFB9-VFkunJ6hDyZ_bRr0pymFjjy6HATz9VseejzK6f_nVQZg_Jo4YSkPZX79UZ_frfuvCa1mTdSQOooj90EP8-jFLOeyaKsr_PdJTsA11OhY_bU9kbMH4Vn5rdSRPtAu8ocRolB5IJUWYnwZCRySIb5RKYI9zuxZmLg8sqCcx_wEIl5ISPE_8kLXqRwTfdoDGClvto=&abvar=22&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841674&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=kWTI-tRR8HWX_ukMEwCc-_Wgm9crWq6p5e6GVPj1_04OU0wAQoI8JVq_iRRbbYlcDRRLprqd56wSz9riHquH50n9f51rVtDxR1o4udlQ0zINUZ6ndWp6dWtsMKvKhizu3EAKMalZXFobUXWPGflDMzqUOATSUbB2m0EvAQ29TGWdc5zZlV_qTnyd9zdb266TDn-jFiyL8XFO-vSdyoWFIlqY6717G-k__x6aav8EFEDucyTSSiFLLfCQpYTeTIz_NPzexxom4sMKURYWVZJTGDUTmiL_BrWxje6-VWWsmp5D_YiXic1lEtt9R7ENrilURGtTyYOlyFQdC-LwgBejiXg9wZOicCM958zpYPgaLhdlVjgZC7En5V8WdZyTUIdxhAFTa6GcW4DCLa6ZwxUAEAqCJS0gPoSomDCYEDk03BmJSyx8n4PyU15cag9_fMfh90aNCn0bRkZ2rq9neg4owIue70Hwk6Rpv_JwD_nEOV0QMsDbZgxBx0cqHstKso2D3oelrZGWF6j4QksMpf176NE_mr3FdES_NjcKbWlFoXIq2cT3XoQZCmlCWiFLlQDJMgM4V5ywzpPHqa1CifvP7Otx6yL2XcALsm-T94nngn2SSPwMKPKlN5lSr-mihoZXCdVvxneyE6s5kRHGRM0vNkTFNnj2xFB9-VFkunJ6hDyZ_bRr0pymFjjy6HATz9VseejzK6f_nVQZg_Jo4YSkPZX79UZ_frfuvCa1mTdSQOooj90EP8-jFLOeyaKsr_PdJTsA11OhY_bU9kbMH4Vn5rdSRPtAu8ocRolB5IJUWYnwZCRySIb5RKYI9zuxZmLg8sqCcx_wEIl5ISPE_8kLXqRwTfdoDGClvto=&abvar=22&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301301806f4a1b02bd5bc4560b7f0c2e25f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACMMIAAAAAAAAAAB; Path=/; Expires=Wed, 01 Mar 2023 23:06:10 GMT; Secure; SameSite=None
OACIBLOCK=ACMMIAAAAABj2Evw; Path=/; Expires=Wed, 01 Mar 2023 23:06:10 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Tue, 31 Jan 2023 23:06:10 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.18.7.185 | 302 Found | 43 B |
URL HTTP/2challenges.cloudflare.com/turnstile/v0/api.js IP104.18.7.185:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 30 Jan 2023 23:06:10 GMT
cache-control: max-age=300, public
vary: accept-encoding
location: /turnstile/v0/g/c595c5c5/api.js
set-cookie: __cf_bm=YMDFoC7VC3F_eBRScAJLDzU8vCjb.jyNbAT7kTR8aeg-1675119970-0-AaIsYcX1Et/NlOQpG/hhMvIW6Y30BKJTMKBAvZPf6PfKwDwd3o39EcqCdmTTB24aMP8cCtVeu1Izov+lmLee9CU=; path=/; expires=Mon, 30-Jan-23 23:36:10 GMT; domain=.challenges.cloudflare.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791ddb498f23b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=-dr--ms0HCM6idtzWGaNT9UIkm_Q7KEjlvp8CfiRmwbzhkOsXt-MEMYZGU5GnEBVlQRcoXiZnEsgKD8Jcq3zOCfocYKkhqjJMBfUdNz2PybSLoD_In-sgviFjX9hPtfctmr2lNTMxKqTA3dvsZbTDXziwAgVtKO-pQpG_zIj4Oahz7usjqU6cbxdnGqJwT1CU98ZYVU2S9KN740tmSzofnkTSwk99zSCqx12PqGuBIIRapZoxP9IbhvIffkDGhUbGC6IMotPFLG0vL87jP0wFliK-AlHsGsd8o_unaO9TlDmKwVgwJ8TL5262qyL25K3AyT9TFF7bXPDY8m1VqK5iPZTOojG9YW7g-46R8BP-hnElMjiC5P2q_eB_uu0y09igdMgo1jmWvQ9yfRcVF6t9z8PkyHKg59UuqR-3fZsLrscB7CTPXy383Ixf38c6Z7MlN6wwl77C_9it9dYuE0hVxXINT5s5NOthFGsd_FAqNxlfbtFE13B1GVhUixlVYjEtgQCw6J9whEKGJ25G0ja7fzlWlICudCvKG9LFuivJqwPP2kFP_c8fCAdtMANXeh5d0L2DWt3mHQ943GaFZCYCOdHr_YsAeQTV6a3KPfZZLJ9Np_igcJnDr5E6dguOVME5heTkvrwppI62kDj-T7rD84MOLRRu46IsjFQbQZQsMVZnS9u-6LnT6C_Z9X509hpjs-LZCVbdgqH3C4aqmggAZ5rBft0YRRQZNRAbWXDOO0wVrU8A53vZPp9PnimSUaS0R86ETrYr49szkid2x1YwEMfigh_p5SRTlefKljyTKOdxexkfBUB6wQZfYSyT5FxSFiDiK_ynvl20C-tOdoyzBEJOysdYYJl&abvar=23&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2alas4kanmfa6a4mubte.com/chicken.gif?z=1841679&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=-dr--ms0HCM6idtzWGaNT9UIkm_Q7KEjlvp8CfiRmwbzhkOsXt-MEMYZGU5GnEBVlQRcoXiZnEsgKD8Jcq3zOCfocYKkhqjJMBfUdNz2PybSLoD_In-sgviFjX9hPtfctmr2lNTMxKqTA3dvsZbTDXziwAgVtKO-pQpG_zIj4Oahz7usjqU6cbxdnGqJwT1CU98ZYVU2S9KN740tmSzofnkTSwk99zSCqx12PqGuBIIRapZoxP9IbhvIffkDGhUbGC6IMotPFLG0vL87jP0wFliK-AlHsGsd8o_unaO9TlDmKwVgwJ8TL5262qyL25K3AyT9TFF7bXPDY8m1VqK5iPZTOojG9YW7g-46R8BP-hnElMjiC5P2q_eB_uu0y09igdMgo1jmWvQ9yfRcVF6t9z8PkyHKg59UuqR-3fZsLrscB7CTPXy383Ixf38c6Z7MlN6wwl77C_9it9dYuE0hVxXINT5s5NOthFGsd_FAqNxlfbtFE13B1GVhUixlVYjEtgQCw6J9whEKGJ25G0ja7fzlWlICudCvKG9LFuivJqwPP2kFP_c8fCAdtMANXeh5d0L2DWt3mHQ943GaFZCYCOdHr_YsAeQTV6a3KPfZZLJ9Np_igcJnDr5E6dguOVME5heTkvrwppI62kDj-T7rD84MOLRRu46IsjFQbQZQsMVZnS9u-6LnT6C_Z9X509hpjs-LZCVbdgqH3C4aqmggAZ5rBft0YRRQZNRAbWXDOO0wVrU8A53vZPp9PnimSUaS0R86ETrYr49szkid2x1YwEMfigh_p5SRTlefKljyTKOdxexkfBUB6wQZfYSyT5FxSFiDiK_ynvl20C-tOdoyzBEJOysdYYJl&abvar=23&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841679&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=-dr--ms0HCM6idtzWGaNT9UIkm_Q7KEjlvp8CfiRmwbzhkOsXt-MEMYZGU5GnEBVlQRcoXiZnEsgKD8Jcq3zOCfocYKkhqjJMBfUdNz2PybSLoD_In-sgviFjX9hPtfctmr2lNTMxKqTA3dvsZbTDXziwAgVtKO-pQpG_zIj4Oahz7usjqU6cbxdnGqJwT1CU98ZYVU2S9KN740tmSzofnkTSwk99zSCqx12PqGuBIIRapZoxP9IbhvIffkDGhUbGC6IMotPFLG0vL87jP0wFliK-AlHsGsd8o_unaO9TlDmKwVgwJ8TL5262qyL25K3AyT9TFF7bXPDY8m1VqK5iPZTOojG9YW7g-46R8BP-hnElMjiC5P2q_eB_uu0y09igdMgo1jmWvQ9yfRcVF6t9z8PkyHKg59UuqR-3fZsLrscB7CTPXy383Ixf38c6Z7MlN6wwl77C_9it9dYuE0hVxXINT5s5NOthFGsd_FAqNxlfbtFE13B1GVhUixlVYjEtgQCw6J9whEKGJ25G0ja7fzlWlICudCvKG9LFuivJqwPP2kFP_c8fCAdtMANXeh5d0L2DWt3mHQ943GaFZCYCOdHr_YsAeQTV6a3KPfZZLJ9Np_igcJnDr5E6dguOVME5heTkvrwppI62kDj-T7rD84MOLRRu46IsjFQbQZQsMVZnS9u-6LnT6C_Z9X509hpjs-LZCVbdgqH3C4aqmggAZ5rBft0YRRQZNRAbWXDOO0wVrU8A53vZPp9PnimSUaS0R86ETrYr49szkid2x1YwEMfigh_p5SRTlefKljyTKOdxexkfBUB6wQZfYSyT5FxSFiDiK_ynvl20C-tOdoyzBEJOysdYYJl&abvar=23&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301301806f4a1b02bd5bc4560b7f0c2e25f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACQ6xAAAAAAAAAAB; Path=/; Expires=Wed, 01 Mar 2023 23:06:10 GMT; Secure; SameSite=None
OACIBLOCK=ACQ6xAAAAABj107Q; Path=/; Expires=Wed, 01 Mar 2023 23:06:10 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Tue, 31 Jan 2023 23:06:10 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash17234afade9bbc17ceea1cbfcb17dfda 0f89f397eda5009be0e9efe14c6a980b19e7fda1 4b488db50d11b1493f762afea16eb068e50932106c599db637521d7532c3a27a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5923
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 23:06:10 GMT
Etag: "63d7d8ed-117"
Last-Modified: Mon, 30 Jan 2023 21:27:27 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 279
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19646
Expires: Tue, 31 Jan 2023 04:33:36 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash70e707c42c801a1049e860e866986ba9 c9cee0a9eb8f1177a433ae72d351964c40071806 20fabe4860cf874d6512c2f2277a812c6ac57b7d25cf6e7ed9a98e323b761b5b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20FABE4860CF874D6512C2F2277A812C6AC57B7D25CF6E7ED9A98E323B761B5B"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10226
Expires: Tue, 31 Jan 2023 01:56:36 GMT
Date: Mon, 30 Jan 2023 23:06:10 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashf90597ac725c17232fb0e807e80359b2 6d88f61dd41cce96246caa8ed81b7593455e4671 2456263dd21986d49ea478d5a5d69ee7b741b3291bb456e9cc4f9cf0cf2a5cb2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2456263DD21986D49EA478D5A5D69EE7B741B3291BB456E9CC4F9CF0CF2A5CB2"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6631
Expires: Tue, 31 Jan 2023 00:56:42 GMT
Date: Mon, 30 Jan 2023 23:06:11 GMT
Connection: keep-alive
|
|
| alas4kanmfa6a4mubte.com/whob.gif?z=1841674&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=QovmGfv4fYO3PqLVGFi2t8xapYfUJ8ZfNGXat2Ge8Rvb8qHmDdlVED5V-MLBdApLaWEkYcUkQH-mWnc-vS9RBl3_SDs3L1FNA2ZYnsA3AcuoTmc16t2g9rE7u_cZOtTloitXS2wBhZH9JpsH0JpOQxXtVaA4IKS5MCPGkLJOeAf6V25WvaSKBrX7zARCXjtJsmmyoMCywT-mu7HYu40Po3IQ4ZTUkcforfnMjjVkN9NfAIz3x-k2XKUQ8G_-V6YsiW3G78hPZMo07H265DjnNaXi-8xkFvLsGon-wkp3YHEF5lS6c9OoOo2IEl-AM-iDTJKM6HD0yJ_Dr7siiZKw-gz1cLUaYjRaC37SiwABFtMhG8l8Xi_vt9xcYlhKeN-ctxFkaL3ucfK6NFHDC1XEf3CG0flB-w75Fn_CB0d5jzMclVX7zi0J2LAZFAlI-jEsI7aGssItUQ7FcK03EVa5BFnI5krnFDpA2bex6sCzDqypHOp_GSRpzyFksOQ9qY6aQNHjer_kuWeK_3zeC_J0HI40gFFHy4jRmj3SJ53Ka9jQw6Crrko0vzNCeGC3iaPAC6IOzJVGiZ1OUBuSukn0FKf5KVUbXU5hfrC9c7Y1zD3v-QpI8s0WWGW9VIbqxlSSU2yUeVQQ2zCi7wC149RL7ZAtFtRt9RaivbPRFkd1BMP4Z8x1ff63Qdb2VWltJYIkEA1Qhu_Uk7yqoLh_BPD12SkpNuAdk4kwbMrbNtL3EssDYT6Hbxb_w1CIqwWNzc1XU2VAvUDL8LJ_Ui2fK-Z0fKRU1W6SIjvwEbzcArb6-1VkAyWc7JwFpNx2qfL4Ut_ofAxnHH4R8JL1hiftLMYEbXr2lKYUaKo7&abvar=22&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2alas4kanmfa6a4mubte.com/whob.gif?z=1841674&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=QovmGfv4fYO3PqLVGFi2t8xapYfUJ8ZfNGXat2Ge8Rvb8qHmDdlVED5V-MLBdApLaWEkYcUkQH-mWnc-vS9RBl3_SDs3L1FNA2ZYnsA3AcuoTmc16t2g9rE7u_cZOtTloitXS2wBhZH9JpsH0JpOQxXtVaA4IKS5MCPGkLJOeAf6V25WvaSKBrX7zARCXjtJsmmyoMCywT-mu7HYu40Po3IQ4ZTUkcforfnMjjVkN9NfAIz3x-k2XKUQ8G_-V6YsiW3G78hPZMo07H265DjnNaXi-8xkFvLsGon-wkp3YHEF5lS6c9OoOo2IEl-AM-iDTJKM6HD0yJ_Dr7siiZKw-gz1cLUaYjRaC37SiwABFtMhG8l8Xi_vt9xcYlhKeN-ctxFkaL3ucfK6NFHDC1XEf3CG0flB-w75Fn_CB0d5jzMclVX7zi0J2LAZFAlI-jEsI7aGssItUQ7FcK03EVa5BFnI5krnFDpA2bex6sCzDqypHOp_GSRpzyFksOQ9qY6aQNHjer_kuWeK_3zeC_J0HI40gFFHy4jRmj3SJ53Ka9jQw6Crrko0vzNCeGC3iaPAC6IOzJVGiZ1OUBuSukn0FKf5KVUbXU5hfrC9c7Y1zD3v-QpI8s0WWGW9VIbqxlSSU2yUeVQQ2zCi7wC149RL7ZAtFtRt9RaivbPRFkd1BMP4Z8x1ff63Qdb2VWltJYIkEA1Qhu_Uk7yqoLh_BPD12SkpNuAdk4kwbMrbNtL3EssDYT6Hbxb_w1CIqwWNzc1XU2VAvUDL8LJ_Ui2fK-Z0fKRU1W6SIjvwEbzcArb6-1VkAyWc7JwFpNx2qfL4Ut_ofAxnHH4R8JL1hiftLMYEbXr2lKYUaKo7&abvar=22&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841674&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=QovmGfv4fYO3PqLVGFi2t8xapYfUJ8ZfNGXat2Ge8Rvb8qHmDdlVED5V-MLBdApLaWEkYcUkQH-mWnc-vS9RBl3_SDs3L1FNA2ZYnsA3AcuoTmc16t2g9rE7u_cZOtTloitXS2wBhZH9JpsH0JpOQxXtVaA4IKS5MCPGkLJOeAf6V25WvaSKBrX7zARCXjtJsmmyoMCywT-mu7HYu40Po3IQ4ZTUkcforfnMjjVkN9NfAIz3x-k2XKUQ8G_-V6YsiW3G78hPZMo07H265DjnNaXi-8xkFvLsGon-wkp3YHEF5lS6c9OoOo2IEl-AM-iDTJKM6HD0yJ_Dr7siiZKw-gz1cLUaYjRaC37SiwABFtMhG8l8Xi_vt9xcYlhKeN-ctxFkaL3ucfK6NFHDC1XEf3CG0flB-w75Fn_CB0d5jzMclVX7zi0J2LAZFAlI-jEsI7aGssItUQ7FcK03EVa5BFnI5krnFDpA2bex6sCzDqypHOp_GSRpzyFksOQ9qY6aQNHjer_kuWeK_3zeC_J0HI40gFFHy4jRmj3SJ53Ka9jQw6Crrko0vzNCeGC3iaPAC6IOzJVGiZ1OUBuSukn0FKf5KVUbXU5hfrC9c7Y1zD3v-QpI8s0WWGW9VIbqxlSSU2yUeVQQ2zCi7wC149RL7ZAtFtRt9RaivbPRFkd1BMP4Z8x1ff63Qdb2VWltJYIkEA1Qhu_Uk7yqoLh_BPD12SkpNuAdk4kwbMrbNtL3EssDYT6Hbxb_w1CIqwWNzc1XU2VAvUDL8LJ_Ui2fK-Z0fKRU1W6SIjvwEbzcArb6-1VkAyWc7JwFpNx2qfL4Ut_ofAxnHH4R8JL1hiftLMYEbXr2lKYUaKo7&abvar=22&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301301806f4a1b02bd5bc4560b7f0c2e25f; OACICAP=ACQ6xAAAAAAAAAAB; OACIBLOCK=ACQ6xAAAAABj107Q; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:11 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 34.216.86.11 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.216.86.11:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SPDR7U9CKoymr09uHMcCHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8VapZq32Nr15gRO1MPn8Hx6s+Pg=
|
|
| alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=-dr--ms0HCM6idtzWGaNT9UIkm_Q7KEjlvp8CfiRmwbzhkOsXt-MEMYZGU5GnEBVlQRcoXiZnEsgKD8Jcq3zOCfocYKkhqjJMBfUdNz2PybSLoD_In-sgviFjX9hPtfctmr2lNTMxKqTA3dvsZbTDXziwAgVtKO-pQpG_zIj4Oahz7usjqU6cbxdnGqJwT1CU98ZYVU2S9KN740tmSzofnkTSwk99zSCqx12PqGuBIIRapZoxP9IbhvIffkDGhUbGC6IMotPFLG0vL87jP0wFliK-AlHsGsd8o_unaO9TlDmKwVgwJ8TL5262qyL25K3AyT9TFF7bXPDY8m1VqK5iPZTOojG9YW7g-46R8BP-hnElMjiC5P2q_eB_uu0y09igdMgo1jmWvQ9yfRcVF6t9z8PkyHKg59UuqR-3fZsLrscB7CTPXy383Ixf38c6Z7MlN6wwl77C_9it9dYuE0hVxXINT5s5NOthFGsd_FAqNxlfbtFE13B1GVhUixlVYjEtgQCw6J9whEKGJ25G0ja7fzlWlICudCvKG9LFuivJqwPP2kFP_c8fCAdtMANXeh5d0L2DWt3mHQ943GaFZCYCOdHr_YsAeQTV6a3KPfZZLJ9Np_igcJnDr5E6dguOVME5heTkvrwppI62kDj-T7rD84MOLRRu46IsjFQbQZQsMVZnS9u-6LnT6C_Z9X509hpjs-LZCVbdgqH3C4aqmggAZ5rBft0YRRQZNRAbWXDOO0wVrU8A53vZPp9PnimSUaS0R86ETrYr49szkid2x1YwEMfigh_p5SRTlefKljyTKOdxexkfBUB6wQZfYSyT5FxSFiDiK_ynvl20C-tOdoyzBEJOysdYYJl&abvar=23&os=0 | 62.122.171.6 | 200 OK | 43 B |
URL HTTP/2alas4kanmfa6a4mubte.com/whob.gif?z=1841679&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=-dr--ms0HCM6idtzWGaNT9UIkm_Q7KEjlvp8CfiRmwbzhkOsXt-MEMYZGU5GnEBVlQRcoXiZnEsgKD8Jcq3zOCfocYKkhqjJMBfUdNz2PybSLoD_In-sgviFjX9hPtfctmr2lNTMxKqTA3dvsZbTDXziwAgVtKO-pQpG_zIj4Oahz7usjqU6cbxdnGqJwT1CU98ZYVU2S9KN740tmSzofnkTSwk99zSCqx12PqGuBIIRapZoxP9IbhvIffkDGhUbGC6IMotPFLG0vL87jP0wFliK-AlHsGsd8o_unaO9TlDmKwVgwJ8TL5262qyL25K3AyT9TFF7bXPDY8m1VqK5iPZTOojG9YW7g-46R8BP-hnElMjiC5P2q_eB_uu0y09igdMgo1jmWvQ9yfRcVF6t9z8PkyHKg59UuqR-3fZsLrscB7CTPXy383Ixf38c6Z7MlN6wwl77C_9it9dYuE0hVxXINT5s5NOthFGsd_FAqNxlfbtFE13B1GVhUixlVYjEtgQCw6J9whEKGJ25G0ja7fzlWlICudCvKG9LFuivJqwPP2kFP_c8fCAdtMANXeh5d0L2DWt3mHQ943GaFZCYCOdHr_YsAeQTV6a3KPfZZLJ9Np_igcJnDr5E6dguOVME5heTkvrwppI62kDj-T7rD84MOLRRu46IsjFQbQZQsMVZnS9u-6LnT6C_Z9X509hpjs-LZCVbdgqH3C4aqmggAZ5rBft0YRRQZNRAbWXDOO0wVrU8A53vZPp9PnimSUaS0R86ETrYr49szkid2x1YwEMfigh_p5SRTlefKljyTKOdxexkfBUB6wQZfYSyT5FxSFiDiK_ynvl20C-tOdoyzBEJOysdYYJl&abvar=23&os=0 IP62.122.171.6:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841679&pb=38a627907f031af3f74ed36a2094d17a1675127170&psp=-dr--ms0HCM6idtzWGaNT9UIkm_Q7KEjlvp8CfiRmwbzhkOsXt-MEMYZGU5GnEBVlQRcoXiZnEsgKD8Jcq3zOCfocYKkhqjJMBfUdNz2PybSLoD_In-sgviFjX9hPtfctmr2lNTMxKqTA3dvsZbTDXziwAgVtKO-pQpG_zIj4Oahz7usjqU6cbxdnGqJwT1CU98ZYVU2S9KN740tmSzofnkTSwk99zSCqx12PqGuBIIRapZoxP9IbhvIffkDGhUbGC6IMotPFLG0vL87jP0wFliK-AlHsGsd8o_unaO9TlDmKwVgwJ8TL5262qyL25K3AyT9TFF7bXPDY8m1VqK5iPZTOojG9YW7g-46R8BP-hnElMjiC5P2q_eB_uu0y09igdMgo1jmWvQ9yfRcVF6t9z8PkyHKg59UuqR-3fZsLrscB7CTPXy383Ixf38c6Z7MlN6wwl77C_9it9dYuE0hVxXINT5s5NOthFGsd_FAqNxlfbtFE13B1GVhUixlVYjEtgQCw6J9whEKGJ25G0ja7fzlWlICudCvKG9LFuivJqwPP2kFP_c8fCAdtMANXeh5d0L2DWt3mHQ943GaFZCYCOdHr_YsAeQTV6a3KPfZZLJ9Np_igcJnDr5E6dguOVME5heTkvrwppI62kDj-T7rD84MOLRRu46IsjFQbQZQsMVZnS9u-6LnT6C_Z9X509hpjs-LZCVbdgqH3C4aqmggAZ5rBft0YRRQZNRAbWXDOO0wVrU8A53vZPp9PnimSUaS0R86ETrYr49szkid2x1YwEMfigh_p5SRTlefKljyTKOdxexkfBUB6wQZfYSyT5FxSFiDiK_ynvl20C-tOdoyzBEJOysdYYJl&abvar=23&os=0 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301301806f4a1b02bd5bc4560b7f0c2e25f; OACICAP=ACQ6xAAAAAAAAAAB; OACIBLOCK=ACQ6xAAAAABj107Q; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:11 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| pringed.space/ZHFNRHUfUz4zKhEDIWZPRhk5MAUXS2JrEQseKWoMEF4%2BM1sOAm9oVxccK2ZPVV1vNxgSU3dmQUpBb2hXEBAqGxwAU3dmTFZHdXZFRl1vNwAGLiQgR0ZLbyJAAEB0d0IGXH93EQZceSUTV1x0IkRUXHxwEVRHdHRCBUcvdlcZ | 52.20.131.174 | 200 OK | 23 kB |
URL HTTP/2pringed.space/ZHFNRHUfUz4zKhEDIWZPRhk5MAUXS2JrEQseKWoMEF4%2BM1sOAm9oVxccK2ZPVV1vNxgSU3dmQUpBb2hXEBAqGxwAU3dmTFZHdXZFRl1vNwAGLiQgR0ZLbyJAAEB0d0IGXH93EQZceSUTV1x0IkRUXHxwEVRHdHRCBUcvdlcZ IP52.20.131.174:0
Hash6009759114865016f1f56b6c231eb6d7 62c4bc8dcee7be9d503a0aa640d5270cdab7f3d9 ec4104b64e9521d3ab8c5ba277a0e0ab67792cb3de8718ec1d5f9ac11ddfe0d1
GET /ZHFNRHUfUz4zKhEDIWZPRhk5MAUXS2JrEQseKWoMEF4%2BM1sOAm9oVxccK2ZPVV1vNxgSU3dmQUpBb2hXEBAqGxwAU3dmTFZHdXZFRl1vNwAGLiQgR0ZLbyJAAEB0d0IGXH93EQZceSUTV1x0IkRUXHxwEVRHdHRCBUcvdlcZ HTTP/1.1
Host: pringed.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 044353943d5cbc4b00967023eb177499=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"e0e6-6b+7/04i0ekSrHN4F5BRdugtlmE"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| nanrumandba.xyz/utx?tid=926820&top=dood.yt&cb=wcDCNSA31lSq | 54.230.111.103 | 204 No Content | 0 B |
URL HTTP/2nanrumandba.xyz/utx?tid=926820&top=dood.yt&cb=wcDCNSA31lSq IP54.230.111.103:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=926820&top=dood.yt&cb=wcDCNSA31lSq HTTP/1.1
Host: nanrumandba.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 23:06:11 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://dood.yt
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 30 Jan 2023 23:07:11 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NZrS4pZ-apvzd_BS-KUhgAa5cEzBrNi3RfuWwsgb3-3vAfZb6lcT9w==
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f | 139.45.195.254 | 200 OK | 12 B |
URL HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f IP139.45.195.254:0
File typeJSON data\012- , ASCII text, with no line terminators Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 901
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 30 Jan 2023 23:06:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://dood.yt
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| my.rtmark.net/gid.js?userId=c886092438c447ea81f87169b42221c7 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=c886092438c447ea81f87169b42221c7 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hashaece6266363279aa913ed3290c4ea69a 16e58c7122f26228a27cc21d75766afcf6f033b4 dd422b82564481ba2183562f30baeae2890696f337843376058e2141f6df5ea0
GET /gid.js?userId=c886092438c447ea81f87169b42221c7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://dood.yt
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c886092438c447ea81f87169b42221c7; expires=Tue, 30 Jan 2024 23:06:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/apu.php?zoneid=5609943 | 139.45.197.236 | 200 OK | 34 kB |
URL HTTP/2cdn.itskiddien.club/apu.php?zoneid=5609943 IP139.45.197.236:0
Hash75af4f4dcc6095e0c14392a76efeb4ef 732a6ca0ed4abeb445514e1f7ff732d78c2eca6c ecd84c15f5d78acfba61dd79f697c7a4d1d0294aab5ca41171be567e69818f13
GET /apu.php?zoneid=5609943 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:11 GMT
content-type: application/javascript
x-trace-id: c4a7323aa586c5802377baac59107f49
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=c886092438c447ea81f87169b42221c7; expires=Tue, 30 Jan 2024 23:06:11 GMT; path=/; secure; SameSite=None
oaidts=1675119971; expires=Tue, 30 Jan 2024 23:06:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| thecoveos.com/ | 52.20.131.174 | 200 OK | 0 B |
IP52.20.131.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 378
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| thecoveos.com/aGhqUkIzSlNgdFBaWnBuSkpGcCRdDFtrcV8KR2BxDApHZiMOW0drJFlYR2N2DFhca3JfCVwwcEpESGBwWQtSYydbRQk2IVhFXmp6DkVTY3AKRVJkclwND2pwCV1fYmBEShklYERKHjonCwccNy0bRgk9L0pESGNyRl1IfiQJBBk3bg4JBiEnRA4LPjENNQ | 52.20.131.174 | 200 OK | 13 kB |
URL HTTP/2thecoveos.com/aGhqUkIzSlNgdFBaWnBuSkpGcCRdDFtrcV8KR2BxDApHZiMOW0drJFlYR2N2DFhca3JfCVwwcEpESGBwWQtSYydbRQk2IVhFXmp6DkVTY3AKRVJkclwND2pwCV1fYmBEShklYERKHjonCwccNy0bRgk9L0pESGNyRl1IfiQJBBk3bg4JBiEnRA4LPjENNQ IP52.20.131.174:0
File typeASCII text, with very long lines (33858), with no line terminators Hash6ec11a3136b544ec811c600175406925 6216584c21744c332cf36de3993f6e09a2cca527 5728096462917a116736d95f5b29b06ea16273ca6a31e5cb3510857f948aed92
GET /aGhqUkIzSlNgdFBaWnBuSkpGcCRdDFtrcV8KR2BxDApHZiMOW0drJFlYR2N2DFhca3JfCVwwcEpESGBwWQtSYydbRQk2IVhFXmp6DkVTY3AKRVJkclwND2pwCV1fYmBEShklYERKHjonCwccNy0bRgk9L0pESGNyRl1IfiQJBBk3bg4JBiEnRA4LPjENNQ HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 68890b5ec6b8046ebee97ca6d651c4a8=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8442-SWOxmPQfdYvWC7Z5yjlJ1oKTxOQ"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| thecoveos.com/ | 52.20.131.174 | 200 OK | 0 B |
IP52.20.131.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: thecoveos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.yt/
Content-Type: text/plain;charset=UTF-8
Origin: https://dood.yt
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12716
Expires: Tue, 31 Jan 2023 02:38:08 GMT
Date: Mon, 30 Jan 2023 23:06:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12716
Expires: Tue, 31 Jan 2023 02:38:08 GMT
Date: Mon, 30 Jan 2023 23:06:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12716
Expires: Tue, 31 Jan 2023 02:38:08 GMT
Date: Mon, 30 Jan 2023 23:06:12 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash146cb1c622ae62d62090dcaf81709056 c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e d1a2caf59c5bfb3fd66c804217c60705de91e5beebd006cffab1d712a5aef85b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8755
x-amzn-requestid: 18054ad3-92df-4a07-b7d1-643293ba4a5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1hDGZfoAMFsFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c6c-7aae5ef32459231c25465b1b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:05:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5GkQA5AcFOFc2Wn5rdaX7nH5F4wfy52vtlpbI8Qlai-jQE77inKzqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 10:06:07 GMT
age: 46805
etag: "c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7b596a8e984911df703e15c72d25d513 a1fa1355f4de6f246d35bed9f128e13fc9dc4e72 aba708124199ec6b0ce86ac14c6c18d233ff405071a7f22522217c2fcb0aa9b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13557
x-amzn-requestid: 981a0f31-e874-4392-a81d-12d667020700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-JGEsoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca85a-7398031f2676734c65447e5b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FyAjKljyMSyfuIALULEbba8rfn71egrWLza3UND5qKFtT8M0xKJNrA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:02:12 GMT
age: 3840
etag: "a1fa1355f4de6f246d35bed9f128e13fc9dc4e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7550d034-a90a-434b-9fea-868c8c7b245c.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7550d034-a90a-434b-9fea-868c8c7b245c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashda3305c255098d7a3ae582b5962ba14c 00b899160598d98b5026d4b53814b16d3f745b14 d505f682650fcacc557eb821a055b0e6c61f4d2aa2c5d8f3b595a2d240335b55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7550d034-a90a-434b-9fea-868c8c7b245c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5678
x-amzn-requestid: 7fdf597d-0f02-48ef-9059-04d99a0d5dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffy4JFm8IAMFjJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d631cd-6044076459b6b9815fbfbe9c;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 08:43:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w1OY-d-PqtQ6UnIIdLhYkvNlm6CSImBXYdQFkhBlweSIDxDaT5FdYQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:59:01 GMT
age: 4031
etag: "00b899160598d98b5026d4b53814b16d3f745b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe6f9ffb8f9e99229b45ca5fdb84ce7d5 04577ad69ee9749b14382254eb5bbf0e1edcd7fa 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZP2Mar8l3QoPH733_vv3hUuQjWvaN4_TgfYwme2-6WIxGi55BoSchg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 03:24:10 GMT
age: 70922
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3366ef4f8733cb9c89a5c88f63a0a441 7da46843b6d885f38a4759a08e6c899906ab7b97 7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 01:57:09 GMT
age: 76143
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4a2d26da68a313cc65958fc2692351c2 798c3538f3147ca77d317676ddd1bf040bd0f93b 76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 4671
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/4857535?excludes=&oaid=c886092438c447ea81f87169b42221c7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2F3c84kfuwt19t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 0 B |
URL HTTP/2betotodilea.com/500/4857535?excludes=&oaid=c886092438c447ea81f87169b42221c7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2F3c84kfuwt19t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
OPTIONS /500/4857535?excludes=&oaid=c886092438c447ea81f87169b42221c7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2F3c84kfuwt19t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dood.yt/
Origin: https://dood.yt
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:16 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://dood.yt
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashcfe2d3468f98a7cb707b15b7cee50118 f69313b5cfbc10de800006869472db9d15349bed 0c810d929010bcd5a05f6a8c3d3b9955ca23265323cc250bb5653d13aa38c4e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6014
Cache-Control: max-age=99653
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 23:06:16 GMT
Etag: "63d7182f-117"
Expires: Wed, 01 Feb 2023 02:47:09 GMT
Last-Modified: Mon, 30 Jan 2023 01:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
|
|
| betotodilea.com/500/4857535?excludes=&oaid=c886092438c447ea81f87169b42221c7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2F3c84kfuwt19t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false | 139.45.197.237 | 200 OK | 12 kB |
URL HTTP/2betotodilea.com/500/4857535?excludes=&oaid=c886092438c447ea81f87169b42221c7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2F3c84kfuwt19t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false IP139.45.197.237:0
Hash345281b708e9cd62560c4d5c915a4a71 b87cd14688dc87bd4430cae85a1e5a9eb5232415 88f21d41ced7fb53945f9619593c76b8796c4eccfda463a9067758c62f20d5d4
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /500/4857535?excludes=&oaid=c886092438c447ea81f87169b42221c7&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fdood.yt%2Fd%2F3c84kfuwt19t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://dood.yt
Connection: keep-alive
Referer: https://dood.yt/
Cookie: OAID=a2d16a1d2117415c95993740afcb9ef4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:16 GMT
content-type: application/javascript
x-trace-id: 1f3cd37798ef8904c6b560422fc72fd3
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dood.yt
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c886092438c447ea81f87169b42221c7; expires=Tue, 30 Jan 2024 23:06:16 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dood.yt/sw.js | 172.64.97.8 | 200 OK | 0 B |
IP172.64.97.8:0
GET /sw.js HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/d/3c84kfuwt19t
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=102634
access-control-allow-origin: *
cache-control: public, max-age=2592000
expires: Fri, 19 Jan 2024 18:41:22 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 966288
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXHDZWXn6j%2F45mNDv1QpNz32gCU3PBpRhgnZkzzwGu6rYmPjJpqxgkBqjaM7PCTmrDVxHy0Q6ugOdCPpSDmI%2F63QBYwV6o0NyQ4r0Mm50Rl2WFOpfI4779va"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791ddb471c6b7314-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/lv/esnk/1841679/code.js | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2alas4kanmfa6a4mubte.com/lv/esnk/1841679/code.js IP62.122.171.6:0
GET /lv/esnk/1841679/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 11:38:46 GMT
vary: Accept-Encoding
etag: W/"63d7ac46-1a5aa"
x-js-ab1: var23
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dood.yt/d/3c84kfuwt19t | 172.64.97.8 | 200 OK | 0 B |
IP172.64.97.8:0
GET /d/3c84kfuwt19t HTTP/1.1
Host: dood.yt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 29 Jan 2023 23:06:10 GMT
set-cookie: lang=1; domain=.dood.yt; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52VdWn%2FB1%2F77tI5z9Qv5fH2JbNTISmTaLgur5AgjenA6ptjXqjPLm4pXYBliOOwlj%2FEqwq%2F%2FH8HEQKmfq%2BrFKjMxq9CDoXxBefxuznNRzDAGapVTFqRJ5IXT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791ddb460b3e7314-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/css/style.css?v=0.1 | 172.67.70.190 | 200 OK | 0 B |
URL HTTP/2i.doodcdn.co/theme_2/css/style.css?v=0.1 IP172.67.70.190:0
GET /theme_2/css/style.css?v=0.1 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=249272
expires: Tue, 30 Jan 2024 08:54:23 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 20289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlMIYqJLbyjwDPpMONEjGII9%2B5RJEPLaarWNRri9bfRe0lEco2z%2FbQiYx%2B4aJvCIIhH9g8eq%2BtOKyBGb4%2FkfeMmzS11oEVskedc7ytDBctQvXEBx%2BM1Gr0YtxuncIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791ddb47a822b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap | 142.250.74.138 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap IP142.250.74.138:0
GET /css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 23:06:10 GMT
date: Mon, 30 Jan 2023 23:06:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/css/bootstrap.min.css | 172.67.70.190 | 200 OK | 0 B |
URL HTTP/2i.doodcdn.co/theme_2/css/bootstrap.min.css IP172.67.70.190:0
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
expires: Mon, 29 Jan 2024 08:27:11 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 62087
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaN%2FQ7LlYTJ%2ByIKhoJc43wx%2B78VQmLgi%2BGsOWfYRYSXxfd%2FzSL4v45Zt85QOAHbFNOy%2FTNSJJMVC3UxEwZu0wSovaZ1%2FaHMM8jnyjy5pGaAUqnecE25d5zdizPfssw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791ddb47a81db4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 172.67.141.224 | 200 OK | 0 B |
IP172.67.141.224:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5552
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdtZbNhLI1oEkqvBVCUyhQTTh%2BNDK0wh0k5enLCKz3dtnPN8%2BZPy2RX5NoEQE4wGqJ%2BiL4uPMl6efW9upzf%2FG2vETBtKZmbu%2BcoRKstQJcGXaTpN90%2B05V4EaxQkWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791ddb4a39140afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/g/c595c5c5/api.js | 104.18.7.185 | 200 OK | 0 B |
URL HTTP/2challenges.cloudflare.com/turnstile/v0/g/c595c5c5/api.js IP104.18.7.185:0
GET /turnstile/v0/g/c595c5c5/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.yt/
Connection: keep-alive
Cookie: __cf_bm=YMDFoC7VC3F_eBRScAJLDzU8vCjb.jyNbAT7kTR8aeg-1675119970-0-AaIsYcX1Et/NlOQpG/hhMvIW6Y30BKJTMKBAvZPf6PfKwDwd3o39EcqCdmTTB24aMP8cCtVeu1Izov+lmLee9CU=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 791ddb49cf54b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/get/1841674?zoneid=1841674&jp=_clh2l1cc6jhb1jjn6gejle&nojs=0&ix=0&abvar=22&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739280197511689 | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2alas4kanmfa6a4mubte.com/get/1841674?zoneid=1841674&jp=_clh2l1cc6jhb1jjn6gejle&nojs=0&ix=0&abvar=22&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739280197511689 IP62.122.171.6:0
GET /get/1841674?zoneid=1841674&jp=_clh2l1cc6jhb1jjn6gejle&nojs=0&ix=0&abvar=22&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739280197511689 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=23013018060586c8f31c7a4a26a196848315; Path=/; Expires=Tue, 30 Jan 2024 23:06:10 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/get/1841679?zoneid=1841679&jp=_clsrzr12zkg8583aa6q9r5&nojs=0&ix=0&abvar=23&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6020755174260371 | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2alas4kanmfa6a4mubte.com/get/1841679?zoneid=1841679&jp=_clsrzr12zkg8583aa6q9r5&nojs=0&ix=0&abvar=23&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6020755174260371 IP62.122.171.6:0
GET /get/1841679?zoneid=1841679&jp=_clsrzr12zkg8583aa6q9r5&nojs=0&ix=0&abvar=23&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6020755174260371 HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2301301806f4a1b02bd5bc4560b7f0c2e25f; Path=/; Expires=Tue, 30 Jan 2024 23:06:10 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| alas4kanmfa6a4mubte.com/lv/esnk/1841674/code.js | 62.122.171.6 | 200 OK | 0 B |
URL HTTP/2alas4kanmfa6a4mubte.com/lv/esnk/1841674/code.js IP62.122.171.6:0
GET /lv/esnk/1841674/code.js HTTP/1.1
Host: alas4kanmfa6a4mubte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.yt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 23:06:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 11:18:41 GMT
vary: Accept-Encoding
etag: W/"63d7a791-1aca3"
x-js-ab1: var22
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|