| i.doodcdn.co/img/no_video_3.svg |  104.26.6.74 | 200 OK | 2.8 kB |
URL GET HTTP/2i.doodcdn.co/img/no_video_3.svg IP104.26.6.74:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectdoodcdn.co Fingerprint85:F9:AC:F1:05:04:E4:B0:96:10:9B:E5:E8:9B:D9:5C:A5:D3:93:16 ValidityTue, 26 Nov 2024 19:05:57 GMT - Mon, 24 Feb 2025 19:05:56 GMT
File typeSVG Scalable Vector Graphics image Hash077bfdaa49ae4877a42611b739ec4752 a2f9e1222b7af9abc05122411ab8902efcc08ead 70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:06 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Tue, 31 Dec 2024 04:39:56 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 45523
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uj5VQV%2F7EXHYGpWpdI%2BhvKOmNxfuy%2BcClRNdtaXP%2B2BK9EQClYJqhFitwg7bB92blc6Zyj%2FVeK%2BhCqhzBJFWEbI738AreDSoStSXpbq6qs7pRRkxGkGc5jciyN7HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb586333e34b50b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16493&min_rtt=16443&rtt_var=3545&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3194&recv_bytes=1231&delivery_rate=261607&cwnd=252&unsent_bytes=0&cid=82f8f3646a71ea98&ts=119&x=0"
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/css/bootstrap.min.css | 104.26.6.74 | 200 OK | 24 kB |
URL GET HTTP/2i.doodcdn.co/theme_2/css/bootstrap.min.css IP104.26.6.74:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectdoodcdn.co Fingerprint85:F9:AC:F1:05:04:E4:B0:96:10:9B:E5:E8:9B:D9:5C:A5:D3:93:16 ValidityTue, 26 Nov 2024 19:05:57 GMT - Mon, 24 Feb 2025 19:05:56 GMT
File typeASCII text, with very long lines (65324) Hash7cc40c199d128af6b01e74a28c5900b0 d305110fb79113a961394b433d851a3410342b8c 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:06 GMT
content-type: text/css
content-length: 23688
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: public, max-age=2592000
expires: Sun, 30 Nov 2025 22:45:16 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 50546
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckrDho3A20A%2Bf6%2BCmRFg6zkVRKNNRbbPnwXBCmBsZ%2FcqMYl8xzPZa%2FkdBWRXpxI6adCPJvUDd8wvCTByNZASsdm1vvD%2B%2BiHSVGr3%2B%2BQeS96Br78pcv8j%2BHTvIujXwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb586333e33b50b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16493&min_rtt=16443&rtt_var=3545&sent=13&recv=11&lost=0&retrans=0&sent_bytes=6818&recv_bytes=1231&delivery_rate=261607&cwnd=252&unsent_bytes=0&cid=82f8f3646a71ea98&ts=120&x=0"
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02 ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 366878
expires: Fri, 21 Nov 2025 19:36:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FzWaCFESnq%2FzLRzHqXg6RS2sjQy%2BNAHNoyCxbMrlwVlx5uldISnd5QNiqikSjdPxmRYPNyG03au2AB42VpWHOnNM75yjVN6ImijKKLhVorh0e7Fwzz5CWqtjGZFQQUcXKJrL%2FfL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8eb586332f730b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/css/style.css | 104.26.6.74 | 200 OK | 41 kB |
URL GET HTTP/2i.doodcdn.co/theme_2/css/style.css IP104.26.6.74:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectdoodcdn.co Fingerprint85:F9:AC:F1:05:04:E4:B0:96:10:9B:E5:E8:9B:D9:5C:A5:D3:93:16 ValidityTue, 26 Nov 2024 19:05:57 GMT - Mon, 24 Feb 2025 19:05:56 GMT
Hash59b293159a38ec92d8bd5fa4d09f8d59 7167b460de2cb4d2534163de707b0aa0e84b73cf 3f81f845eb11d647c4bd80b76d7af054203e52eab24bc359ddd5cb4f33efddd4
GET /theme_2/css/style.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:06 GMT
content-type: text/css
content-length: 40748
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: public, max-age=2592000
expires: Mon, 01 Dec 2025 03:06:35 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 58474
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0KAGbuC%2FJHKLlfkgoxvrbXbpQ6daxxkrnhNujEBh5WktnuYZCqL0c87L0cBfs9NDeXBjPuFr5KUcWJAHUDXmvHlvAmPlpNYBAzYoKoCi%2F2IhOTlxsPNLqnj%2B7R6%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb586333e35b50b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16493&min_rtt=16443&rtt_var=3545&sent=32&recv=11&lost=0&retrans=0&sent_bytes=31502&recv_bytes=1231&delivery_rate=261607&cwnd=252&unsent_bytes=0&cid=82f8f3646a71ea98&ts=123&x=0"
X-Firefox-Spdy: h2
|
|
| dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs |  188.114.96.1 | 200 OK | 1.3 kB |
URL User Request GET HTTP/2dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subjectdood.li Fingerprint5E:DB:2B:BB:29:D5:55:BA:EA:A6:AE:F0:C9:80:67:BE:76:B5:85:71 ValidityFri, 22 Nov 2024 00:25:58 GMT - Thu, 20 Feb 2025 00:25:57 GMT
File typeHTML document, ASCII text, with very long lines (2760), with no line terminators Hash6f8ca6b2aa2ede9d9d177272314e7cfc 43c7134fe2ec0d84cd00ae25bfa10791b1cf370e 040d13b3a7a3bd4aac6e64edd56831c2e823f6baae3e1a13ecf5d93eba0336ff
GET /d/149956-PT.srt&c1_label=Portugu%C3%AAs HTTP/1.1
Host: dood.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sat, 30 Nov 2024 19:36:06 GMT
set-cookie: lang=1; domain=.dood.li; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbDFq8%2Bg8KoqMKQGHVUtNpNq63FWcVkKKZudS3ds1w1HacVCuA2nBNcgt7uABqr1zS2Cepxy%2FX5CrKEGYc2Qo%2BCtpOY6uZ1MqzSjm7U6eZeQjsWa2ebZoEME"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb5862e88d70afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16640&min_rtt=16572&rtt_var=2720&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3261&recv_bytes=1260&delivery_rate=259699&cwnd=253&unsent_bytes=0&cid=b0b8091ae32690d3&ts=102&x=0"
X-Firefox-Spdy: h2
|
|
| d1f05vr3sjsuy7.cloudfront.net/?srvfd=908056 |  54.230.241.212 | 200 OK | 97 kB |
URL GET HTTP/2d1f05vr3sjsuy7.cloudfront.net/?srvfd=908056 IP54.230.241.212:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (15945) Hash56922ca67aaab07ceb171009f43bb9ec e16edb0bfe13b625cbb5100098f45a2780f9f469 b4d19d778630665a5585b0a3fcb821ba2342a25aa7f1d0b986c26277413a83f4
GET /?srvfd=908056 HTTP/1.1
Host: d1f05vr3sjsuy7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 96844
date: Sun, 01 Dec 2024 19:36:07 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3cT1Yt1tBMK-ByDiTORDFriuTjScjUQvX9cdBC6Aqb_u4ZRyHdfjLw==
X-Firefox-Spdy: h2
|
|
| papmeatidigbo.com/gHzOaAdOhbZ/71405 | 23.109.170.225 | 200 OK | 26 B |
URL GET HTTP/1.1papmeatidigbo.com/gHzOaAdOhbZ/71405 IP23.109.170.225:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectpapmeatidigbo.com Fingerprint42:57:49:84:D0:03:BC:F2:3D:63:72:84:6D:12:0C:C7:FE:9C:E8:AC ValiditySat, 28 Sep 2024 22:04:31 GMT - Fri, 27 Dec 2024 22:04:30 GMT
File typeASCII text, with no line terminators Hash4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
GET /gHzOaAdOhbZ/71405 HTTP/1.1
Host: papmeatidigbo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Dec 2024 19:36:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dood.li
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Mon, 02-Dec-2024 19:36:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 02-Dec-2024 19:36:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| worstideatum.com/reA3n475k3U/70849 | 23.109.170.28 | 200 OK | 20 B |
URL GET HTTP/1.1worstideatum.com/reA3n475k3U/70849 IP23.109.170.28:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectworstideatum.com Fingerprint1B:5D:6D:D7:5E:C7:BA:A7:F5:88:9F:5E:83:26:73:85:71:45:C5:33 ValidityFri, 08 Nov 2024 22:27:30 GMT - Thu, 06 Feb 2025 22:27:29 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /reA3n475k3U/70849 HTTP/1.1
Host: worstideatum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Dec 2024 19:36:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dood.li
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Mon, 02-Dec-2024 19:36:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 02-Dec-2024 19:36:07 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| detectivegrilled.com/2c/03/60/2c0360ed33b0b4736859081c701f9a91.js | 192.243.61.227 | 200 OK | 15 kB |
URL GET HTTP/1.1detectivegrilled.com/2c/03/60/2c0360ed33b0b4736859081c701f9a91.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectdetectivegrilled.com Fingerprint06:25:EE:F1:ED:5E:A2:F7:39:83:2D:16:F5:C3:7F:00:FC:94:CA:AE ValidityFri, 25 Oct 2024 15:54:22 GMT - Thu, 23 Jan 2025 15:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (40755), with no line terminators Hash5bf190dd94cf86a16cb6e9cdf7e8f215 fe7de1e8de397b843f2aba5f34f90f5ba944e1a3 13ddd8b67011f67b0252ff959b993fcf49835ce2afc50c95b86f280afe536ae1
GET /2c/03/60/2c0360ed33b0b4736859081c701f9a91.js HTTP/1.1
Host: detectivegrilled.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: detectivegrilled.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a5eac53e59741bb42a03752cd879237f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| detectivegrilled.com/06/e2/ee/06e2eefbde702208a7324b7b8f526df8.js | 192.243.61.227 | 200 OK | 17 kB |
URL GET HTTP/1.1detectivegrilled.com/06/e2/ee/06e2eefbde702208a7324b7b8f526df8.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectdetectivegrilled.com Fingerprint06:25:EE:F1:ED:5E:A2:F7:39:83:2D:16:F5:C3:7F:00:FC:94:CA:AE ValidityFri, 25 Oct 2024 15:54:22 GMT - Thu, 23 Jan 2025 15:54:21 GMT
File typeJavaScript source, ASCII text, with very long lines (40927), with no line terminators Hash99a4346ea038857c546aa16743cabe33 55ce5b61cf4da5360068861d01182ff0ae3b5a09 71fc54e08f0fe25c1adf8f5af0c445d49ee4abdaff323792df038500eb216aec
GET /06/e2/ee/06e2eefbde702208a7324b7b8f526df8.js HTTP/1.1
Host: detectivegrilled.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: detectivegrilled.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 78b16824b3c88bf374759f1f48537fab
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| i.doodcdn.co/theme_2/fonts/avertastd-black-webfont.woff2 | 104.26.6.74 | 200 OK | 23 kB |
URL GET HTTP/3i.doodcdn.co/theme_2/fonts/avertastd-black-webfont.woff2 IP104.26.6.74:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectdoodcdn.co Fingerprint85:F9:AC:F1:05:04:E4:B0:96:10:9B:E5:E8:9B:D9:5C:A5:D3:93:16 ValidityTue, 26 Nov 2024 19:05:57 GMT - Mon, 24 Feb 2025 19:05:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22820, version 1.0 Hash1e976387cb594982692bdbdffde86f91 9546836a7d80c17d85cdd37a9553852f00af031b 4dc982a61a00481f4c9545f9f2da64098428b4aec96838de3c194fa82373ce1d
GET /theme_2/fonts/avertastd-black-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:07 GMT
content-type: font/woff2
content-length: 22820
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Mon, 30 Dec 2024 06:15:34 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 49365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoYhNGn8qVv8roQUwwZAEiviTmPcMpQN%2BvpAzD1qVyMCzZC7nV8iYWQ1x4aqV3GKeudMTUjQOQrxFp9q%2F0byPRLxrEEIZpwAhSvY90vn%2BtfSptQ%2Bkk%2BQZ3qE1nmj9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb58635ebdc56a3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20487&min_rtt=20487&rtt_var=10243&sent=20&recv=5&lost=0&retrans=0&sent_bytes=15418&recv_bytes=1418&delivery_rate=154478&cwnd=12000&unsent_bytes=0&cid=23111df72c6cea1f&ts=54&x=1", cfHdrFlush;dur=17
|
|
| i.doodcdn.co/theme_2/fonts/avertastd-regular-webfont.woff2 | 104.26.6.74 | 200 OK | 24 kB |
URL GET HTTP/3i.doodcdn.co/theme_2/fonts/avertastd-regular-webfont.woff2 IP104.26.6.74:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectdoodcdn.co Fingerprint85:F9:AC:F1:05:04:E4:B0:96:10:9B:E5:E8:9B:D9:5C:A5:D3:93:16 ValidityTue, 26 Nov 2024 19:05:57 GMT - Mon, 24 Feb 2025 19:05:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23812, version 1.524 Hasheb586e5a1b86dbf1c866e3ed80f9d18e 280ee78d19c017ab9335f769595e5157d3c4a343 714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
GET /theme_2/fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:07 GMT
content-type: font/woff2
content-length: 23812
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Tue, 31 Dec 2024 06:14:48 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 45688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpxtwHkWSssWqzxtxLv%2B%2BcwgzLecxjmiYvLxE%2BvER7rNiqKIp5Lq2JoLWTAUH6kM0yXUDrdyeJvtxlsf2J9l6ggITZUs5zFx4Xelt8E1A4rFnTBGlogFWUj6TQVVOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb58635ebde56a3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20487&min_rtt=20487&rtt_var=10243&sent=10&recv=5&lost=0&retrans=0&sent_bytes=4060&recv_bytes=1418&delivery_rate=154478&cwnd=12000&unsent_bytes=0&cid=23111df72c6cea1f&ts=53&x=1", cfHdrFlush;dur=0
|
|
| recordedthereby.com/sfp.js | 185.196.197.71 | 200 OK | 85 kB |
URL GET HTTP/1.1recordedthereby.com/sfp.js IP185.196.197.71:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectrecordedthereby.com FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76 ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:07 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 5bdf9687d5a51e9a4d488a674c711925
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| recordedthereby.com/sfp.js | 185.196.197.71 | 200 OK | 85 kB |
URL GET HTTP/1.1recordedthereby.com/sfp.js IP185.196.197.71:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectrecordedthereby.com FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76 ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:07 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 883fa037959a06050acfc26de9a523aa
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| proftrafficcounter.com/stats |  18.199.43.28 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.199.43.28:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerAmazon Subjectproftrafficcounter.com Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40 ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash3b751d3c80d86a92eb9eb9042e85b829 4e7a92636e2417ecb26547bf1f25d60a5f78343b ab8d96525f7903375b50f68513cbf6fc3d2e383ba628404530018ecc66772b28
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.li
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=eedf2272-83da-4b06-b5c0-333ef449fedb:3:1; expires=Wed, 29 Nov 2034 19:36:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.199.43.28 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.199.43.28:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerAmazon Subjectproftrafficcounter.com Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40 ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash49ed9dbf4c1219b7e16956d8463d9cf9 546efde0f2f97ba903bf75f0ca3c5f19c47135f4 46e7e78409dd2697996bca1da2e6748b989724d65a180eb2e9a3e62afe99289b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.li
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=deafb31a-f9b5-4be1-b8ff-3b7188942593:3:1; expires=Wed, 29 Nov 2034 19:36:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| rectresultofthep.com/OVVLekpYNygXdVhoKVw/Szl2X3h/cHk8Lggze088S2Y4EDlMLHxUKVU6Ph4sSzolDmRXMD9feH8PGT8cUA8gFSRyMjw7Lm0UODgmTS8vMntqAHgCI3cHCj4GcT4jPhtSICoTIXUECDt5cjI8LS5OMjswDHg7Ag0pbAUmDT1pIhEYL1QcOzs9XiEuLQdxFggWf10QGjIGUA9/LCF4cHk4BHo6AS0wATkAKz1tGCJKc30UegkHagctOTNscHk4BnhhADF4f2YBPARSMQw4G284AkIufxsPHxtjMh48E1QZGAkScThySC5rJS4cCE0vHREEDBcmOBtvPywDE394DhQpCh85LyEAIy8UH38UMhE8cj4vLw5xD3ove2NjLyIcbQR4EnpwIjgvBkAcOj0hd2EKFDJsBgMKI3QTciJsUyYkFDoEGSc8fFQyCQwS | 3.164.240.64 | 200 OK | 1.2 kB |
URL GET HTTP/2rectresultofthep.com/OVVLekpYNygXdVhoKVw/Szl2X3h/cHk8Lggze088S2Y4EDlMLHxUKVU6Ph4sSzolDmRXMD9feH8PGT8cUA8gFSRyMjw7Lm0UODgmTS8vMntqAHgCI3cHCj4GcT4jPhtSICoTIXUECDt5cjI8LS5OMjswDHg7Ag0pbAUmDT1pIhEYL1QcOzs9XiEuLQdxFggWf10QGjIGUA9/LCF4cHk4BHo6AS0wATkAKz1tGCJKc30UegkHagctOTNscHk4BnhhADF4f2YBPARSMQw4G284AkIufxsPHxtjMh48E1QZGAkScThySC5rJS4cCE0vHREEDBcmOBtvPywDE394DhQpCh85LyEAIy8UH38UMhE8cj4vLw5xD3ove2NjLyIcbQR4EnpwIjgvBkAcOj0hd2EKFDJsBgMKI3QTciJsUyYkFDoEGSc8fFQyCQwS IP3.164.240.64:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerAmazon Subjectrectresultofthep.com Fingerprint00:D7:1D:7F:2F:55:F7:58:DF:E0:1A:D8:AD:57:02:E4:B9:29:AE:D1 ValidityWed, 13 Nov 2024 00:00:00 GMT - Fri, 12 Dec 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3028), with no line terminators Hashc3e67b01fcd45563f21c12aa2b19f61d 996708c2f79acf095729ee5dec38e84959bb48bc f8ae45c57fe921e9d09a7d0cfb6e0c594e18d9435b9907e024d8c432b647fe5e
GET /OVVLekpYNygXdVhoKVw/Szl2X3h/cHk8Lggze088S2Y4EDlMLHxUKVU6Ph4sSzolDmRXMD9feH8PGT8cUA8gFSRyMjw7Lm0UODgmTS8vMntqAHgCI3cHCj4GcT4jPhtSICoTIXUECDt5cjI8LS5OMjswDHg7Ag0pbAUmDT1pIhEYL1QcOzs9XiEuLQdxFggWf10QGjIGUA9/LCF4cHk4BHo6AS0wATkAKz1tGCJKc30UegkHagctOTNscHk4BnhhADF4f2YBPARSMQw4G284AkIufxsPHxtjMh48E1QZGAkScThySC5rJS4cCE0vHREEDBcmOBtvPywDE394DhQpCh85LyEAIy8UH38UMhE8cj4vLw5xD3ove2NjLyIcbQR4EnpwIjgvBkAcOj0hd2EKFDJsBgMKI3QTciJsUyYkFDoEGSc8fFQyCQwS HTTP/1.1
Host: rectresultofthep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Sun, 01 Dec 2024 19:36:07 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a9d277d5537378a86210119e10e6a2ea.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: fxCunT7Mrhmpw6z7QWs_aeSM9XGke2seuS2FuddzQqWSn24hA24_Vw==
X-Firefox-Spdy: h2
|
|
| ngshospicalada.com/Nmw0dFAZU1cHbVQ6YiQdYAhXFggGKm0YOEIKZTY3bl4FQRFbPRIAOVJRDUNkBFgHUiBfCAlFaBAfQBUkQx8JRXZfAlIbbRAaCUV+BkIGWmUQGQlFdkIcVRNtB0pEACRaUQVDYwVcDEVnAFsATWA | 188.114.97.1 | 204 No Content | 0 B |
URL GET HTTP/2ngshospicalada.com/Nmw0dFAZU1cHbVQ6YiQdYAhXFggGKm0YOEIKZTY3bl4FQRFbPRIAOVJRDUNkBFgHUiBfCAlFaBAfQBUkQx8JRXZfAlIbbRAaCUV+BkIGWmUQGQlFdkIcVRNtB0pEACRaUQVDYwVcDEVnAFsATWA IP188.114.97.1:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectngshospicalada.com Fingerprint4C:B9:61:F9:05:E3:D1:22:75:FA:AB:A5:DE:4C:13:96:F3:BF:69:37 ValidityFri, 08 Nov 2024 06:42:38 GMT - Thu, 06 Feb 2025 06:42:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Nmw0dFAZU1cHbVQ6YiQdYAhXFggGKm0YOEIKZTY3bl4FQRFbPRIAOVJRDUNkBFgHUiBfCAlFaBAfQBUkQx8JRXZfAlIbbRAaCUV+BkIGWmUQGQlFdkIcVRNtB0pEACRaUQVDYwVcDEVnAFsATWA HTTP/1.1
Host: ngshospicalada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 01 Dec 2024 19:36:07 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgFCWs%2BDgDh1sfLd4%2Bol9GdPdB%2FEOSuUcg7RHE%2Ba%2BKbiPEPkSJACYRosVtWbKJo555nprEvRfkorVhKVGghmG5IwR0qHt84qM9mBgERk%2Bovw1IOGqL6q4vGZzr3s9YTp8fQ2EB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb586380ce256ae-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21716&min_rtt=16596&rtt_var=12189&sent=9&recv=14&lost=0&retrans=0&sent_bytes=3219&recv_bytes=1562&delivery_rate=261419&cwnd=254&unsent_bytes=0&cid=b3a8e4b808b54dd7&ts=195&x=0"
X-Firefox-Spdy: h2
|
|
| ngshospicalada.com/YjIyM1ZNDVFAaztlUQEHCHRlZRcGAXBfEDdwamYfNGRnezUFfxRHPwYPCwNnUAcKFSYLVg8Bb0RBRlIiF0EPAnALXFRca0REDwJ4UhwEA3hWFEcOZ0RGQlIxXwMUQyIWXg8CYVEBAgtnVQQFBmZW | 188.114.97.1 | 204 No Content | 0 B |
URL GET HTTP/2ngshospicalada.com/YjIyM1ZNDVFAaztlUQEHCHRlZRcGAXBfEDdwamYfNGRnezUFfxRHPwYPCwNnUAcKFSYLVg8Bb0RBRlIiF0EPAnALXFRca0REDwJ4UhwEA3hWFEcOZ0RGQlIxXwMUQyIWXg8CYVEBAgtnVQQFBmZW IP188.114.97.1:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectngshospicalada.com Fingerprint4C:B9:61:F9:05:E3:D1:22:75:FA:AB:A5:DE:4C:13:96:F3:BF:69:37 ValidityFri, 08 Nov 2024 06:42:38 GMT - Thu, 06 Feb 2025 06:42:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YjIyM1ZNDVFAaztlUQEHCHRlZRcGAXBfEDdwamYfNGRnezUFfxRHPwYPCwNnUAcKFSYLVg8Bb0RBRlIiF0EPAnALXFRca0REDwJ4UhwEA3hWFEcOZ0RGQlIxXwMUQyIWXg8CYVEBAgtnVQQFBmZW HTTP/1.1
Host: ngshospicalada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 01 Dec 2024 19:36:07 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfMELAsRuKluiSxLYagKqSynoRlNeQ0Dl1TlE1VU7gtL%2BbHPllJr9eCdp9wm4F2qc6%2F8HhM3RT5I4wTXyIjeNg15EzSJkwKGsOUOmdCmR8xaoM2IskX9SA9K558VMkCWgWCqtok%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb586381d1256ae-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21716&min_rtt=16596&rtt_var=12189&sent=10&recv=14&lost=0&retrans=0&sent_bytes=3800&recv_bytes=1562&delivery_rate=261419&cwnd=254&unsent_bytes=0&cid=b3a8e4b808b54dd7&ts=209&x=0"
X-Firefox-Spdy: h2
|
|
| ngshospicalada.com/RmNNVFhpXC4nZRwmeAAOEykuMR8yDik4CnU6fwJuEA0pPDoOLmsgMSJedGRgdlZ7cigvB3BlfjUXLCAtNV58cjEoBSJpfjBefHprck1+YnZyRThpaWAXPTU/e1JrJCwyD3Blb3VQfWxpcVV6YG9w | 188.114.97.1 | 204 No Content | 0 B |
URL GET HTTP/2ngshospicalada.com/RmNNVFhpXC4nZRwmeAAOEykuMR8yDik4CnU6fwJuEA0pPDoOLmsgMSJedGRgdlZ7cigvB3BlfjUXLCAtNV58cjEoBSJpfjBefHprck1+YnZyRThpaWAXPTU/e1JrJCwyD3Blb3VQfWxpcVV6YG9w IP188.114.97.1:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectngshospicalada.com Fingerprint4C:B9:61:F9:05:E3:D1:22:75:FA:AB:A5:DE:4C:13:96:F3:BF:69:37 ValidityFri, 08 Nov 2024 06:42:38 GMT - Thu, 06 Feb 2025 06:42:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RmNNVFhpXC4nZRwmeAAOEykuMR8yDik4CnU6fwJuEA0pPDoOLmsgMSJedGRgdlZ7cigvB3BlfjUXLCAtNV58cjEoBSJpfjBefHprck1+YnZyRThpaWAXPTU/e1JrJCwyD3Blb3VQfWxpcVV6YG9w HTTP/1.1
Host: ngshospicalada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 01 Dec 2024 19:36:07 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSJtYE%2BDxaOpBa3oLkeJK2MvWIsCaBzf2PlSZzUbZCs5KFaHP4F9HKHyOyECt3QJXrWUOGxdmtlxubho%2F%2B%2FPlXit3UyzWd6j9wKT6rBexmZdr12isvyTVP1F8HQdUUbPq1pDkns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb586389da456ae-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20511&min_rtt=16551&rtt_var=8947&sent=11&recv=16&lost=0&retrans=0&sent_bytes=4222&recv_bytes=1562&delivery_rate=261419&cwnd=256&unsent_bytes=0&cid=b3a8e4b808b54dd7&ts=282&x=0"
X-Firefox-Spdy: h2
|
|
| capaciousdrewreligion.com/advertisers.js | 185.196.197.72 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP185.196.197.72:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com FingerprintD9:49:50:C3:1F:23:A3:E8:75:32:16:6A:76:DE:28:2B:93:73:31:80 ValiditySun, 03 Nov 2024 04:28:34 GMT - Sat, 01 Feb 2025 04:28:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:07 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 2485731d404f175ed6e60d8285f7f09b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| niecesauthor.com/46/13/76/461376390131460d2543a2334b5021e2.js | 192.243.59.20 | 200 OK | 34 kB |
URL GET HTTP/1.1niecesauthor.com/46/13/76/461376390131460d2543a2334b5021e2.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectniecesauthor.com Fingerprint4D:28:C0:A1:74:67:4C:B5:1E:8F:04:44:BF:FC:49:AD:43:7D:0F:60 ValiditySun, 13 Oct 2024 09:03:43 GMT - Sat, 11 Jan 2025 09:03:42 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash65a13dadbe5d45ed01a7b23746a5cd6b 126e756d050221495157daa343c659de8364aa6e c1d7379b913a7c21d71accb1afba449505f0ad785ed0f23a39706c45fdc4323f
GET /46/13/76/461376390131460d2543a2334b5021e2.js HTTP/1.1
Host: niecesauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Dec 2024 19:36:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: niecesauthor.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e8578124f6a5602b9486d829880b95b9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 115 kB |
IP104.17.167.186:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size115 kB (115097 bytes) Hash96277b5835242a924d23e664f299ef7c ac2c6d6276a16e2012ce3cac95aab4e30e8d4b80 92c8965afb3b75b25021b80e2660b9db63fec4d41d448dce0f1e567aa2df202b
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:08 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 01 Jan 2025 19:36:08 GMT
etag: W/"cOaB0SIHOpvD9wT7D5aoLQ=="
content-encoding: gzip
cf-cache-status: HIT
age: 498494
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb5863a4dc456be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| d1f05vr3sjsuy7.cloudfront.net/ZREViZkonKgwAdTAsBltzdH1SU3xiNRADLHkhDQkuaikLQCA3KgwWdwgpJFAnIwcUPmwwPwZbemIpAwgteWMHCCl5dEQHLiZ4VkA+NCoJWz8lKQwTMi09DA1sMSRfCyU+LA4KK2F3JFNkdGBQVmI8dFNDeQZgUFYmLSsXHm92dRpefBtzVkN5BmBQVjgyYF-Enc3JrUk9vdnUFAykvKkdUDHZ1U1Z6dXVTQ3h0IwsULyIqGkN4AnxUSHpiMF9X | 54.230.241.212 | 200 OK | 618 B |
URL d1f05vr3sjsuy7.cloudfront.net/ZREViZkonKgwAdTAsBltzdH1SU3xiNRADLHkhDQkuaikLQCA3KgwWdwgpJFAnIwcUPmwwPwZbemIpAwgteWMHCCl5dEQHLiZ4VkA+NCoJWz8lKQwTMi09DA1sMSRfCyU+LA4KK2F3JFNkdGBQVmI8dFNDeQZgUFYmLSsXHm92dRpefBtzVkN5BmBQVjgyYF-Enc3JrUk9vdnUFAykvKkdUDHZ1U1Z6dXVTQ3h0IwsULyIqGkN4AnxUSHpiMF9X IP54.230.241.212:0
CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62 ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File typeASCII text, with very long lines (873), with no line terminators Hash7639d0b7ff2ea3fee5022f22c9467570 1fd0dd43f5b5f0595dab2c48696b5f9a502a2e6b 0f89bb64fe1a4ab2ed3641644731203b4e102ea405dd6f10e168608e8c5280ee
GET /ZREViZkonKgwAdTAsBltzdH1SU3xiNRADLHkhDQkuaikLQCA3KgwWdwgpJFAnIwcUPmwwPwZbemIpAwgteWMHCCl5dEQHLiZ4VkA+NCoJWz8lKQwTMi09DA1sMSRfCyU+LA4KK2F3JFNkdGBQVmI8dFNDeQZgUFYmLSsXHm92dRpefBtzVkN5BmBQVjgyYF-Enc3JrUk9vdnUFAykvKkdUDHZ1U1Z6dXVTQ3h0IwsULyIqGkN4AnxUSHpiMF9X HTTP/1.1
Host: d1f05vr3sjsuy7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rectresultofthep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 618
date: Sun, 01 Dec 2024 19:36:08 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nb3mMySWyUVC91-m3WahY-o-silEyo2fvX9TwovJCqktgOY1hZ0vAQ==
X-Firefox-Spdy: h2
|
|
| niecesauthor.com/sbar.json?key=2c0360ed33b0b4736859081c701f9a91&uuid=eedf2272-83da-4b06-b5c0-333ef449fedb%3A3%3A1 | 192.243.59.20 | 200 OK | 6.8 kB |
URL GET HTTP/1.1niecesauthor.com/sbar.json?key=2c0360ed33b0b4736859081c701f9a91&uuid=eedf2272-83da-4b06-b5c0-333ef449fedb%3A3%3A1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectniecesauthor.com Fingerprint4D:28:C0:A1:74:67:4C:B5:1E:8F:04:44:BF:FC:49:AD:43:7D:0F:60 ValiditySun, 13 Oct 2024 09:03:43 GMT - Sat, 11 Jan 2025 09:03:42 GMT
Hasha9df99ce457c02524e03604852d3453f 4390259fbd5d57e46294c11b027c0741bab7d381 432758c2bbc8a8704c39d3dca75de875f9487da483f2e986c60b77b3fc256510
GET /sbar.json?key=2c0360ed33b0b4736859081c701f9a91&uuid=eedf2272-83da-4b06-b5c0-333ef449fedb%3A3%3A1 HTTP/1.1
Host: niecesauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Dec 2024 19:36:08 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dood.li
Access-Control-Allow-Origin: https://dood.li
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl19079684=1; expires=Mon, 02 Dec 2024 19:36:08 GMT; path=/; secure; SameSite=None
uid_id2=eedf2272-83da-4b06-b5c0-333ef449fedb:3:1; expires=Sun, 08 Dec 2024 19:36:08 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 02 Dec 2024 19:36:08 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 02 Dec 2024 19:36:08 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Mon, 02 Dec 2024 19:36:08 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Mon, 02 Dec 2024 19:36:08 GMT; path=/; secure; SameSite=None
slec2c0360ed33b0b4736859081c701f9a91=[5643187,5643185]; expires=Sun, 01 Dec 2024 19:36:13 GMT; path=/; secure; SameSite=None
Host: niecesauthor.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 27d84a627ec638eeeca806218e8f4e3a
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| dood.li/favicon.ico | 188.114.96.1 | 200 OK | 15 kB |
IP188.114.96.1:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectdood.li Fingerprint5E:DB:2B:BB:29:D5:55:BA:EA:A6:AE:F0:C9:80:67:BE:76:B5:85:71 ValidityFri, 22 Nov 2024 00:25:58 GMT - Thu, 20 Feb 2025 00:25:57 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash30d3656f43c817e38c3e7d70b2bfbdad 1aa43b43755e7cba5e145d0978517f7bedad7da6 a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
GET /favicon.ico HTTP/1.1
Host: dood.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs
Cookie: lang=1; ppu_show_on_06e2eefbde702208a7324b7b8f526df8=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=deafb31a-f9b5-4be1-b8ff-3b7188942593%3A3%3A1; ppu_main_06e2eefbde702208a7324b7b8f526df8=1; ppu_exp_06e2eefbde702208a7324b7b8f526df8=1733085368004; sb_main_2c0360ed33b0b4736859081c701f9a91=1; sb_count_2c0360ed33b0b4736859081c701f9a91=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:08 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-3c2e"
expires: Wed, 25 Dec 2024 03:22:04 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 576844
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQ%2FMhclzcJQn6Tc39CCNu1nScj9PM986NTqZ29zmiyrejlOP8wa7EqCzeGcB9TX1pM2Csbn%2Fc%2BrpH0snJggplixg0pxg62AjAlmFpoAgE6sW581xCrGUth41"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb5863cdcf4712d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20072&min_rtt=19056&rtt_var=7871&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4083&recv_bytes=1350&delivery_rate=33689&cwnd=12000&unsent_bytes=0&cid=cc19a2035c485409&ts=2206&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 64.233.164.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP64.233.164.84:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectaccounts.google.com FingerprintB5:D6:A2:E0:69:ED:98:1E:4B:F7:4C:3E:78:91:7D:51:CE:37:14:59 ValidityMon, 21 Oct 2024 08:38:52 GMT - Mon, 13 Jan 2025 08:38:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:U9W8d-n2YRO3Y_Xh0Z701UT5E6R3Rg:hTE0g3qkqBBEYw01; Expires=Tue, 01-Dec-2026 19:36:08 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Dec 2024 19:36:08 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-cq6vp_hJEAH9hmM94hqICbiyxenfM-gauw53ff1IuUGsrok7sI7LK3H06lV2u7OvBJ9p_nMg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-hXU41PdW_pIvLRvN_zqSFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 64.233.164.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP64.233.164.84:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectaccounts.google.com FingerprintB5:D6:A2:E0:69:ED:98:1E:4B:F7:4C:3E:78:91:7D:51:CE:37:14:59 ValidityMon, 21 Oct 2024 08:38:52 GMT - Mon, 13 Jan 2025 08:38:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:YI6IbuZcHo-Wm_ZVLpDg5DRrheEhuw:eVOs2Q-iqMAjw3NS; Expires=Tue, 01-Dec-2026 19:36:08 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Dec 2024 19:36:08 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-dS3-WaAbCHMqyJqe4gbi0jIim0xI-rObgo3jOXiFqrYtLwkTBkcSeJjmysnQ_hGuJDrvglng
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-VPquBqTtvU2F-ncOTFVBZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| treatedscale.com/pixel/purst?dl=0&th=0&sc=0&rs=2080&rd=2080&fd=649&bv=24.10.2261&tmpl=136 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1treatedscale.com/pixel/purst?dl=0&th=0&sc=0&rs=2080&rd=2080&fd=649&bv=24.10.2261&tmpl=136 IP172.240.127.234:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjecttreatedscale.com Fingerprint96:76:0D:98:C3:34:14:09:A7:52:EF:46:3C:82:DC:B0:91:5D:30:51 ValiditySun, 13 Oct 2024 11:08:23 GMT - Sat, 11 Jan 2025 11:08:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2080&rd=2080&fd=649&bv=24.10.2261&tmpl=136 HTTP/1.1
Host: treatedscale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:08 GMT
Content-Length: 0
Connection: keep-alive
Host: treatedscale.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-cq6vp_hJEAH9hmM94hqICbiyxenfM-gauw53ff1IuUGsrok7sI7LK3H06lV2u7OvBJ9p_nMg | 64.233.164.84 | 302 Found | 425 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-cq6vp_hJEAH9hmM94hqICbiyxenfM-gauw53ff1IuUGsrok7sI7LK3H06lV2u7OvBJ9p_nMg IP64.233.164.84:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectaccounts.google.com FingerprintB5:D6:A2:E0:69:ED:98:1E:4B:F7:4C:3E:78:91:7D:51:CE:37:14:59 ValidityMon, 21 Oct 2024 08:38:52 GMT - Mon, 13 Jan 2025 08:38:51 GMT
File typeHTML document, ASCII text, with very long lines (394) Hash42cde3b497b743525c2428a73312dfa4 f391f6264a7c55fd1f091b02e92e4e7b1a54659e a03ac3fa05b0faeadee3522641353608814acf8d15825173e4feafe04f399e86
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-cq6vp_hJEAH9hmM94hqICbiyxenfM-gauw53ff1IuUGsrok7sI7LK3H06lV2u7OvBJ9p_nMg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:Z_4YlIgEdxTUEh4jZBMT8VhZesEt4Q:DjaFJBGvqOlrKVUg;Path=/;Expires=Tue, 01-Dec-2026 19:36:08 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Dec 2024 19:36:08 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cO-XFm4XWGeuSzL80IDxFrBRjZu30PYud3XwmeKOHLgCrp_PywcacqebcYxCnTFxlkmv6U3g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2099050375%3A1733081768652347&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-xLwKdVTuYtQyxTbg0rTuJA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-dS3-WaAbCHMqyJqe4gbi0jIim0xI-rObgo3jOXiFqrYtLwkTBkcSeJjmysnQ_hGuJDrvglng | 64.233.164.84 | 302 Found | 421 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-dS3-WaAbCHMqyJqe4gbi0jIim0xI-rObgo3jOXiFqrYtLwkTBkcSeJjmysnQ_hGuJDrvglng IP64.233.164.84:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectaccounts.google.com FingerprintB5:D6:A2:E0:69:ED:98:1E:4B:F7:4C:3E:78:91:7D:51:CE:37:14:59 ValidityMon, 21 Oct 2024 08:38:52 GMT - Mon, 13 Jan 2025 08:38:51 GMT
File typeHTML document, ASCII text, with very long lines (390) Hash87ee1a44084fe205eb71fa45a0b0f20a 4d8159405e8c5b680a0b3dfb138d06fceb5c3160 83272ca734a86092ee45c8c316402b0769a7e40fce258793a26b688e6757cbfd
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-dS3-WaAbCHMqyJqe4gbi0jIim0xI-rObgo3jOXiFqrYtLwkTBkcSeJjmysnQ_hGuJDrvglng HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:fR3uIt-Z_yKU3f0FuiS-jh25-5SNBg:MA76KuJrsUkNMGcg;Path=/;Expires=Tue, 01-Dec-2026 19:36:08 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Dec 2024 19:36:08 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-ccxz28c3qIUnRpnWENZxwIgyUaf4Q5GJtlCNONtVLgD6zs9j7jZnwCG-1TofK8-6Y0M_AnwA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-888828776%3A1733081768655288&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-T2WwIGmrLrKkQ40fJm8LdQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 421
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ngshospicalada.com/popunder.gif | 188.114.97.1 | 200 OK | 58 B |
URL GET ngshospicalada.com/popunder.gif IP188.114.97.1:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectngshospicalada.com Fingerprint4C:B9:61:F9:05:E3:D1:22:75:FA:AB:A5:DE:4C:13:96:F3:BF:69:37 ValidityFri, 08 Nov 2024 06:42:38 GMT - Thu, 06 Feb 2025 06:42:37 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: ngshospicalada.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 114141
last-modified: Sat, 30 Nov 2024 11:53:48 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=01pqMt3BQqgl0MZhtwHnJq3XWis2oFZgYvxUCjZe%2FLGNlQNzyasJ0ngNHu%2BsBXwN7GDsJW7r%2FoR1YymT9KhALmbpFwWtYzZ%2FfARUZn2pXtOZax5vDrrL9HRT7JGPW7BbQyZBmcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb586413c4eb4ed-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19685&min_rtt=17550&rtt_var=8106&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4061&recv_bytes=1085&delivery_rate=33844&cwnd=12000&unsent_bytes=0&cid=70d029490fc58ca4&ts=1280&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 01 Dec 2024 19:36:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://dood.li
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| niecesauthor.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzW8bxRueTfI7%2FbgU9VYhWUClViLOfjhrmx4qSgmqCE3V8nUAodmZWWfI7M52Ztfr%2BBQRCXrD4i%2FYPHYaPiogcEOiQk4lhCIh1ZwiQf4JRM%2FIJsLwHvZ9n32ekZ553vlorzglAQp6cv113ZdK0ZXVulu79I7nXamty7To1Xqt8P2wcaVmui%2B2w7p7ufaqYFt6xXc91%2FVcr7YmjYh1b2VKQmYP2l697dYbft1bbaBn%2Fott4cBSB7x7Sp6G5JOlR855SDZGmnxzXditXGcvvJIUiubaoMsP3ky3Ul2mSOZjbBzE6cGZGto%2BXnsIne7P7EJ3%2FxFGckKcnx4iSg%2FOTCLqjmY%2BIwWRIuL%2FR9kdQ6gxJB2D6V1I%2FpgAjOPmBtLk%2Fk1tSrr9N0un7IQsPfkDspyQpd%2FPI02%2BuqZkr3ZHqyKXOrXoxRVkbwzZGSMrjpD3HcjyCCz%2FEJL%2FQlaerCNNRhtWaUh%2B8rwQPPb9pr%2FcCjhdbkRuuBytMnc5CAIRNxrtWPBoFpCUY8h4DCUGoHYRhXVQSAdF7KDIHCT8pMY8z2u6nFG31WYs4E0Rhdz1aDP2qOeGLRRseocB8mwApgZgZgeZ2cGWHMAUP8JuVrDcgc0JurxCKQhKS1BSglISlDlB2a32ubK%2Bre5zZYvIO%2Bv%2BWQ%2Bqoc47e3Rf5x2RElAzgOHVSGZ37S5Yvjjsx%2Fa9oY4t38tOyblpqM5zzy5hS5zUfOYGoSt4EERu1GgGYWu17bY81nS9uE3bHqysIO0CqHXQlxNy8e5VZHJCnvr5HCJ6BKuOwORF0OIZ0LIC3azQT7%2F2uNbc5kbQpM50Aq4rZPkS8m1nT52SC7PNvnXhOwh2fPW3S3%2BOP3n3MpipkJkKH8hHBB11b3hbl2R0W5eWHG5kuUxkn063fienuVj84jWxXWrDb1y3g89fYlNiOj54Q9h8naZcph1LvrwmORdmTRsmyA837NsiulXYzWuFSYts%2FdbLazeSzAhrpU7HoHJCyOH%2FwOSEnPv429mDds0I0oxhigpJcUzOClIfgWU7sNncv9UERs01UeagLKqh8aP5TyUJlJhjGlWw%2F8LRfB4aOj1NZbVn76FjFkDzXaRJha6p0FUVqBrAFovDPDPHV38NZoVILQwjZRZGkTLq01nM088hrDypNYPApWF71Ws2qWhGDb8Vhx6n1G%2BEfhjSALmddNa%2F%2F%2ByvAAAA%2F%2F%2Bs17SZqgQAAA%3D%3D | 192.243.59.20 | 200 OK | 7 B |
URL GET HTTP/1.1niecesauthor.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzW8bxRueTfI7%2FbgU9VYhWUClViLOfjhrmx4qSgmqCE3V8nUAodmZWWfI7M52Ztfr%2BBQRCXrD4i%2FYPHYaPiogcEOiQk4lhCIh1ZwiQf4JRM%2FIJsLwHvZ9n32ekZ553vlorzglAQp6cv113ZdK0ZXVulu79I7nXamty7To1Xqt8P2wcaVmui%2B2w7p7ufaqYFt6xXc91%2FVcr7YmjYh1b2VKQmYP2l697dYbft1bbaBn%2Fott4cBSB7x7Sp6G5JOlR855SDZGmnxzXditXGcvvJIUiubaoMsP3ky3Ul2mSOZjbBzE6cGZGto%2BXnsIne7P7EJ3%2FxFGckKcnx4iSg%2FOTCLqjmY%2BIwWRIuL%2FR9kdQ6gxJB2D6V1I%2FpgAjOPmBtLk%2Fk1tSrr9N0un7IQsPfkDspyQpd%2FPI02%2BuqZkr3ZHqyKXOrXoxRVkbwzZGSMrjpD3HcjyCCz%2FEJL%2FQlaerCNNRhtWaUh%2B8rwQPPb9pr%2FcCjhdbkRuuBytMnc5CAIRNxrtWPBoFpCUY8h4DCUGoHYRhXVQSAdF7KDIHCT8pMY8z2u6nFG31WYs4E0Rhdz1aDP2qOeGLRRseocB8mwApgZgZgeZ2cGWHMAUP8JuVrDcgc0JurxCKQhKS1BSglISlDlB2a32ubK%2Bre5zZYvIO%2Bv%2BWQ%2Bqoc47e3Rf5x2RElAzgOHVSGZ37S5Yvjjsx%2Fa9oY4t38tOyblpqM5zzy5hS5zUfOYGoSt4EERu1GgGYWu17bY81nS9uE3bHqysIO0CqHXQlxNy8e5VZHJCnvr5HCJ6BKuOwORF0OIZ0LIC3azQT7%2F2uNbc5kbQpM50Aq4rZPkS8m1nT52SC7PNvnXhOwh2fPW3S3%2BOP3n3MpipkJkKH8hHBB11b3hbl2R0W5eWHG5kuUxkn063fienuVj84jWxXWrDb1y3g89fYlNiOj54Q9h8naZcph1LvrwmORdmTRsmyA837NsiulXYzWuFSYts%2FdbLazeSzAhrpU7HoHJCyOH%2FwOSEnPv429mDds0I0oxhigpJcUzOClIfgWU7sNncv9UERs01UeagLKqh8aP5TyUJlJhjGlWw%2F8LRfB4aOj1NZbVn76FjFkDzXaRJha6p0FUVqBrAFovDPDPHV38NZoVILQwjZRZGkTLq01nM088hrDypNYPApWF71Ws2qWhGDb8Vhx6n1G%2BEfhjSALmddNa%2F%2F%2ByvAAAA%2F%2F%2Bs17SZqgQAAA%3D%3D IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectniecesauthor.com Fingerprint4D:28:C0:A1:74:67:4C:B5:1E:8F:04:44:BF:FC:49:AD:43:7D:0F:60 ValiditySun, 13 Oct 2024 09:03:43 GMT - Sat, 11 Jan 2025 09:03:42 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzW8bxRueTfI7%2FbgU9VYhWUClViLOfjhrmx4qSgmqCE3V8nUAodmZWWfI7M52Ztfr%2BBQRCXrD4i%2FYPHYaPiogcEOiQk4lhCIh1ZwiQf4JRM%2FIJsLwHvZ9n32ekZ553vlorzglAQp6cv113ZdK0ZXVulu79I7nXamty7To1Xqt8P2wcaVmui%2B2w7p7ufaqYFt6xXc91%2FVcr7YmjYh1b2VKQmYP2l697dYbft1bbaBn%2Fott4cBSB7x7Sp6G5JOlR855SDZGmnxzXditXGcvvJIUiubaoMsP3ky3Ul2mSOZjbBzE6cGZGto%2BXnsIne7P7EJ3%2FxFGckKcnx4iSg%2FOTCLqjmY%2BIwWRIuL%2FR9kdQ6gxJB2D6V1I%2FpgAjOPmBtLk%2Fk1tSrr9N0un7IQsPfkDspyQpd%2FPI02%2BuqZkr3ZHqyKXOrXoxRVkbwzZGSMrjpD3HcjyCCz%2FEJL%2FQlaerCNNRhtWaUh%2B8rwQPPb9pr%2FcCjhdbkRuuBytMnc5CAIRNxrtWPBoFpCUY8h4DCUGoHYRhXVQSAdF7KDIHCT8pMY8z2u6nFG31WYs4E0Rhdz1aDP2qOeGLRRseocB8mwApgZgZgeZ2cGWHMAUP8JuVrDcgc0JurxCKQhKS1BSglISlDlB2a32ubK%2Bre5zZYvIO%2Bv%2BWQ%2Bqoc47e3Rf5x2RElAzgOHVSGZ37S5Yvjjsx%2Fa9oY4t38tOyblpqM5zzy5hS5zUfOYGoSt4EERu1GgGYWu17bY81nS9uE3bHqysIO0CqHXQlxNy8e5VZHJCnvr5HCJ6BKuOwORF0OIZ0LIC3azQT7%2F2uNbc5kbQpM50Aq4rZPkS8m1nT52SC7PNvnXhOwh2fPW3S3%2BOP3n3MpipkJkKH8hHBB11b3hbl2R0W5eWHG5kuUxkn063fienuVj84jWxXWrDb1y3g89fYlNiOj54Q9h8naZcph1LvrwmORdmTRsmyA837NsiulXYzWuFSYts%2FdbLazeSzAhrpU7HoHJCyOH%2FwOSEnPv429mDds0I0oxhigpJcUzOClIfgWU7sNncv9UERs01UeagLKqh8aP5TyUJlJhjGlWw%2F8LRfB4aOj1NZbVn76FjFkDzXaRJha6p0FUVqBrAFovDPDPHV38NZoVILQwjZRZGkTLq01nM088hrDypNYPApWF71Ws2qWhGDb8Vhx6n1G%2BEfhjSALmddNa%2F%2F%2ByvAAAA%2F%2F%2Bs17SZqgQAAA%3D%3D HTTP/1.1
Host: niecesauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Cookie: u_pl19079684=1; uid_id2=eedf2272-83da-4b06-b5c0-333ef449fedb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2c0360ed33b0b4736859081c701f9a91=[5643187,5643185]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Dec 2024 19:36:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: niecesauthor.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 247b8add8337cd90d05a3bdec8395cfd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| tdd3ktekvizs.l4.adsco.re/ |  185.200.118.62 | 200 OK | 0 B |
URL POST HTTP/2tdd3ktekvizs.l4.adsco.re/ IP185.200.118.62:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subject*.l4.adsco.re Fingerprint4D:AE:36:D9:F8:FA:CC:AB:F6:34:54:35:4E:1D:68:A6:4A:C9:FA:AA ValidityTue, 19 Nov 2024 09:14:30 GMT - Mon, 17 Feb 2025 09:14:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tdd3ktekvizs.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 30 kB |
IP104.17.167.186:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hasha5bed559c884dcb2847f8afd71d4f198 3243746293120fcef44a3e0b3dcc7d307a579eb1 3dc92990a1ccded35fa4f0bd27f9302c2fe7194fb2bc8ec315a0e2b4bcac01e6
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 01 Jan 2025 19:36:09 GMT
etag: W/"cOaB0SIHOpvD9wT7D5aoLQ=="
content-encoding: gzip
cf-cache-status: HIT
age: 498495
priority: u=3,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb586429d41569a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| 6.adsco.re/ | 104.17.167.186 | 200 OK | 45 B |
IP104.17.167.186:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/plain;charset=UTF-8
content-length: 45
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb58642dd90569a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 880 B |
IP162.252.214.5:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File typeASCII text, with very long lines (1106), with no line terminators Hash3b1668c807583c26e590035e1efb8e87 d05e4802d9cf179b0ef15c20eef69ee58e4c16f9 fa615d41138a47862d6923db58a885b822f76195fcab37f3bf3299dd0e8495a7
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1598
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 01 Dec 2024 19:36:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://dood.li
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| tdd3ktekvizs.n4.adsco.re/ | 38.132.109.126 | 200 OK | 0 B |
URL POST HTTP/2tdd3ktekvizs.n4.adsco.re/ IP38.132.109.126:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subject*.n4.adsco.re FingerprintCA:A8:32:44:42:24:5D:95:22:A1:65:D6:DE:30:E8:2A:01:17:AE:8D ValidityTue, 19 Nov 2024 09:14:09 GMT - Mon, 17 Feb 2025 09:14:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tdd3ktekvizs.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.creative-stat1.com/sb/ssp/in-page_push/os/android/2/img/close.png | 172.67.133.15 | 200 OK | 2.0 kB |
URL GET HTTP/3cdn.creative-stat1.com/sb/ssp/in-page_push/os/android/2/img/close.png IP172.67.133.15:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectcreative-stat1.com Fingerprint18:F6:86:93:3A:D8:DA:68:65:4C:2B:F2:EF:96:B3:CC:B7:E9:56:36 ValidityFri, 18 Oct 2024 15:49:17 GMT - Thu, 16 Jan 2025 15:49:16 GMT
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hash2cecae5111d5ff932a996679215ad573 f4c63abb5dc373aba5bc144c3831d98516cc7cc9 31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc
GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: image/png
content-length: 2005
last-modified: Fri, 19 Jan 2024 14:19:44 GMT
etag: "65aa8500-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 571331
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78OUyhXEG8vnvWwK%2FW0Jbdz02QEurzhW7iyxI2u7fIeaV9KmB28F94kYy3XvXr9%2B%2Bi1mk22iIc3%2B2NRIz5vBia5TRCfVlYv32ssSjuehZWJqHpaw6LZt73vRCl%2Fad4cFnqKJ9v%2B1XK3%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb58645a8700b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20328&min_rtt=17973&rtt_var=8422&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4060&recv_bytes=1098&delivery_rate=33049&cwnd=12000&unsent_bytes=0&cid=084b836624a8295c&ts=196&x=1", cfHdrFlush;dur=0
|
|
| getrunkhomuto.info/multi?cs=WFNlSjVvYFR%2FAmhgVn0MbGFUegc&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=0&tid=901258&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fdood.li%2Fd%2F149956-PT.srt%26c1_label%3DPortugu%25C3%25AAs&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_pwmG=1733081769232&crc=1 | 143.204.55.55 | 200 OK | 1.9 kB |
URL GET HTTP/2getrunkhomuto.info/multi?cs=WFNlSjVvYFR%2FAmhgVn0MbGFUegc&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=0&tid=901258&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fdood.li%2Fd%2F149956-PT.srt%26c1_label%3DPortugu%25C3%25AAs&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_pwmG=1733081769232&crc=1 IP143.204.55.55:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerAmazon Subjectgetrunkhomuto.info Fingerprint07:6C:15:28:EC:56:65:DE:8C:55:1C:BF:A5:DB:7B:96:8F:38:56:0E ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File typeASCII text, with very long lines (3831), with no line terminators Hashb71d16246839a958dbec332ca8585650 f4f3fb4a618ba5870118602d25d801edeac3e6d6 cb86bef935d3b2b6a90eb63a30ac68a9f49b7294ccc802d2eb387fd535e4e08a
GET /multi?cs=WFNlSjVvYFR%2FAmhgVn0MbGFUegc&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=0&tid=901258&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fdood.li%2Fd%2F149956-PT.srt%26c1_label%3DPortugu%25C3%25AAs&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_pwmG=1733081769232&crc=1 HTTP/1.1
Host: getrunkhomuto.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
content-length: 1920
date: Sun, 01 Dec 2024 19:36:09 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://dood.li
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=68ce25d6-978e-4900-a524-119749d5da8c
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ih6lmzHwR9YdGgNYXps5PkWNRtmuHS78cq6nrx6SmjuWWzPP157B9A==
X-Firefox-Spdy: h2
|
|
| niecesauthor.com/pixel/sbs?c=1 | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1niecesauthor.com/pixel/sbs?c=1 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectniecesauthor.com Fingerprint4D:28:C0:A1:74:67:4C:B5:1E:8F:04:44:BF:FC:49:AD:43:7D:0F:60 ValiditySun, 13 Oct 2024 09:03:43 GMT - Sat, 11 Jan 2025 09:03:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: niecesauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Cookie: u_pl19079684=1; uid_id2=eedf2272-83da-4b06-b5c0-333ef449fedb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2c0360ed33b0b4736859081c701f9a91=[5643187,5643185]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Dec 2024 19:36:10 GMT
Content-Length: 0
Connection: keep-alive
Host: niecesauthor.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| niecesauthor.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuu3t3f6eclklsQBjWQgDvbPT2f5hCMcSW4JiHx66BIffWk3OquTlX39OycFhc0Nwf%2Fgt5nZrN%2BBHX1JhhkNiCyIGQ8Lej%2BE2LOMuPi6Hvo9336eQqeet76aDc%2FISFyenz1dTNQWtO1RtWvXHgnCC5VNlSS9yv9dvP9Zv1SxfZe7DSr%2FsXKq5JvmrWaH%2Fh%2B4AeVdWVlZPprMxIqfdAJqh2%2FWq9Vg0Ydfftf7HIPjnoQvRPyNJSYrjzyzkLxCZL4m6vSbWYmfeGVONc0MxY9sf9mspmYIkG8GCPrIUr2T9Uw7vH6Q5hkb24XpvePkKkp8X56CJbsn5oE643nPpmGTMDE%2F1H0JpB6AkUn4GYHSjwmABe4fgNJfP%2B6sQXd%2BpulM3ZKVp78AVVMycrvZ5HEX13Rql%2B5bXSeKZM49KMSqj%2BB6k6Q5ofIBh5UcQiefQglfiFrTzaQxOMbThsocfy8lCKq1Vq11XYo6Gqd%2Bc1V1uD%2BahiGMqrXO5EUbB6QUhOoaAIth6BuGbnzkCsPeeQhTz3E4rjCgyBo%2BYJTv93hPBQtyZrCD2grCmjgN9vI%2BewOQ2TpEFwPwe02UruNTTWEzX%2BEu1PCCQ8uI%2BiJEoUkKBxBQQkKRVBkBEWv3BPa1Vx5X2iXs%2BC01057WI5M1t2leybryoSA2iGsKMcqvet2wLPl0SBy741M5MRuekLOzEL1nnt2BZvyuFLjftj0pQhD5rN6K2y2Gx2%2FHfCWH0Qd2gngVAnllkCdh4GakvN3LyNVU%2FLUz2fA6CGcPgRX50HzZ0CLEvROiUHydSCMES6zksZVbmIIUyLNVpBtebv6hJybb%2Fatc99B8qPLv134c%2FLJuxfBbYnUlvhAPSLo6nujW6Yg41umcOTgRpqpWA3obOu3M5rJ5S9ek1uFseLaVTf8%2FCU%2BI2bjgzekyzZoIlTSdeTLK0oIadeN5ZL8cM29LdnN3N25ktskTzduvrx%2BLU6tdE6ZZAKqpoQc%2FA9cTcmZj7%2BdP2jfjqHsBDYvEedH5LSgzCF4ug2XLvw7Q2D1QsNSD0VejmyNLX5qRaDlAlNWwv0Ls8U8snR2mqpy191D1y6BZjtI4hI9W6KnS1A9hMuXR1lqjy7%2FGs4LTC%2BNmLZLY6at%2FnQe8%2BxzAKeOK6EvWkxGssVkvVGPJBes0WA%2BjzgLRbvNkblpd%2BP7z%2F4KAAD%2F%2FywDYXGqBAAA | 192.243.59.20 | 200 OK | 7 B |
URL GET HTTP/1.1niecesauthor.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuu3t3f6eclklsQBjWQgDvbPT2f5hCMcSW4JiHx66BIffWk3OquTlX39OycFhc0Nwf%2Fgt5nZrN%2BBHX1JhhkNiCyIGQ8Lej%2BE2LOMuPi6Hvo9336eQqeet76aDc%2FISFyenz1dTNQWtO1RtWvXHgnCC5VNlSS9yv9dvP9Zv1SxfZe7DSr%2FsXKq5JvmrWaH%2Fh%2B4AeVdWVlZPprMxIqfdAJqh2%2FWq9Vg0Ydfftf7HIPjnoQvRPyNJSYrjzyzkLxCZL4m6vSbWYmfeGVONc0MxY9sf9mspmYIkG8GCPrIUr2T9Uw7vH6Q5hkb24XpvePkKkp8X56CJbsn5oE643nPpmGTMDE%2F1H0JpB6AkUn4GYHSjwmABe4fgNJfP%2B6sQXd%2BpulM3ZKVp78AVVMycrvZ5HEX13Rql%2B5bXSeKZM49KMSqj%2BB6k6Q5ofIBh5UcQiefQglfiFrTzaQxOMbThsocfy8lCKq1Vq11XYo6Gqd%2Bc1V1uD%2BahiGMqrXO5EUbB6QUhOoaAIth6BuGbnzkCsPeeQhTz3E4rjCgyBo%2BYJTv93hPBQtyZrCD2grCmjgN9vI%2BewOQ2TpEFwPwe02UruNTTWEzX%2BEu1PCCQ8uI%2BiJEoUkKBxBQQkKRVBkBEWv3BPa1Vx5X2iXs%2BC01057WI5M1t2leybryoSA2iGsKMcqvet2wLPl0SBy741M5MRuekLOzEL1nnt2BZvyuFLjftj0pQhD5rN6K2y2Gx2%2FHfCWH0Qd2gngVAnllkCdh4GakvN3LyNVU%2FLUz2fA6CGcPgRX50HzZ0CLEvROiUHydSCMES6zksZVbmIIUyLNVpBtebv6hJybb%2Fatc99B8qPLv134c%2FLJuxfBbYnUlvhAPSLo6nujW6Yg41umcOTgRpqpWA3obOu3M5rJ5S9ek1uFseLaVTf8%2FCU%2BI2bjgzekyzZoIlTSdeTLK0oIadeN5ZL8cM29LdnN3N25ktskTzduvrx%2BLU6tdE6ZZAKqpoQc%2FA9cTcmZj7%2BdP2jfjqHsBDYvEedH5LSgzCF4ug2XLvw7Q2D1QsNSD0VejmyNLX5qRaDlAlNWwv0Ls8U8snR2mqpy191D1y6BZjtI4hI9W6KnS1A9hMuXR1lqjy7%2FGs4LTC%2BNmLZLY6at%2FnQe8%2BxzAKeOK6EvWkxGssVkvVGPJBes0WA%2BjzgLRbvNkblpd%2BP7z%2F4KAAD%2F%2FywDYXGqBAAA IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subjectniecesauthor.com Fingerprint4D:28:C0:A1:74:67:4C:B5:1E:8F:04:44:BF:FC:49:AD:43:7D:0F:60 ValiditySun, 13 Oct 2024 09:03:43 GMT - Sat, 11 Jan 2025 09:03:42 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuu3t3f6eclklsQBjWQgDvbPT2f5hCMcSW4JiHx66BIffWk3OquTlX39OycFhc0Nwf%2Fgt5nZrN%2BBHX1JhhkNiCyIGQ8Lej%2BE2LOMuPi6Hvo9336eQqeet76aDc%2FISFyenz1dTNQWtO1RtWvXHgnCC5VNlSS9yv9dvP9Zv1SxfZe7DSr%2FsXKq5JvmrWaH%2Fh%2B4AeVdWVlZPprMxIqfdAJqh2%2FWq9Vg0Ydfftf7HIPjnoQvRPyNJSYrjzyzkLxCZL4m6vSbWYmfeGVONc0MxY9sf9mspmYIkG8GCPrIUr2T9Uw7vH6Q5hkb24XpvePkKkp8X56CJbsn5oE643nPpmGTMDE%2F1H0JpB6AkUn4GYHSjwmABe4fgNJfP%2B6sQXd%2BpulM3ZKVp78AVVMycrvZ5HEX13Rql%2B5bXSeKZM49KMSqj%2BB6k6Q5ofIBh5UcQiefQglfiFrTzaQxOMbThsocfy8lCKq1Vq11XYo6Gqd%2Bc1V1uD%2BahiGMqrXO5EUbB6QUhOoaAIth6BuGbnzkCsPeeQhTz3E4rjCgyBo%2BYJTv93hPBQtyZrCD2grCmjgN9vI%2BewOQ2TpEFwPwe02UruNTTWEzX%2BEu1PCCQ8uI%2BiJEoUkKBxBQQkKRVBkBEWv3BPa1Vx5X2iXs%2BC01057WI5M1t2leybryoSA2iGsKMcqvet2wLPl0SBy741M5MRuekLOzEL1nnt2BZvyuFLjftj0pQhD5rN6K2y2Gx2%2FHfCWH0Qd2gngVAnllkCdh4GakvN3LyNVU%2FLUz2fA6CGcPgRX50HzZ0CLEvROiUHydSCMES6zksZVbmIIUyLNVpBtebv6hJybb%2Fatc99B8qPLv134c%2FLJuxfBbYnUlvhAPSLo6nujW6Yg41umcOTgRpqpWA3obOu3M5rJ5S9ek1uFseLaVTf8%2FCU%2BI2bjgzekyzZoIlTSdeTLK0oIadeN5ZL8cM29LdnN3N25ktskTzduvrx%2BLU6tdE6ZZAKqpoQc%2FA9cTcmZj7%2BdP2jfjqHsBDYvEedH5LSgzCF4ug2XLvw7Q2D1QsNSD0VejmyNLX5qRaDlAlNWwv0Ls8U8snR2mqpy191D1y6BZjtI4hI9W6KnS1A9hMuXR1lqjy7%2FGs4LTC%2BNmLZLY6at%2FnQe8%2BxzAKeOK6EvWkxGssVkvVGPJBes0WA%2BjzgLRbvNkblpd%2BP7z%2F4KAAD%2F%2FywDYXGqBAAA HTTP/1.1
Host: niecesauthor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Cookie: u_pl19079684=1; uid_id2=eedf2272-83da-4b06-b5c0-333ef449fedb:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec2c0360ed33b0b4736859081c701f9a91=[5643187,5643185]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Dec 2024 19:36:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: niecesauthor.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 4fdd26100e9a1a791a5df777c294f791
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| blockadsnot.com/hdkuahiclrjxfel?JKZdMcVm=BQMyAAAAAAAACZUAAqllqC46jZvkNM0-htZxQ_O5dd2WZJx1HjQ4PVD_Zi7AdwAzvPpn_t7jLGsY_md2Nzy2a8i8CLEHAnexXRvb3wnmVMxJzkCU1-khuzL-rsl7ezcglXpEoMd-xOKNzj8VDe-k-AHjfP3_kwWZEZKCTDV6liAFY2ptg3fTJDGwthgqw3-JHV_0wndFRIxnHgeBfF8l0Gypyqy5FnUnp3HwEESU5IEo0Kb5wt7h_udUU2rHMWhMwJx816sfNx7g5lGwvbEBArzNIoEzqB_zvB_EV7uzkzxRz7vFVkSBLqc07bll46qxP_7sKHQdIuyf8KW5yYHSwffEDTjupe2c7udraD71VNL-S4PMk2wXIUMYNEpM_T6BV7Nmc7aDLeNWjmhy5Fvh85AtJF3VCZrhL1_4EoBBEcM0tfGrpuBYWqWpuJjYWmkDJ6puKdXgXnElefqDibgC2lYaaqHnyQgPAp7FW3C8alZ8Lukv8QDxEZzWmDra7Ret-1p14SAf42MSc0iUNvgrRIi7r-x6WQdBv02mOXztU4O8v_zg8vDDEsC6uO-hulwTaLjDtSCpFYqpnvLqNu-GDOhf98qSUdbDkpdJaRt6NucnF8UyljpN1YsYxpcL44N7npR9ZKBIidn6M0Gp6lPNDzn12a9DufNSn5mUgJ5avrp7s46Pcuxe0Xurxb5TCHivGX2J81nkEewTnuNvOXwmqwKE81rjaZqz5r49EN31NJ5N3Z8RMr86ggLtExDWN4hxuMr9FmrOvGDUALxlN2PXc1QKPIhWgXncdsd5klbQ3L3rtwBHnCSk0jEs9Fl5TvZ93156uqeMNi7omvgq2M40hvElk1yaEYTas9LpuiUE0nJWaBk8EA5d7rdNBnAQNG1UHspFLg2O2CHi-KlB8IzpKDyrXZNzj5ROV9fxOR1D-hDur_zqwnbPjzVfHcmNfJj7drUVsfs664VFzKFVDrFLqt4jR4v4a6Qp_Xq7rEBg8pIbyZ1McgWktl-4rn3Y6Ra0GlakFH2_6K9SpGfIPLuKLImFFtrOaA7leLoQ14y7XIWluW7CHBUd5AOaf-f4lgHE9u0J_keRuyeA-03OeA&RFmKOEne=4&fbrWFzXS=4091021&ncswpXRK=&SFzHVaeE=0,0&cUutSAgf=&IwsLWSCc=&s=1280,1024,1,1280,1024,0 | 208.95.112.254 | 200 OK | 44 B |
URL GET HTTP/2blockadsnot.com/hdkuahiclrjxfel?JKZdMcVm=BQMyAAAAAAAACZUAAqllqC46jZvkNM0-htZxQ_O5dd2WZJx1HjQ4PVD_Zi7AdwAzvPpn_t7jLGsY_md2Nzy2a8i8CLEHAnexXRvb3wnmVMxJzkCU1-khuzL-rsl7ezcglXpEoMd-xOKNzj8VDe-k-AHjfP3_kwWZEZKCTDV6liAFY2ptg3fTJDGwthgqw3-JHV_0wndFRIxnHgeBfF8l0Gypyqy5FnUnp3HwEESU5IEo0Kb5wt7h_udUU2rHMWhMwJx816sfNx7g5lGwvbEBArzNIoEzqB_zvB_EV7uzkzxRz7vFVkSBLqc07bll46qxP_7sKHQdIuyf8KW5yYHSwffEDTjupe2c7udraD71VNL-S4PMk2wXIUMYNEpM_T6BV7Nmc7aDLeNWjmhy5Fvh85AtJF3VCZrhL1_4EoBBEcM0tfGrpuBYWqWpuJjYWmkDJ6puKdXgXnElefqDibgC2lYaaqHnyQgPAp7FW3C8alZ8Lukv8QDxEZzWmDra7Ret-1p14SAf42MSc0iUNvgrRIi7r-x6WQdBv02mOXztU4O8v_zg8vDDEsC6uO-hulwTaLjDtSCpFYqpnvLqNu-GDOhf98qSUdbDkpdJaRt6NucnF8UyljpN1YsYxpcL44N7npR9ZKBIidn6M0Gp6lPNDzn12a9DufNSn5mUgJ5avrp7s46Pcuxe0Xurxb5TCHivGX2J81nkEewTnuNvOXwmqwKE81rjaZqz5r49EN31NJ5N3Z8RMr86ggLtExDWN4hxuMr9FmrOvGDUALxlN2PXc1QKPIhWgXncdsd5klbQ3L3rtwBHnCSk0jEs9Fl5TvZ93156uqeMNi7omvgq2M40hvElk1yaEYTas9LpuiUE0nJWaBk8EA5d7rdNBnAQNG1UHspFLg2O2CHi-KlB8IzpKDyrXZNzj5ROV9fxOR1D-hDur_zqwnbPjzVfHcmNfJj7drUVsfs664VFzKFVDrFLqt4jR4v4a6Qp_Xq7rEBg8pIbyZ1McgWktl-4rn3Y6Ra0GlakFH2_6K9SpGfIPLuKLImFFtrOaA7leLoQ14y7XIWluW7CHBUd5AOaf-f4lgHE9u0J_keRuyeA-03OeA&RFmKOEne=4&fbrWFzXS=4091021&ncswpXRK=&SFzHVaeE=0,0&cUutSAgf=&IwsLWSCc=&s=1280,1024,1,1280,1024,0 IP208.95.112.254:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subjectblockadsnot.com Fingerprint08:5E:F7:F5:F7:1E:CA:E8:7E:0B:56:16:C6:57:A9:7B:FA:BF:73:41 ValidityWed, 11 Sep 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /hdkuahiclrjxfel?JKZdMcVm=BQMyAAAAAAAACZUAAqllqC46jZvkNM0-htZxQ_O5dd2WZJx1HjQ4PVD_Zi7AdwAzvPpn_t7jLGsY_md2Nzy2a8i8CLEHAnexXRvb3wnmVMxJzkCU1-khuzL-rsl7ezcglXpEoMd-xOKNzj8VDe-k-AHjfP3_kwWZEZKCTDV6liAFY2ptg3fTJDGwthgqw3-JHV_0wndFRIxnHgeBfF8l0Gypyqy5FnUnp3HwEESU5IEo0Kb5wt7h_udUU2rHMWhMwJx816sfNx7g5lGwvbEBArzNIoEzqB_zvB_EV7uzkzxRz7vFVkSBLqc07bll46qxP_7sKHQdIuyf8KW5yYHSwffEDTjupe2c7udraD71VNL-S4PMk2wXIUMYNEpM_T6BV7Nmc7aDLeNWjmhy5Fvh85AtJF3VCZrhL1_4EoBBEcM0tfGrpuBYWqWpuJjYWmkDJ6puKdXgXnElefqDibgC2lYaaqHnyQgPAp7FW3C8alZ8Lukv8QDxEZzWmDra7Ret-1p14SAf42MSc0iUNvgrRIi7r-x6WQdBv02mOXztU4O8v_zg8vDDEsC6uO-hulwTaLjDtSCpFYqpnvLqNu-GDOhf98qSUdbDkpdJaRt6NucnF8UyljpN1YsYxpcL44N7npR9ZKBIidn6M0Gp6lPNDzn12a9DufNSn5mUgJ5avrp7s46Pcuxe0Xurxb5TCHivGX2J81nkEewTnuNvOXwmqwKE81rjaZqz5r49EN31NJ5N3Z8RMr86ggLtExDWN4hxuMr9FmrOvGDUALxlN2PXc1QKPIhWgXncdsd5klbQ3L3rtwBHnCSk0jEs9Fl5TvZ93156uqeMNi7omvgq2M40hvElk1yaEYTas9LpuiUE0nJWaBk8EA5d7rdNBnAQNG1UHspFLg2O2CHi-KlB8IzpKDyrXZNzj5ROV9fxOR1D-hDur_zqwnbPjzVfHcmNfJj7drUVsfs664VFzKFVDrFLqt4jR4v4a6Qp_Xq7rEBg8pIbyZ1McgWktl-4rn3Y6Ra0GlakFH2_6K9SpGfIPLuKLImFFtrOaA7leLoQ14y7XIWluW7CHBUd5AOaf-f4lgHE9u0J_keRuyeA-03OeA&RFmKOEne=4&fbrWFzXS=4091021&ncswpXRK=&SFzHVaeE=0,0&cUutSAgf=&IwsLWSCc=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb3
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 01 Dec 2024 19:36:10 GMT
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=06e2eefbde702208a7324b7b8f526df8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=06e2eefbde702208a7324b7b8f526df8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subject*.unseenreport.com FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74 ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=06e2eefbde702208a7324b7b8f526df8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 585dde4c92988d046c9640a94702d251
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=2c0360ed33b0b4736859081c701f9a91&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=2c0360ed33b0b4736859081c701f9a91&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subject*.unseenreport.com FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74 ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=2c0360ed33b0b4736859081c701f9a91&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: cbfdb0962b3c4ebd4a209bd43b2b37f7
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=461376390131460d2543a2334b5021e2&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=461376390131460d2543a2334b5021e2&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subject*.unseenreport.com FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74 ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=deafb31a-f9b5-4be1-b8ff-3b7188942593&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=461376390131460d2543a2334b5021e2&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Dec 2024 19:36:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7673f129f2f533b6234fa5763e83d2e9
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 142.250.74.131 | 200 OK | 18 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP142.250.74.131:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18492, version 1.0 Hash7fda4c62c1bdeae7a08e6fd438104bac b1f626e78f5f6d7be993303a49eb81f0fa4ce57c 4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
GET /s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Nov 2024 02:01:28 GMT
expires: Sat, 29 Nov 2025 02:01:28 GMT
cache-control: public, max-age=31536000
age: 236082
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 18 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint2A:56:7F:C1:73:8D:7A:48:D9:E7:52:83:15:27:9D:C3:C9:23:71:52 ValidityMon, 21 Oct 2024 08:37:59 GMT - Mon, 13 Jan 2025 08:37:58 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18536, version 1.0 Hash8eff0b8045fd1959e117f85654ae7770 227fee13ceb7c410b5c0bb8000258b6643cb6255 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Nov 2024 11:37:11 GMT
expires: Fri, 28 Nov 2025 11:37:11 GMT
cache-control: public, max-age=31536000
age: 287939
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tdd3ktekvizs.s4.adsco.re/ |  185.200.116.60 | 200 OK | 0 B |
URL POST HTTP/2tdd3ktekvizs.s4.adsco.re/ IP185.200.116.60:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint5B:26:FD:D5:2E:64:53:9F:6D:20:4F:04:72:4B:D4:1A:AF:59:28:19 ValidityTue, 19 Nov 2024 09:14:12 GMT - Mon, 17 Feb 2025 09:14:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tdd3ktekvizs.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:10 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | 200 OK | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2025-01-01-20-48-31.chain; p384ecdsa=YDODa-oKi_dTewuWm5_emeSOwDlUTECAUvAIpzqe_WPP8o1eqqquU-crKkLSTBbB1jiBSxXo4_siRfkZXnCkshi0c6vYHYhWOJ1RPPFrBj9pT9vSK9ev9uBB3vvmUzad
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Sun, 01 Dec 2024 19:36:08 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 16
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ukankingwithea.com/asd100.bin | 188.114.96.1 | 522 No Reason Phrase | 7.1 kB |
URL GET HTTP/2ukankingwithea.com/asd100.bin IP188.114.96.1:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5 ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT
File typeHTML document, ASCII text, with very long lines (460) Hash09f53defe271c32e15c9a8a3f90e5b53 4f6bf310602942988830f15d8a6dbcd7d9b370fa ae8e5f1cdcd92bc689cda9566596f23dbcdf7fbd5e0f588533babf1a30ff5353
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.li/
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 522 No Reason Phrase
date: Sun, 01 Dec 2024 19:36:27 GMT
content-type: text/html; charset=UTF-8
content-length: 7096
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s246CwozF4YMio9UNxUB2EAYz%2FX0fbk5pup0rw3fAbMfnZ9grQtBTF0f21YBMRW7ZtIV5bCAFM8sNpZdB1wSLAsqa3hVYvWWVqy%2BnhgznqqYSK1xEHDeS68OlEqCKRoislMGKlI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 8eb5863d9e6c712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17953&min_rtt=16567&rtt_var=4694&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3216&recv_bytes=1282&delivery_rate=261702&cwnd=254&unsent_bytes=0&cid=2f2b8f7ebcf3ce5d&ts=19444&x=0"
X-Firefox-Spdy: h2
|
|
| ukankingwithea.com/asd100.bin | 188.114.96.1 | 522 No Reason Phrase | 7.1 kB |
URL GET HTTP/2ukankingwithea.com/asd100.bin IP188.114.96.1:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5 ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT
File typeHTML document, ASCII text, with very long lines (460) Hash752c99b8ecc66cca4d00a17af436d0cc 44e724d0805251aa308b84092a722cd62d0b9217 a321e5a451df38265d4ece9eba22887b014bbf5c1cfb3bda3baaf98908027282
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.li/
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 522 No Reason Phrase
date: Sun, 01 Dec 2024 19:36:28 GMT
content-type: text/html; charset=UTF-8
content-length: 7096
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgLdepmksv5vW6wFKbFgbqwkVbLmTTzGk8Iu2tAkAls4vLQN1z2xHS8RqOnqnC6na3TqNWg08CmCtgzXRup%2B908WmT6fy09bB9DU08Af7uP3wsYJ8MEae73zo%2BU5wew4qncKDkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 8eb5863d7e39712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17840&min_rtt=16567&rtt_var=3745&sent=16&recv=14&lost=0&retrans=0&sent_bytes=11208&recv_bytes=1282&delivery_rate=594417&cwnd=254&unsent_bytes=0&cid=2f2b8f7ebcf3ce5d&ts=19707&x=0"
X-Firefox-Spdy: h2
|
|
| cdn.creative-stat1.com/sb/ssp/in-page_push/os/android/2/js/script.js | 172.67.133.15 | 200 OK | 404 B |
URL GET HTTP/2cdn.creative-stat1.com/sb/ssp/in-page_push/os/android/2/js/script.js IP172.67.133.15:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectcreative-stat1.com Fingerprint18:F6:86:93:3A:D8:DA:68:65:4C:2B:F2:EF:96:B3:CC:B7:E9:56:36 ValidityFri, 18 Oct 2024 15:49:17 GMT - Thu, 16 Jan 2025 15:49:16 GMT
File typeASCII text, with very long lines (416), with no line terminators Hash579f1c5636e651e926ad592c22f9e89c b2b42ab876031bc2005857b5c8d029816de201a7 38da60a90eb425f8f62b0dce72e43233622c75da4126d4b7e0784e0b5ba94765
GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:44 GMT
etag: W/"65aa8500-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3567890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdaRwKVoAj%2BQUD8NZjL8JWPy%2FFLuDDcvcGpSuKYBsXi50%2FBXTbeLAqVGoQU2ZrLXGdq4nbXER9LktJm0%2Fzq%2Fo1INfFZryontYxlCDknMrji6qtfbY016By5Vaml5B9U6ejmFLcffvk0D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb586443bae56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16525&min_rtt=16447&rtt_var=2716&sent=17&recv=12&lost=0&retrans=0&sent_bytes=10697&recv_bytes=1299&delivery_rate=261324&cwnd=253&unsent_bytes=0&cid=e8c9c377c32ecdb8&ts=74&x=0"
X-Firefox-Spdy: h2
|
|
| dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs | 188.114.96.1 | 200 OK | 2.8 kB |
URL GET HTTP/3dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs IP188.114.96.1:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectdood.li Fingerprint5E:DB:2B:BB:29:D5:55:BA:EA:A6:AE:F0:C9:80:67:BE:76:B5:85:71 ValidityFri, 22 Nov 2024 00:25:58 GMT - Thu, 20 Feb 2025 00:25:57 GMT
File typeHTML document, ASCII text, with very long lines (2856), with no line terminators Hashc0371976d58fbf24c7e874e3ea8b3501 54115c2ef9427c360d3cfde273796ed5ac758ad2 83bfa7c3c8d7ba402e998509c587edb3c814f55800d8792432e4cdb6db77da6c
GET /d/149956-PT.srt&c1_label=Portugu%C3%AAs HTTP/1.1
Host: dood.li
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: lang=1; ppu_show_on_06e2eefbde702208a7324b7b8f526df8=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=deafb31a-f9b5-4be1-b8ff-3b7188942593%3A3%3A1; ppu_main_06e2eefbde702208a7324b7b8f526df8=1; ppu_exp_06e2eefbde702208a7324b7b8f526df8=1733085368004; sb_main_2c0360ed33b0b4736859081c701f9a91=1; sb_count_2c0360ed33b0b4736859081c701f9a91=1; a=Db36auatTsaioHdHixkJAAxGIpJR2U0g; pp_main_461376390131460d2543a2334b5021e2=1; pp_idelay_461376390131460d2543a2334b5021e2=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=niecesauthor.com; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQMyAAAAAAAACZUAAqllqC46jZvkNM0-htZxQ_O5dd2WZJx1HjQ4PVD_Zi7AdwAzvPpn_t7jLGsY_md2Nzy2a8i8CLEHAnexXRvb3wnmVMxJzkCU1-khuzL-rsl7ezcglXpEoMd-xOKNzj8VDe-k-AHjfP3_kwWZEZKCTDV6liAFY2ptg3fTJDGwthgqw3-JHV_0wndFRIxnHgeBfF8l0Gypyqy5FnUnp3HwEESU5IEo0Kb5wt7h_udUU2rHMWhMwJx816sfNx7g5lGwvbEBArzNIoEzqB_zvB_EV7uzkzxRz7vFVkSBLqc07bll46qxP_7sKHQdIuyf8KW5yYHSwffEDTjupe2c7udraD71VNL-S4PMk2wXIUMYNEpM_T6BV7Nmc7aDLeNWjmhy5Fvh85AtJF3VCZrhL1_4EoBBEcM0tfGrpuBYWqWpuJjYWmkDJ6puKdXgXnElefqDibgC2lYaaqHnyQgPAp7FW3C8alZ8Lukv8QDxEZzWmDra7Ret-1p14SAf42MSc0iUNvgrRIi7r-x6WQdBv02mOXztU4O8v_zg8vDDEsC6uO-hulwTaLjDtSCpFYqpnvLqNu-GDOhf98qSUdbDkpdJaRt6NucnF8UyljpN1YsYxpcL44N7npR9ZKBIidn6M0Gp6lPNDzn12a9DufNSn5mUgJ5avrp7s46Pcuxe0Xurxb5TCHivGX2J81nkEewTnuNvOXwmqwKE81rjaZqz5r49EN31NJ5N3Z8RMr86ggLtExDWN4hxuMr9FmrOvGDUALxlN2PXc1QKPIhWgXncdsd5klbQ3L3rtwBHnCSk0jEs9Fl5TvZ93156uqeMNi7omvgq2M40hvElk1yaEYTas9LpuiUE0nJWaBk8EA5d7rdNBnAQNG1UHspFLg2O2CHi-KlB8IzpKDyrXZNzj5ROV9fxOR1D-hDur_zqwnbPjzVfHcmNfJj7drUVsfs664VFzKFVDrFLqt4jR4v4a6Qp_Xq7rEBg8pIbyZ1McgWktl-4rn3Y6Ra0GlakFH2_6K9SpGfIPLuKLImFFtrOaA7leLoQ14y7XIWluW7CHBUd5AOaf-f4lgHE9u0J_keRuyeA-03OeA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sat, 30 Nov 2024 19:36:09 GMT
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLo6xTyNJ900EhsZcWlOEn0y%2FnBXkOimd6I9QnJbQKhy0Uv6dOyiXIJ1OKC7ZdrQ7KWLpYLgQVrToKiKaChvMKjhiYzspH5MPRQvkma%2Fa6HQcPBLGr5pBG0O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb58645ab7a712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21841&min_rtt=19056&rtt_var=7287&sent=26&recv=10&lost=0&retrans=0&sent_bytes=20653&recv_bytes=3028&delivery_rate=180498&cwnd=24000&unsent_bytes=0&cid=cc19a2035c485409&ts=3660&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| www.blockadsnot.com/SLjBN/ajssor.slider.min.js |  185.76.9.11 | 200 OK | 37 kB |
URL GET HTTP/2www.blockadsnot.com/SLjBN/ajssor.slider.min.js IP185.76.9.11:443 ASN#60068 Datacamp Limited
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerLet's Encrypt Subject1158060716.rsc.cdn77.org Fingerprint80:CA:59:64:70:D1:E2:1E:93:CF:51:2B:E9:EA:6C:E6:30:49:DF:4C ValidityTue, 26 Nov 2024 18:50:01 GMT - Mon, 24 Feb 2025 18:50:00 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hash845c59fd5ba583deddaa2c8fc5806030 61681132f5347c0309bc908ef5e98918ffb0a66f 6f5c8871966e8b4db3c4ff64b143271f927ba7fa85b75fdd74061c7312192235
GET /SLjBN/ajssor.slider.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:07 GMT
content-type: application/x-javascript
popads-node: wb2
expires: Mon, 02 Dec 2024 02:16:00 GMT
access-control-allow-origin: https://dood.li
link: <https://blockadsnot.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJCgH3NtwIAAwBuUwKCQH3kQAAAAwBJRPCLgG3AAAAAA
x-77-nzt-ray: e2f754200378c90ca7ba4c6765d1792e
x-77-cache: HIT
x-77-age: 580662
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cO-XFm4XWGeuSzL80IDxFrBRjZu30PYud3XwmeKOHLgCrp_PywcacqebcYxCnTFxlkmv6U3g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2099050375%3A1733081768652347&ddm=1 | 64.233.164.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cO-XFm4XWGeuSzL80IDxFrBRjZu30PYud3XwmeKOHLgCrp_PywcacqebcYxCnTFxlkmv6U3g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2099050375%3A1733081768652347&ddm=1 IP64.233.164.84:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintD1:AB:CE:1E:B7:4F:B7:7F:C5:89:77:22:C2:DD:2C:C9:59:FE:85:9F ValidityMon, 21 Oct 2024 08:37:10 GMT - Mon, 13 Jan 2025 08:37:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cO-XFm4XWGeuSzL80IDxFrBRjZu30PYud3XwmeKOHLgCrp_PywcacqebcYxCnTFxlkmv6U3g&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2099050375%3A1733081768652347&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Dec 2024 19:36:08 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-kk3zD78UE35b3c-5dzzwEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.8TmbtYVjfuM.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-ccxz28c3qIUnRpnWENZxwIgyUaf4Q5GJtlCNONtVLgD6zs9j7jZnwCG-1TofK8-6Y0M_AnwA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-888828776%3A1733081768655288&ddm=1 | 64.233.164.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-ccxz28c3qIUnRpnWENZxwIgyUaf4Q5GJtlCNONtVLgD6zs9j7jZnwCG-1TofK8-6Y0M_AnwA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-888828776%3A1733081768655288&ddm=1 IP64.233.164.84:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintD1:AB:CE:1E:B7:4F:B7:7F:C5:89:77:22:C2:DD:2C:C9:59:FE:85:9F ValidityMon, 21 Oct 2024 08:37:10 GMT - Mon, 13 Jan 2025 08:37:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-ccxz28c3qIUnRpnWENZxwIgyUaf4Q5GJtlCNONtVLgD6zs9j7jZnwCG-1TofK8-6Y0M_AnwA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-888828776%3A1733081768655288&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.li/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Dec 2024 19:36:08 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-kischiiSRr_ryfhlJYuG2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.8TmbtYVjfuM.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.creative-stat1.com/sb/ssp/in-page_push/os/android/2/css/animate.css | 172.67.133.15 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-stat1.com/sb/ssp/in-page_push/os/android/2/css/animate.css IP172.67.133.15:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectcreative-stat1.com Fingerprint18:F6:86:93:3A:D8:DA:68:65:4C:2B:F2:EF:96:B3:CC:B7:E9:56:36 ValidityFri, 18 Oct 2024 15:49:17 GMT - Thu, 16 Jan 2025 15:49:16 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/ssp/in-page_push/os/android/2/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:44 GMT
etag: W/"65aa8500-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 3551680
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZD7qwH1%2F8mmUTyhb1igrMML9Sinc41Cw8WVP2mE%2Fj6qOIITt25z0x%2B5txP2gUQYWrHVV%2FXm6APTg2pTW0%2BTEOYMUv0BWNc0849Y%2FJNHv1CI1L%2BRQRWfSAku0QjnIJ72WlfWez%2FiOl%2BCy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb586443b9d56ab-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16499&min_rtt=16447&rtt_var=3550&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3218&recv_bytes=1268&delivery_rate=261324&cwnd=252&unsent_bytes=0&cid=e8c9c377c32ecdb8&ts=65&x=0"
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 78 kB |
IP104.17.167.186:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (881) Hash70e681d122073a9bc3f704fb0f96a82d 5916b6dea0ea58b5807287ca1cd4faf9c9f3aae5 73bfce45d382df02d75ef2ef688325cc973139931db445ee753c2af8a85f3965
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 01 Jan 2025 19:36:09 GMT
etag: W/"cOaB0SIHOpvD9wT7D5aoLQ=="
content-encoding: gzip
cf-cache-status: HIT
age: 498495
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb586411b5d569a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| 6.adsco.re:2087/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectupload.video.google.com FingerprintE8:18:86:79:89:2E:F0:7C:66:1F:C3:43:81:D2:6D:9E:0C:9C:AB:05 ValidityMon, 21 Oct 2024 08:38:00 GMT - Mon, 13 Jan 2025 08:37:59 GMT
File typeASCII text, with very long lines (7364), with no line terminators Hashe082b2c49137015642f9e60e58c34f87 02ab175bf4bcab25a605a280bb2405ea233d3085 654f6d483488078da3ff22c940040ea8a603172ff7d43d21a57b213976e06ec5
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 01 Dec 2024 19:36:10 GMT
date: Sun, 01 Dec 2024 19:36:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| undefined/eGdYekwZBTsXcxlaOlw5CgtlX34+Qmo8KEkBaE86ClQrED8NHm9ULxQILR4qCgg2DmIWAixffj4VCy0eCTZqFT07EAkWGixXFj4iTTM+Fg4hA2kWOj4lPxcIMDYZOB8PKAINKzw9CTt6OxAJABoCABY2HTEuCAA0LCogCWlKJQkSeE0jNigZLCRgNgYPKQAgHUAJGksoATMbHQ07L20fLgAiFBwrGwoQHQEOJTESDi8mDhwWSTUIGRoIDxA8OAEzaxUhLFQeGwYpVx00JDIUDhYjTzI2QnsgLzwqKRE9CBkaF1AdEXUPLGs4HyovFj4uPj05MA1AFhwNYS4KDzt1LzA2MC0dMQ4bLxNebywNDxYfOTs7JQwOHB0eEi4oLTVtKyRBQmo4Gw9BMgkjFhdlCyU/JjoMFEEXKQ0 | 0.0.0.0 | | 0 B |
URL GET undefined/eGdYekwZBTsXcxlaOlw5CgtlX34+Qmo8KEkBaE86ClQrED8NHm9ULxQILR4qCgg2DmIWAixffj4VCy0eCTZqFT07EAkWGixXFj4iTTM+Fg4hA2kWOj4lPxcIMDYZOB8PKAINKzw9CTt6OxAJABoCABY2HTEuCAA0LCogCWlKJQkSeE0jNigZLCRgNgYPKQAgHUAJGksoATMbHQ07L20fLgAiFBwrGwoQHQEOJTESDi8mDhwWSTUIGRoIDxA8OAEzaxUhLFQeGwYpVx00JDIUDhYjTzI2QnsgLzwqKRE9CBkaF1AdEXUPLGs4HyovFj4uPj05MA1AFhwNYS4KDzt1LzA2MC0dMQ4bLxNebywNDxYfOTs7JQwOHB0eEi4oLTVtKyRBQmo4Gw9BMgkjFhdlCyU/JjoMFEEXKQ0 IP0.0.0.0:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /eGdYekwZBTsXcxlaOlw5CgtlX34+Qmo8KEkBaE86ClQrED8NHm9ULxQILR4qCgg2DmIWAixffj4VCy0eCTZqFT07EAkWGixXFj4iTTM+Fg4hA2kWOj4lPxcIMDYZOB8PKAINKzw9CTt6OxAJABoCABY2HTEuCAA0LCogCWlKJQkSeE0jNigZLCRgNgYPKQAgHUAJGksoATMbHQ07L20fLgAiFBwrGwoQHQEOJTESDi8mDhwWSTUIGRoIDxA8OAEzaxUhLFQeGwYpVx00JDIUDhYjTzI2QnsgLzwqKRE9CBkaF1AdEXUPLGs4HyovFj4uPj05MA1AFhwNYS4KDzt1LzA2MC0dMQ4bLxNebywNDxYfOTs7JQwOHB0eEi4oLTVtKyRBQmo4Gw9BMgkjFhdlCyU/JjoMFEEXKQ0 HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 4.adsco.re:2087/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint3B:64:1C:DA:8C:64:22:01:36:0F:54:7A:99:6E:AD:26:C2:EF:59:8B ValidityMon, 23 Sep 2024 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| ukankingwithea.com/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5 ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.li/
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| undefined/RzRISksmVisndCYJKmw+NVh1b3kBEXoML3ZSeH89NQc7IDgyTX9kKCtbPS4tNVsmPmUpUTxveQFSHXgdKVAlDzwEUyMbEy5XBQt7M20RexkRZXkmegFmHR4JdQAKCQksci4bIAhhCTksBFMjDRMGRx4LIB5ABy0zFWUNKSUPQwYGHh9hAggjIHMqIQYEcwkAPhFxDRIJE3IRH3oGYgE9JApnMBsyBGUjDgwTWywJGXZ8Ai0ZJnM/fjsDdTsrCg9uEAMeCWQRegkRZiMhORFyEh4eL3IJHB4eegctOBRwIxgjEWZxBR0wTBwfeglnDR8JEWYgBycWcmUbeBBzHgYddg0NEx0SdQ09AnN3IwAODQYOHB0sbhoTJxFjHXsFLXU/fg4FcB0BA3Z6HAwdP2YfDA12cQ46A2FeOyUlNwkQOi53eCEjfXE | 0.0.0.0 | | 0 B |
URL GET undefined/RzRISksmVisndCYJKmw+NVh1b3kBEXoML3ZSeH89NQc7IDgyTX9kKCtbPS4tNVsmPmUpUTxveQFSHXgdKVAlDzwEUyMbEy5XBQt7M20RexkRZXkmegFmHR4JdQAKCQksci4bIAhhCTksBFMjDRMGRx4LIB5ABy0zFWUNKSUPQwYGHh9hAggjIHMqIQYEcwkAPhFxDRIJE3IRH3oGYgE9JApnMBsyBGUjDgwTWywJGXZ8Ai0ZJnM/fjsDdTsrCg9uEAMeCWQRegkRZiMhORFyEh4eL3IJHB4eegctOBRwIxgjEWZxBR0wTBwfeglnDR8JEWYgBycWcmUbeBBzHgYddg0NEx0SdQ09AnN3IwAODQYOHB0sbhoTJxFjHXsFLXU/fg4FcB0BA3Z6HAwdP2YfDA12cQ46A2FeOyUlNwkQOi53eCEjfXE IP0.0.0.0:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /RzRISksmVisndCYJKmw+NVh1b3kBEXoML3ZSeH89NQc7IDgyTX9kKCtbPS4tNVsmPmUpUTxveQFSHXgdKVAlDzwEUyMbEy5XBQt7M20RexkRZXkmegFmHR4JdQAKCQksci4bIAhhCTksBFMjDRMGRx4LIB5ABy0zFWUNKSUPQwYGHh9hAggjIHMqIQYEcwkAPhFxDRIJE3IRH3oGYgE9JApnMBsyBGUjDgwTWywJGXZ8Ai0ZJnM/fjsDdTsrCg9uEAMeCWQRegkRZiMhORFyEh4eL3IJHB4eegctOBRwIxgjEWZxBR0wTBwfeglnDR8JEWYgBycWcmUbeBBzHgYddg0NEx0SdQ09AnN3IwAODQYOHB0sbhoTJxFjHXsFLXU/fg4FcB0BA3Z6HAwdP2YfDA12cQ46A2FeOyUlNwkQOi53eCEjfXE HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| ukankingwithea.com/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5 ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.li/
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| cdn.creative-stat1.com/sb/ssp/in-page_push/os/android/2/css/style.css | 172.67.133.15 | 200 OK | 4.7 kB |
URL GET HTTP/2cdn.creative-stat1.com/sb/ssp/in-page_push/os/android/2/css/style.css IP172.67.133.15:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectcreative-stat1.com Fingerprint18:F6:86:93:3A:D8:DA:68:65:4C:2B:F2:EF:96:B3:CC:B7:E9:56:36 ValidityFri, 18 Oct 2024 15:49:17 GMT - Thu, 16 Jan 2025 15:49:16 GMT
File typeASCII text, with very long lines (4942), with no line terminators Hash3c322ca8e86e3b80df2633ae4023d605 2346278de279cfef28a590134db26472d40a77af 551bbe3e5451f642de63fdf3ed2303b5b929fca65d26733eca389bc214c911c6
GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:44 GMT
etag: W/"65aa8500-124a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 3275214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=doJm1dnsxigLnUI84ObvBh825edYdtiabIC%2F5SKP6s35VWz8PjI71TdRQPKTD7g9uAH5%2FdZe6cAKL7ktsUk533Wm6O6OxOTeLGNwWrufRnYWWUygPNXjGZzwmTpJC8vCpFoWCEH6NOaF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8eb586443ba756ab-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16499&min_rtt=16447&rtt_var=3550&sent=14&recv=11&lost=0&retrans=0&sent_bytes=8931&recv_bytes=1268&delivery_rate=261324&cwnd=252&unsent_bytes=0&cid=e8c9c377c32ecdb8&ts=67&x=0"
X-Firefox-Spdy: h2
|
|
| cdn.show-sb.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html | 172.67.170.115 | 200 OK | 1.0 kB |
URL GET HTTP/2cdn.show-sb.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html IP172.67.170.115:443
Requested byhttps://dood.li/d/149956-PT.srt&c1_label=Portugu%C3%AAs CertificateIssuerGoogle Trust Services Subjectshow-sb.com FingerprintDE:97:01:25:F3:91:37:6C:5B:CA:2B:55:01:2E:C7:F8:D9:16:D8:DC ValidityFri, 18 Oct 2024 17:26:42 GMT - Thu, 16 Jan 2025 17:26:41 GMT
File typeHTML document, ASCII text, with very long lines (1105), with no line terminators Hashb3dbcc7bda277712ab6c111f7dd5b218 e68936db71fea46525d1d07868a9d6599e7a6a17 4e86b5724dcc3ea92cc005460b5c81b461d4b5c69e0d745d4886d0449f59b3b6
GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.li
DNT: 1
Connection: keep-alive
Referer: https://dood.li/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Dec 2024 19:36:09 GMT
content-type: text/html
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=626njuvyg5D%2Ft5O0mdy1S8RF%2F67agvq9ktJQR2R3pDle0XQxixeCkjAwCpb9uaENKqOVSblPsKRGFk%2F6doSxV%2BXmNq5L3qoVh7Tczz6mhdEJ7H0NPnX%2BaUZbRD1kLWe3mps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8eb5864228c9b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21652&min_rtt=16534&rtt_var=12156&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1235&delivery_rate=261560&cwnd=254&unsent_bytes=0&cid=8b9d84b006c01778&ts=212&x=0"
X-Firefox-Spdy: h2
|
|