| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiM3ZjWrrygFPrYkd3vmpAkCZIhRoXbwPvo6OSyhT7-FievI5mxFoavi3H3A0xUoh2E1nyz9ag |  142.250.147.84 | 302 Found | 0 B |
URL GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiM3ZjWrrygFPrYkd3vmpAkCZIhRoXbwPvo6OSyhT7-FievI5mxFoavi3H3A0xUoh2E1nyz9ag IP142.250.147.84:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectaccounts.google.com FingerprintB1:06:D8:49:F1:03:BE:43:D7:79:D9:25:25:FE:92:54:6C:93:0B:54 ValidityMon, 12 May 2025 08:44:47 GMT - Mon, 04 Aug 2025 08:44:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiM3ZjWrrygFPrYkd3vmpAkCZIhRoXbwPvo6OSyhT7-FievI5mxFoavi3H3A0xUoh2E1nyz9ag HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:rxqMlpUwpQJYzYHlazmL4n944skigA:LAj666iWWQE1gnrI;Path=/;Expires=Sun, 30-May-2027 10:29:25 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 May 2025 10:29:25 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiO6Ohg0ZIHLdPWzFWXdmcLFcBm4LEgQI1RGrAU1YiEi_BvST-2zdHJgCwUOCldNsfvJOi-Zpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S537499916%3A1748600965613998
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-P618dTsFRJXnJ1GwvTfKWQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 418
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.doodcdn.io/cover/pyzg20z1iuikk8my-rsckc5byql7f.jpg |  172.67.75.50 | 302 Found | 0 B |
URL GET img.doodcdn.io/cover/pyzg20z1iuikk8my-rsckc5byql7f.jpg IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cover/pyzg20z1iuikk8my-rsckc5byql7f.jpg HTTP/1.1
Host: img.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 30 May 2025 10:29:24 GMT
content-type: text/html
location: https://odw7bf.dood.video/404.html
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cda7b9fb4fd-OSL
access-control-allow-origin: *
cf-cache-status: BYPASS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opgHmJ%2FKhMsWwI4O3aNY%2Fl8kbTnNVZWv%2FhmbW%2BfH%2F9NZZWj3W2fcpiCcFrjOksdi%2BOAJ5OxKj7r0kmcfJ7xl%2BjXRvXPRXK8XNA4EC1uPFtdDsDGLTIW3pHpizTw1HKo6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3925&min_rtt=1719&rtt_var=1424&sent=142&recv=19&lost=0&retrans=1&sent_bytes=148171&recv_bytes=3044&delivery_rate=37690&cwnd=96000&unsent_bytes=0&cid=d1ab40f45877a52d&ts=1904&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| isolatedovercomepasted.com/get/1841674?zoneid=1841674&pid=__clb-1841674_1&jp=_clsfnzkcbjzgqcugkswynz&dr=52&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=sTkdeARaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=7714420683955200&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&bp=3&uf=0&freq=0 |  94.242.247.24 | 200 OK | 6.6 kB |
URL GET isolatedovercomepasted.com/get/1841674?zoneid=1841674&pid=__clb-1841674_1&jp=_clsfnzkcbjzgqcugkswynz&dr=52&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=sTkdeARaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=7714420683955200&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&bp=3&uf=0&freq=0 IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject FingerprintBB:6D:E1:77:DE:80:15:9D:0B:90:58:D2:8F:D7:8F:9A:59:F5:B5:53 ValidityMon, 03 Mar 2025 23:53:40 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeASCII text, with very long lines (6593), with no line terminators Hash013e3073cf597b38e2a93d90fddd819f a8cdc2f6cc1b6b4669c19527f4ef77f4c97832a5 5e927796ccd66c9ce87b9628394ffb62610c1a84bcb149370396218664791c4b
GET /get/1841674?zoneid=1841674&pid=__clb-1841674_1&jp=_clsfnzkcbjzgqcugkswynz&dr=52&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=sTkdeARaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=7714420683955200&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&bp=3&uf=0&freq=0 HTTP/1.1
Host: isolatedovercomepasted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:25 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Fri, 03 Jul 2026 10:29:25 GMT; Secure; SameSite=None
UID=25053005296b0da80030b649f0929af6465b; Path=/; Expires=Fri, 03 Jul 2026 10:29:25 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| | 172.67.68.122 | 200 OK | 18 kB |
IP172.67.68.122:443
CertificateIssuerGoogle Trust Services Subjectdoply.net Fingerprint4E:5D:5F:2C:19:38:42:0B:22:C2:28:41:55:6E:DA:EC:FA:5E:1A:AF ValiditySun, 18 May 2025 10:09:34 GMT - Sat, 16 Aug 2025 11:07:21 GMT
File typeHTML document, ASCII text, with very long lines (18251), with no line terminators Hash2109b1ec25d6ea2f790327fbded6dc80 a323f29ea4769c195a976c07965aefea0a747f61 9939deaf1025b2da86720522235388ad0d608f08e024692ffa5a48abbc906bff
GET /d/8fcdiimj3wyv HTTP/1.1
Host: doply.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:21 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 947d8ccb1e0756b7-OSL
vary: Accept-Encoding
expires: Thu, 29 May 2025 10:29:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ML4RZZUeE3badEX%2B8HOZA%2FYy%2BZGyZ%2FlSGd8ZoGpkNK4JUTdINjqoKv%2Fnf%2BONVX3h7u2mE2quC%2F%2BbL9yHJC7ZfhLHOYYrab9Af2n%2Bv5%2Bdv4flAdudkuz9XFfJJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: lang=1; HttpOnly; Path=/; Domain=doply.net
server-timing: cfL4;desc="?proto=TCP&rtt=6463&min_rtt=455&rtt_var=11915&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3271&recv_bytes=1254&delivery_rate=6917197&cwnd=254&unsent_bytes=0&cid=3dfafc40a8dfcaaf&ts=150&x=0"
X-Firefox-Spdy: h2
|
|
| croupepenitis.shop/r68384c424ffca/70849 | 212.117.186.4 | 200 OK | 62 kB |
URL GET croupepenitis.shop/r68384c424ffca/70849 IP212.117.186.4:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectcroupepenitis.shop Fingerprint52:26:44:B0:3C:55:6C:43:9D:C9:12:05:29:30:54:5D:6E:40:FC:47 ValidityThu, 29 May 2025 10:05:33 GMT - Wed, 27 Aug 2025 10:05:32 GMT
File typeJavaScript source, ASCII text, with very long lines (61954), with no line terminators Hashaad5b050f2b137d94e24013c1564c48e 230e6d71631b963a93506d28c72b6a450a022fb0 d78765d100337a5bf782423e96bcabe59efa582d8c0e991bfa7c49900cf0aece
GET /r68384c424ffca/70849 HTTP/1.1
Host: croupepenitis.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 May 2025 10:29:23 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://doply.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sat, 31-May-2025 10:29:23 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 31-May-2025 10:29:23 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| i.doodcdn.io/css/embed.css | 172.67.75.50 | 200 OK | 80 kB |
URL GET i.doodcdn.io/css/embed.css IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeUnicode text, UTF-8 text, with very long lines (40048) Hashc4907b4a84bd80e4ccec940bf9d7f1ec d36c11083cb2f86b99e2380d8c22cf13e74dbb29 f9535c07a6c50f5094b5a0caf5475823b3b32e9998a72cf6ad6d811dc7985d3d
GET /css/embed.css HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: text/css
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd61c3fb4fd-OSL
last-modified: Wed, 05 Mar 2025 20:32:19 GMT
vary: Accept-Encoding
etag: W/"67c8b4d3-13811"
expires: Sun, 29 Jun 2025 05:55:44 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 15557
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dh%2Be7s2%2FPKMRExIUdvoWIKG9Or5EOU6VgcJuyv6W4RfUqqUrzcxf1F4wyl4bbbO4ZG1KIHZab%2FpZVbkTk%2BFUXuFYkmgwwhJv5U6knoToMSEx2YnzJuHBLfcPloBonA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3839&min_rtt=3121&rtt_var=1683&sent=13&recv=6&lost=0&retrans=0&sent_bytes=4917&recv_bytes=1296&delivery_rate=204062&cwnd=12000&unsent_bytes=0&cid=d1ab40f45877a52d&ts=1144&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| i.doodcdn.io/ads/ad.js | 172.67.75.50 | 200 OK | 20 B |
IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeASCII text, with no line terminators Hash69a305bcdc8e061bbd43294a477a3678 506582a1d912d546f5942d95ffae95ec7f4c37ce 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa
GET /ads/ad.js HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd60c3bb4fd-OSL
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cache-control: public, max-age=2592000
expires: Fri, 29 May 2026 22:46:27 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 18060
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCHL7%2FegTiC5Y94k1855QZnxRepaufaAF3gQp66etSodMba4TqwrMElZ8aLhQyeDH6Cqa3qtraSVUoyQOtpuXf7cWztEFHtktAsl4TVM41RBxEXajEpORERM1pbXRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3839&min_rtt=3121&rtt_var=1683&sent=12&recv=6&lost=0&retrans=0&sent_bytes=4104&recv_bytes=1296&delivery_rate=204062&cwnd=12000&unsent_bytes=0&cid=d1ab40f45877a52d&ts=1125&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| i.doodcdn.io/theme_2/img/loader.svg | 172.67.75.50 | 200 OK | 694 B |
URL GET i.doodcdn.io/theme_2/img/loader.svg IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeexported SGML document, ASCII text Hashbe00fc4a29d03016e78b28c9943e3f51 10f2025f5aa96706cc81e050eadfcaa9bcc55af5 eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
GET /theme_2/img/loader.svg HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.io/css/embed.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:24 GMT
content-type: image/svg+xml
cf-ray: 947d8cda8bb7b4fd-OSL
server: cloudflare
content-encoding: br
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sat, 28 Jun 2025 18:04:16 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 40676
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9yK2JxEpG2609%2FMnQ4DgGoVLikmNx7Etv%2BndUXm3nge6TV3%2BmSsSBWii4dlm3U%2Byz7T4uP%2FO6exRYZknuN0JAHOiUHxuuEafqq4L8QyOEpkS7FtRQvhEUfUExyIlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4108&min_rtt=1719&rtt_var=1412&sent=140&recv=18&lost=0&retrans=0&sent_bytes=145937&recv_bytes=2998&delivery_rate=123535&cwnd=96000&unsent_bytes=0&cid=d1ab40f45877a52d&ts=1839&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| hebenefitssheasht.com/cHRQYlhfSzMRZRFEAiECGzozBBAAITVTMAoQYSQhKBoeGA0oJXYWMRRJaVVsQkBlRCgZEG1TYFYHJAMsBQdtU34ZGjYNZVYCbVN2QFpiTG1WAW1TfgQEMQVlQVIgFiwcSWFVbEhCYFJhRkBjVmE | 188.114.97.1 | 204 No Content | 0 B |
URL GET hebenefitssheasht.com/cHRQYlhfSzMRZRFEAiECGzozBBAAITVTMAoQYSQhKBoeGA0oJXYWMRRJaVVsQkBlRCgZEG1TYFYHJAMsBQdtU34ZGjYNZVYCbVN2QFpiTG1WAW1TfgQEMQVlQVIgFiwcSWFVbEhCYFJhRkBjVmE IP188.114.97.1:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjecthebenefitssheasht.com FingerprintED:8B:52:5D:3B:8F:DF:14:28:3A:16:CE:D9:C0:54:E8:35:84:04:03 ValidityTue, 22 Apr 2025 10:33:19 GMT - Mon, 21 Jul 2025 11:31:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cHRQYlhfSzMRZRFEAiECGzozBBAAITVTMAoQYSQhKBoeGA0oJXYWMRRJaVVsQkBlRCgZEG1TYFYHJAMsBQdtU34ZGjYNZVYCbVN2QFpiTG1WAW1TfgQEMQVlQVIgFiwcSWFVbEhCYFJhRkBjVmE HTTP/1.1
Host: hebenefitssheasht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 30 May 2025 10:29:24 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FDJDItYyUPo1vnuTdJjlvk0ISVUE%2FT6j5V3yHzpbV5FDgaYsJCTqRcLliyDh5JlNlcUpFZa1HGB%2Bwos0vTAwY78Vsf%2B3DOfWQSydnC%2BmGilgX0w%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 947d8cdc19355693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| betotodilea.com/split_track?action=first_match&zone=4857535&oaid=undefined&request_options_with_adex= |  139.45.197.104 | 204 No Content | 0 B |
URL POST betotodilea.com/split_track?action=first_match&zone=4857535&oaid=undefined&request_options_with_adex= IP139.45.197.104:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectbetotodilea.com Fingerprint52:DD:84:C3:DF:8B:D7:F5:39:6F:8F:B6:E3:0A:14:B3:B2:C8:75:06 ValidityWed, 09 Apr 2025 02:23:21 GMT - Tue, 08 Jul 2025 02:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /split_track?action=first_match&zone=4857535&oaid=undefined&request_options_with_adex= HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: OAID=0301d92c3b384c93f21f7eb0c456008e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
server: nginx
date: Fri, 30 May 2025 10:29:26 GMT
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, favicon
X-Firefox-Spdy: h2
|
|
| cdn.tsyndicate.com/images/backup_video_icon.png | 45.133.44.70 | 200 OK | 1.7 kB |
URL GET cdn.tsyndicate.com/images/backup_video_icon.png IP45.133.44.70:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectcdn.tsyndicate.com FingerprintC8:21:B5:22:CE:B2:90:D0:CE:CF:F7:57:FA:B4:14:52:BA:AF:3B:EF ValidityFri, 04 Apr 2025 07:32:05 GMT - Thu, 03 Jul 2025 07:32:04 GMT
File typePNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced Hashfd04c7edcd207b506a4495cc25979a5a 53fd1651d6f20b21c1b39cdcea7a34bb9b455726 c8abb7821b116651625dba2df07bc6c6ab9336ca0fe9c2a6774bfb50455d323d
GET /images/backup_video_icon.png HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:27 GMT
content-type: image/png
content-length: 1728
server: nginx
last-modified: Wed, 05 Jun 2024 10:28:41 GMT
etag: "66603dd9-6c0"
x-robots-tag: noindex, nofollow
cache-control: max-age=172800
expires: Sun, 01 Jun 2025 10:29:27 GMT
vary: Accept-Encoding
x-cdn-host-id: ds9893
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bobapsoabauns.com/www/images/c8e226f2ae8c3f4af7477b3681f07cd2.png | 104.21.73.203 | 200 OK | 29 kB |
URL GET bobapsoabauns.com/www/images/c8e226f2ae8c3f4af7477b3681f07cd2.png IP104.21.73.203:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectbobapsoabauns.com Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9 ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashc8e226f2ae8c3f4af7477b3681f07cd2 2de6f877d53a61f9a96a46f2b238eb35627baf2c 2480203e9479426d4835a11bc7e1e82980a92041d7033b6f0450e66fe3027088
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/c8e226f2ae8c3f4af7477b3681f07cd2.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:38 GMT
content-type: image/png
content-length: 28672
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBK0XQ34fKYD3wBv4sBmZmqAT25ersPz4j4PZGFbvHJxeRi%2BSb%2BoMrWMuiQAzYiUW9HZ4WKmkALfIlJ7%2BgLd29laDD%2BPrJY9HusyiYj%2BQcaTO1o2bpD7%2BXl%2BzZFPkwk2WVflxA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 08 Apr 2025 11:57:00 GMT
etag: "67f50f0c-7000"
expires: Sat, 31 May 2025 03:53:38 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 23759
cf-cache-status: HIT
cf-ray: 947d8d34dfc31c12-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8283&min_rtt=6344&rtt_var=5616&sent=26&recv=34&lost=0&retrans=0&sent_bytes=4516&recv_bytes=2537&delivery_rate=436891&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=7433dc03a5ce7c86&ts=9981&x=80"
|
|
| appointeeivyspongy.com/lv/esnk/1841679/code.js | 94.242.247.24 | 200 OK | 167 kB |
URL GET appointeeivyspongy.com/lv/esnk/1841679/code.js IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30 ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size167 kB (166669 bytes) Hash9e825a817e7847405d2c2df7b73e11d1 704df7332f8d8f313275a47bfeadae7aae91a3c4 4002d2b20f109f8d9cafa1377969c8edcc62affa7d3b67ec7267f3519a2fe842
GET /lv/esnk/1841679/code.js HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 22 May 2025 10:24:41 GMT
vary: Accept-Encoding
etag: W/"682efb69-28bbb"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js | 104.17.24.14 | 200 OK | 1.3 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js IP104.17.24.14:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1266) Hash4412bf8023109ee9eb1f1f226d391329 c273960aa874a87dd022b5e597887142f1b8e34f d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 947d8cce2fcb56ae-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 650356
expires: Wed, 20 May 2026 10:29:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5eQtV%2FbeUuhTuqIw0cjFnOjtMFu7qsDUNnkP7j9wbWZ6ShtSL2UGIsDShOCBoINYz83wqqhplyMd0yVnLyNVCeb6EED6HYdOYzPwsM%2FBA1xjCLPfRWEjTenwF3Z4%2FIYkyxI27oUu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/video.js/7.21.5/video.min.js | 104.17.24.14 | 200 OK | 589 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/video.js/7.21.5/video.min.js IP104.17.24.14:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (48459) Size589 kB (589278 bytes) Hashd7fdaaab43bc993b85290c713fd2d289 46bf3d27b2cf38b0e999d3b0a7613011181c87f9 c9535ea3a4e0af22e960ac1e32d363a71029f31aa96b29fc894e111fee49329e
GET /ajax/libs/video.js/7.21.5/video.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 137405
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 947d8cd61efc5690-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64bb5c88-218bd"
last-modified: Sat, 22 Jul 2023 04:35:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 649328
expires: Wed, 20 May 2026 10:29:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8shR6Wp0MeeU5dGQCyOxZAepj6T2shQgh9Q8sav4rdlMTTLS3CWM10mvqknpq%2Bi9ELuBBmKWXGff8U6V4JdiCqGoSqCFckHoOm26qQwX0UO5ztqNEyFrMf8VdEVJGPzsZ3BxI7AI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| hoptreeperrie.shop/gd/70849?md=eyJhIjo1NzI5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExMTB4NjI0IiwiciI6Imh0dHBzOi8vZG9wbHkubmV0L2QvOGZjZGlpbWozd3l2IiwicSI6Imh0dHBzOi8vZG9wbHkubmV0L2UvOGZjZGlpbWozd3l2IiwiaCI6NDU2NywibCI6ImVuLVVTIiwidCI6MCwieiI6MjUxNCwiayI6MCwidSI6IiIsImYiOnRydWUsIndoIjoiMTExMHg2MjQiLCJpaCI6IjEyODB4MTAyNCIsImUiOiJoaWpleHRsM2Y2NXA3dW8iLCJvIjp0cnVlLCJtIjoxNzQ4NjAwOTY0NTI1LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJDb3luZXNzJTIwR2VuZXZhJTIwcHJpdmF0ZSUyMC0lMjAxMTI2Mjg4MCUyMC0lMjBEb29kU3RyZWFtJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiUyMndpbmRvdyUzQTUlMjIlMkMlMjJsaXZlJTNBNCUyMiUyQyUyMnlvdSUzQTQlMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImhjIjo0OCwiYmwiOi0xLCJiYyI6MywidnYiOiJNZXNhIiwidnIiOiJsbHZtcGlwZSIsImFjIjowLCJjdCI6InVua25vd24iLCJjZXQiOiJ1bmtub3duIiwiY2RsbSI6LTEsImNkbCI6LTEsImNydHQiOi0xLCJ0bXMiOjEyMCwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&fc=h7q5T8idLKWMMrmW6iTG0g&pr=1YB8DBYXc1mTRxnxJxgO3A | 212.117.184.4 | 200 OK | 0 B |
URL OPTIONS hoptreeperrie.shop/gd/70849?md=eyJhIjo1NzI5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExMTB4NjI0IiwiciI6Imh0dHBzOi8vZG9wbHkubmV0L2QvOGZjZGlpbWozd3l2IiwicSI6Imh0dHBzOi8vZG9wbHkubmV0L2UvOGZjZGlpbWozd3l2IiwiaCI6NDU2NywibCI6ImVuLVVTIiwidCI6MCwieiI6MjUxNCwiayI6MCwidSI6IiIsImYiOnRydWUsIndoIjoiMTExMHg2MjQiLCJpaCI6IjEyODB4MTAyNCIsImUiOiJoaWpleHRsM2Y2NXA3dW8iLCJvIjp0cnVlLCJtIjoxNzQ4NjAwOTY0NTI1LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJDb3luZXNzJTIwR2VuZXZhJTIwcHJpdmF0ZSUyMC0lMjAxMTI2Mjg4MCUyMC0lMjBEb29kU3RyZWFtJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiUyMndpbmRvdyUzQTUlMjIlMkMlMjJsaXZlJTNBNCUyMiUyQyUyMnlvdSUzQTQlMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImhjIjo0OCwiYmwiOi0xLCJiYyI6MywidnYiOiJNZXNhIiwidnIiOiJsbHZtcGlwZSIsImFjIjowLCJjdCI6InVua25vd24iLCJjZXQiOiJ1bmtub3duIiwiY2RsbSI6LTEsImNkbCI6LTEsImNydHQiOi0xLCJ0bXMiOjEyMCwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&fc=h7q5T8idLKWMMrmW6iTG0g&pr=1YB8DBYXc1mTRxnxJxgO3A IP212.117.184.4:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjecthoptreeperrie.shop FingerprintC6:93:EA:0D:2E:33:EB:CD:93:C7:EA:53:6D:B5:0C:7B:CC:38:E5:85 ValidityTue, 22 Apr 2025 20:48:41 GMT - Mon, 21 Jul 2025 20:48:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /gd/70849?md=eyJhIjo1NzI5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExMTB4NjI0IiwiciI6Imh0dHBzOi8vZG9wbHkubmV0L2QvOGZjZGlpbWozd3l2IiwicSI6Imh0dHBzOi8vZG9wbHkubmV0L2UvOGZjZGlpbWozd3l2IiwiaCI6NDU2NywibCI6ImVuLVVTIiwidCI6MCwieiI6MjUxNCwiayI6MCwidSI6IiIsImYiOnRydWUsIndoIjoiMTExMHg2MjQiLCJpaCI6IjEyODB4MTAyNCIsImUiOiJoaWpleHRsM2Y2NXA3dW8iLCJvIjp0cnVlLCJtIjoxNzQ4NjAwOTY0NTI1LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJDb3luZXNzJTIwR2VuZXZhJTIwcHJpdmF0ZSUyMC0lMjAxMTI2Mjg4MCUyMC0lMjBEb29kU3RyZWFtJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiUyMndpbmRvdyUzQTUlMjIlMkMlMjJsaXZlJTNBNCUyMiUyQyUyMnlvdSUzQTQlMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImhjIjo0OCwiYmwiOi0xLCJiYyI6MywidnYiOiJNZXNhIiwidnIiOiJsbHZtcGlwZSIsImFjIjowLCJjdCI6InVua25vd24iLCJjZXQiOiJ1bmtub3duIiwiY2RsbSI6LTEsImNkbCI6LTEsImNydHQiOi0xLCJ0bXMiOjEyMCwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&fc=h7q5T8idLKWMMrmW6iTG0g&pr=1YB8DBYXc1mTRxnxJxgO3A HTTP/1.1
Host: hoptreeperrie.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://doply.net/
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 May 2025 10:29:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://doply.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| odw7bf.dood.video/404.html | 0.0.0.0 | | 0 B |
URL GET odw7bf.dood.video/404.html IP0.0.0.0:0
Requested byhttps://doply.net/e/8fcdiimj3wyv
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /404.html HTTP/1.1
Host: odw7bf.dood.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://doply.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| co607kl.cloudatacdn.com/favicon.ico?i | 51.195.104.100 | 200 OK | 15 kB |
URL GET co607kl.cloudatacdn.com/favicon.ico?i IP51.195.104.100:443
Requested bymoz-nullprincipal:{8748c06a-c37b-431b-b108-2f9cc843b896}?https://doply.net CertificateIssuerSectigo Limited Subject*.cloudatacdn.com FingerprintD9:CB:D6:1F:B4:DA:36:1F:52:6C:5B:2E:68:48:4B:77:51:76:16:5B ValidityWed, 31 Jul 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash30d3656f43c817e38c3e7d70b2bfbdad 1aa43b43755e7cba5e145d0978517f7bedad7da6 a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
GET /favicon.ico?i HTTP/1.1
Host: co607kl.cloudatacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 May 2025 10:29:26 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 15406
Connection: keep-alive
Last-Modified: Sat, 29 Feb 2020 09:26:04 GMT
ETag: "3c2e-59fb38b06e300"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
|
|
| fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9e4bd5bb-30c7-405e-b198-a7c5be3e516f | 139.45.195.252 | 200 OK | 0 B |
URL POST fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9e4bd5bb-30c7-405e-b198-a7c5be3e516f IP139.45.195.252:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0 ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9e4bd5bb-30c7-405e-b198-a7c5be3e516f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 451
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Fri, 30 May 2025 10:29:27 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://doply.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| | 104.26.8.147 | 301 Moved Permanently | 18 kB |
IP104.26.8.147:443
CertificateIssuerGoogle Trust Services Subjectdo7go.com Fingerprint19:CB:2F:56:42:07:C7:06:DC:34:5C:47:D5:E0:86:3D:B4:45:D9:4F ValiditySun, 18 May 2025 12:51:20 GMT - Sat, 16 Aug 2025 13:51:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/8fcdiimj3wyv HTTP/1.1
Host: do7go.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 30 May 2025 10:29:21 GMT
content-type: text/html
content-length: 167
location: https://doply.net/d/8fcdiimj3wyv
cf-ray: 947d8cca6db0b527-OSL
server: cloudflare
cache-control: max-age=3600
expires: Fri, 30 May 2025 11:29:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXodMiFsQN6WBlKP8a5C%2BYne0J632NbvKwMfCSOR6Jh5QQE8CIKDMNt6e0DuntaeVCwbXjt06nIFMxHdM5lW4S%2Bdp3V5wtlcgw6myPiwehKIp9fynAlCEP9U3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=508&min_rtt=452&rtt_var=159&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3192&recv_bytes=1132&delivery_rate=7337837&cwnd=253&unsent_bytes=0&cid=c074e69a469a0585&ts=53&x=0"
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/get_slides/760/pyzg20z1iuikk8my.jpg | 172.67.75.50 | 200 OK | 3.2 kB |
URL GET i.doodcdn.io/get_slides/760/pyzg20z1iuikk8my.jpg IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
Hashb60bc1a2d3f91572eee34c5638f39adf 54639339c9057a39c5e8994f2bdf0fa09e932681 2fd0c4a4c453e1f3a22a48c477952581ca39730769e54912afb07ce718ce3b1c
GET /get_slides/760/pyzg20z1iuikk8my.jpg HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:24 GMT
content-type: text/vtt
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cdc28510b55-OSL
access-control-allow-origin: *
last-modified: Fri, 30 May 2025 10:28:16 GMT
cache-control: max-age=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVH5tB%2FZElHWTYHzfYCnlfPO54i6KsdxgZZzE%2FtCzDfwVRB5H0LdMkJI5UUVtLj4zdzGYDn5en3g%2FrcfS7qO4APkgryTBrM0k549t3XkVAm0Acp4XMxwcXNIFj0JEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5973&min_rtt=1322&rtt_var=4118&sent=239&recv=19&lost=0&retrans=0&sent_bytes=269336&recv_bytes=2940&delivery_rate=720269&cwnd=132000&unsent_bytes=0&cid=103bbd9b95669f5f&ts=1780&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| my.rtmark.net/gid.js | 172.64.146.234 | 200 OK | 65 B |
IP172.64.146.234:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82 ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT
Hash078802ab84901b8d4851dd1626982994 dfb9ba7f003fd30e2c39bfb8c92c66b11eec16c3 be7c4d446133cb844b44f4e5841349945794bd9fdb68a1d3ed9fea696cbe5fb0
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: ID=0801d95c930b4b08fbc308a7098c893a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doply.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801d95c930b4b08fbc308a7098c893a; expires=Sat, 30 May 2026 10:29:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 947d8ce9bc06568b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| undefined/NTU4cUxUV1scc1QIWlc5R1kFVH5zEAo3KEAFSAQoBUZcHSFPUxYSIFpAXBc+WltMXyJQQR1DCnp7CxUmVG1yJAt0BWglGXhQekAeeXR9Px5tYFsjDk1wdTcNWmF8MydQYVQaAnF0YSMEZ3R/OQlRfnIiP1Z3QEEPfUJMRglxXnonCXh7ekAednBqAg93TW06GWRscDQdRXJqICtiY20BFGFCXCYfUgF/MgoBV3wGJG13bDcbZwVxIh5je3ozGgFvegYVc2d+Ox5iZ0A1GVlzYiA7UW9tQTR3UW47HmJkbhQLY2NcJztkBGodOHZhCDcUYXB+QBlZGH4rDXBzayQPXXF6NAJ7Ym4CH2djdT4KBGRbNQlNdFskGmFifTgEZ1l2KBpCY3AzHXR0bRkJeHBuEgp4Y3IQHl1ZcCMeTWV6FmpfRlcfPAhzeh98X1ROCABSb1A | 0.0.0.0 | | 0 B |
URL GET undefined/NTU4cUxUV1scc1QIWlc5R1kFVH5zEAo3KEAFSAQoBUZcHSFPUxYSIFpAXBc+WltMXyJQQR1DCnp7CxUmVG1yJAt0BWglGXhQekAeeXR9Px5tYFsjDk1wdTcNWmF8MydQYVQaAnF0YSMEZ3R/OQlRfnIiP1Z3QEEPfUJMRglxXnonCXh7ekAednBqAg93TW06GWRscDQdRXJqICtiY20BFGFCXCYfUgF/MgoBV3wGJG13bDcbZwVxIh5je3ozGgFvegYVc2d+Ox5iZ0A1GVlzYiA7UW9tQTR3UW47HmJkbhQLY2NcJztkBGodOHZhCDcUYXB+QBlZGH4rDXBzayQPXXF6NAJ7Ym4CH2djdT4KBGRbNQlNdFskGmFifTgEZ1l2KBpCY3AzHXR0bRkJeHBuEgp4Y3IQHl1ZcCMeTWV6FmpfRlcfPAhzeh98X1ROCABSb1A IP0.0.0.0:0
Requested byhttps://doply.net/e/8fcdiimj3wyv
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /NTU4cUxUV1scc1QIWlc5R1kFVH5zEAo3KEAFSAQoBUZcHSFPUxYSIFpAXBc+WltMXyJQQR1DCnp7CxUmVG1yJAt0BWglGXhQekAeeXR9Px5tYFsjDk1wdTcNWmF8MydQYVQaAnF0YSMEZ3R/OQlRfnIiP1Z3QEEPfUJMRglxXnonCXh7ekAednBqAg93TW06GWRscDQdRXJqICtiY20BFGFCXCYfUgF/MgoBV3wGJG13bDcbZwVxIh5je3ozGgFvegYVc2d+Ox5iZ0A1GVlzYiA7UW9tQTR3UW47HmJkbhQLY2NcJztkBGodOHZhCDcUYXB+QBlZGH4rDXBzayQPXXF6NAJ7Ym4CH2djdT4KBGRbNQlNdFskGmFifTgEZ1l2KBpCY3AzHXR0bRkJeHBuEgp4Y3IQHl1ZcCMeTWV6FmpfRlcfPAhzeh98X1ROCABSb1A HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiNp0NhY9yahSYzXxeARMw5JvIiQJKS6Wz0A9Ud93RSjx63Gov0rFSYkG-Z4ThRUzDUZA_GXjw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1966752956%3A1748600965570969 | 142.250.147.84 | 403 Forbidden | 0 B |
URL GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiNp0NhY9yahSYzXxeARMw5JvIiQJKS6Wz0A9Ud93RSjx63Gov0rFSYkG-Z4ThRUzDUZA_GXjw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1966752956%3A1748600965570969 IP142.250.147.84:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12 ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiNp0NhY9yahSYzXxeARMw5JvIiQJKS6Wz0A9Ud93RSjx63Gov0rFSYkG-Z4ThRUzDUZA_GXjw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1966752956%3A1748600965570969 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 May 2025 10:29:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-un86ZkZmA8pR-sUAPyimSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.4AFqKlLDbhI.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| appointeeivyspongy.com/chicken.gif?z=1841679&pid=__clb-1841679_1&pb=d3e93ae540697ac66ab30e7ff1cb6d2e1748608163&pbc=qd8nD2jhMBOjpDlo&pbu=oBUTl2NGmrGjpDlo&psp=o8u4JJEd0pZVC4gaLQQB-JoPBq9uX78wzx9yaP45mRk1Mi1PyPPaTQ4XpRE1FjIGN9JZK_-anolMtZPRu3tbSoLMuPm-czo_M4LZOS4nep7wypysTFiYbX6X_EW_n2odSJxV5SKtbfMKmQ8aT0Qw2lSi_U5rfg6nqD34XpB3HxSuskuRkKg3xCboYusix2H2aw6X300suUzKEFIpXLZlbSkGDSyff3cmRyEsVXFsnpXIM78oXgCaIhD_NION13q8VFwMoZG8ZRd7aXhth6TMyVTOyhDR1NGLrm6dk1jgSX_-Je6KesGYaVYuJKol1xBvs7CXVjlwq4-WEnWd9-MhqUqgq7v9H7mWVXmj-OzpemqJvcQ06XEXcE1aeRVkUEzZ-rwjlsduQecllhtq98_lFdIXQjvTnANeynmvxid9BKY0wyV54zk3MjAIXBzO6_LmxUhc0yOSqDZuOyOIkp2-ei_IPq7AbFuV1peWv2XwnlOV15yY-5cV56IdIRpQmGLiBhMVBxxqySuE7DRTyqB7Tuk3Y0QXoNqJyGnrbNClOEKelCHeJrGI85IhYxojpCcYTW1LNrdKahQzVjtuqoiZRKPybywouAdipxLs5iMnqCe-KfY9suCgW3NGW_a1fxmcYz-CdrCpasO2VMBrWUM0_LbAttJNWj9LOd0xJKAkQyLIl2uay19HQU3XRsnMvwp7HryTmrfcecYBnpg4hztgDGpFS4he0rwDJ8hIVmZ1yDMoOvYSVa7s95-VKJykghVkL5HOL59fv8yLjLBQV4wFyd5wK0ICC5Wmsg0tKpxjUWo9-L7SlyHd9r4SZP0BHeIrZOUjnYmPYUuQMMwiEA6H9J6EtTR8RkSLMgeIY1hQN1yuDQbtsU5JL-I2nU2AUqsNVEqa8HYJYpcBLCo=&freq=0&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=ydT7dj4aHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=8277370637440512&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&tp=0&vp=0&dto=2&im=1&noch=1&de=0&cs=5&pload=850&bp=2 | 94.242.247.24 | 200 OK | 43 B |
URL GET appointeeivyspongy.com/chicken.gif?z=1841679&pid=__clb-1841679_1&pb=d3e93ae540697ac66ab30e7ff1cb6d2e1748608163&pbc=qd8nD2jhMBOjpDlo&pbu=oBUTl2NGmrGjpDlo&psp=o8u4JJEd0pZVC4gaLQQB-JoPBq9uX78wzx9yaP45mRk1Mi1PyPPaTQ4XpRE1FjIGN9JZK_-anolMtZPRu3tbSoLMuPm-czo_M4LZOS4nep7wypysTFiYbX6X_EW_n2odSJxV5SKtbfMKmQ8aT0Qw2lSi_U5rfg6nqD34XpB3HxSuskuRkKg3xCboYusix2H2aw6X300suUzKEFIpXLZlbSkGDSyff3cmRyEsVXFsnpXIM78oXgCaIhD_NION13q8VFwMoZG8ZRd7aXhth6TMyVTOyhDR1NGLrm6dk1jgSX_-Je6KesGYaVYuJKol1xBvs7CXVjlwq4-WEnWd9-MhqUqgq7v9H7mWVXmj-OzpemqJvcQ06XEXcE1aeRVkUEzZ-rwjlsduQecllhtq98_lFdIXQjvTnANeynmvxid9BKY0wyV54zk3MjAIXBzO6_LmxUhc0yOSqDZuOyOIkp2-ei_IPq7AbFuV1peWv2XwnlOV15yY-5cV56IdIRpQmGLiBhMVBxxqySuE7DRTyqB7Tuk3Y0QXoNqJyGnrbNClOEKelCHeJrGI85IhYxojpCcYTW1LNrdKahQzVjtuqoiZRKPybywouAdipxLs5iMnqCe-KfY9suCgW3NGW_a1fxmcYz-CdrCpasO2VMBrWUM0_LbAttJNWj9LOd0xJKAkQyLIl2uay19HQU3XRsnMvwp7HryTmrfcecYBnpg4hztgDGpFS4he0rwDJ8hIVmZ1yDMoOvYSVa7s95-VKJykghVkL5HOL59fv8yLjLBQV4wFyd5wK0ICC5Wmsg0tKpxjUWo9-L7SlyHd9r4SZP0BHeIrZOUjnYmPYUuQMMwiEA6H9J6EtTR8RkSLMgeIY1hQN1yuDQbtsU5JL-I2nU2AUqsNVEqa8HYJYpcBLCo=&freq=0&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=ydT7dj4aHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=8277370637440512&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&tp=0&vp=0&dto=2&im=1&noch=1&de=0&cs=5&pload=850&bp=2 IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30 ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1841679&pid=__clb-1841679_1&pb=d3e93ae540697ac66ab30e7ff1cb6d2e1748608163&pbc=qd8nD2jhMBOjpDlo&pbu=oBUTl2NGmrGjpDlo&psp=o8u4JJEd0pZVC4gaLQQB-JoPBq9uX78wzx9yaP45mRk1Mi1PyPPaTQ4XpRE1FjIGN9JZK_-anolMtZPRu3tbSoLMuPm-czo_M4LZOS4nep7wypysTFiYbX6X_EW_n2odSJxV5SKtbfMKmQ8aT0Qw2lSi_U5rfg6nqD34XpB3HxSuskuRkKg3xCboYusix2H2aw6X300suUzKEFIpXLZlbSkGDSyff3cmRyEsVXFsnpXIM78oXgCaIhD_NION13q8VFwMoZG8ZRd7aXhth6TMyVTOyhDR1NGLrm6dk1jgSX_-Je6KesGYaVYuJKol1xBvs7CXVjlwq4-WEnWd9-MhqUqgq7v9H7mWVXmj-OzpemqJvcQ06XEXcE1aeRVkUEzZ-rwjlsduQecllhtq98_lFdIXQjvTnANeynmvxid9BKY0wyV54zk3MjAIXBzO6_LmxUhc0yOSqDZuOyOIkp2-ei_IPq7AbFuV1peWv2XwnlOV15yY-5cV56IdIRpQmGLiBhMVBxxqySuE7DRTyqB7Tuk3Y0QXoNqJyGnrbNClOEKelCHeJrGI85IhYxojpCcYTW1LNrdKahQzVjtuqoiZRKPybywouAdipxLs5iMnqCe-KfY9suCgW3NGW_a1fxmcYz-CdrCpasO2VMBrWUM0_LbAttJNWj9LOd0xJKAkQyLIl2uay19HQU3XRsnMvwp7HryTmrfcecYBnpg4hztgDGpFS4he0rwDJ8hIVmZ1yDMoOvYSVa7s95-VKJykghVkL5HOL59fv8yLjLBQV4wFyd5wK0ICC5Wmsg0tKpxjUWo9-L7SlyHd9r4SZP0BHeIrZOUjnYmPYUuQMMwiEA6H9J6EtTR8RkSLMgeIY1hQN1yuDQbtsU5JL-I2nU2AUqsNVEqa8HYJYpcBLCo=&freq=0&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=ydT7dj4aHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=8277370637440512&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&tp=0&vp=0&dto=2&im=1&noch=1&de=0&cs=5&pload=850&bp=2 HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cart=1; cart_p=2; CHCK=1; UID=2505300529d29e00a5ab3b45ba81c782ea3d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:25 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ADMZOgAAAAAAAAAB; Path=/; Expires=Sun, 29 Jun 2025 10:29:25 GMT; Secure; SameSite=None
OACIBLOCK=ADMZOgAAAABoOTtQ; Path=/; Expires=Sun, 29 Jun 2025 10:29:25 GMT; Secure; SameSite=None
BCAI=ADMZOgAAAAAAAAAB; Path=/; Expires=Sat, 31 May 2025 10:29:25 GMT; Secure; SameSite=None
BMI=AEV3JQAAAAAAAAAB; Path=/; Expires=Sat, 31 May 2025 10:29:25 GMT; Secure; SameSite=None
BCRI=c6zKEQAAAAAAAAAB; Path=/; Expires=Sat, 31 May 2025 10:29:25 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| betotodilea.com/400/4857535 | 139.45.197.104 | 200 OK | 145 kB |
URL GET betotodilea.com/400/4857535 IP139.45.197.104:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectbetotodilea.com Fingerprint52:DD:84:C3:DF:8B:D7:F5:39:6F:8F:B6:E3:0A:14:B3:B2:C8:75:06 ValidityWed, 09 Apr 2025 02:23:21 GMT - Tue, 08 Jul 2025 02:23:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size145 kB (145411 bytes) Hasha0cd2de109a943b2023b454d64d7cd76 7c81cbfcddbcffce78878518a0b222dadd2e7c91 15817abd3e8ffa6a7be6fd2c929669f567598d3227acded784b529077285bd97
GET /400/4857535 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript
x-trace-id: a4d395928f60aa2f554cadd1fa38caeb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0301d92c3b384c93f21f7eb0c456008e; expires=Sat, 30 May 2026 10:29:23 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/fonts/avertastd-regular-webfont.woff2 | 172.67.75.50 | 200 OK | 24 kB |
URL GET i.doodcdn.io/fonts/avertastd-regular-webfont.woff2 IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23812, version 1.524 Hasheb586e5a1b86dbf1c866e3ed80f9d18e 280ee78d19c017ab9335f769595e5157d3c4a343 714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
GET /fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:24 GMT
content-type: font/woff2
content-length: 23812
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd9bc6f0b55-OSL
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cache-control: max-age=2592000
expires: Sat, 28 Jun 2025 06:05:51 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 67968
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6HLqKo%2BR4ZFviSbikDdB1VKVDb2HWgF0MMx2Tb36r6KCrddHZNDcZ6njGTtURGa8A%2FBhuQNI1BHg%2BjTYzjKePVcITZVSRl%2FcEZRSJ2cbCq3rb8Gpvthfu7DB3P4zAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6371&min_rtt=1322&rtt_var=4429&sent=217&recv=17&lost=0&retrans=0&sent_bytes=244179&recv_bytes=2622&delivery_rate=76891252&cwnd=132000&unsent_bytes=0&cid=103bbd9b95669f5f&ts=1357&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| ukankingwithea.com/ | 104.21.112.1 | 200 OK | 27 B |
IP104.21.112.1:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70 ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File typeASCII text, with no line terminators Hash3851a6bceccbe53cb18139d0318d2755 4fa780a0191bee7e4a1acef20558ca09297d3670 891771ae0c7239ea7f0940055af6974a54b6e21f0c5ed542ce93b239736702ca
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:25 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://doply.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eXNRRhvZFKAJtnC9VS3uvbw6FOtlBwvfedyOxPOJ4G8lHFN0qCj4QSy91lYecZ%2B4Wze1wU4saTUNLNZjYHwYlPVQNsBSdm2Satg%2FwXAdAdI%3D"}]}
content-encoding: br
set-cookie: csu=1504684468660336@1@1748600965; SameSite=None; Secure; Max-Age=31104000
cf-ray: 947d8ce0ff480b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiO6Ohg0ZIHLdPWzFWXdmcLFcBm4LEgQI1RGrAU1YiEi_BvST-2zdHJgCwUOCldNsfvJOi-Zpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S537499916%3A1748600965613998 | 142.250.147.84 | 403 Forbidden | 0 B |
URL GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiO6Ohg0ZIHLdPWzFWXdmcLFcBm4LEgQI1RGrAU1YiEi_BvST-2zdHJgCwUOCldNsfvJOi-Zpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S537499916%3A1748600965613998 IP142.250.147.84:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subject*.google.com Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12 ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdBytiO6Ohg0ZIHLdPWzFWXdmcLFcBm4LEgQI1RGrAU1YiEi_BvST-2zdHJgCwUOCldNsfvJOi-Zpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S537499916%3A1748600965613998 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 May 2025 10:29:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-qYYdVHdOzEnLrDWfj1Vy6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.4AFqKlLDbhI.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pringed.space/VWFKZVguQzkSByATJkdidwk%2BESgmW2VKPDoRJhx2OwQ%2BSisiTyAWenlDOQg%2Bd1t7SXomDDxHYndVZFV6eUM%2BBD8KCC5HYndYeFNgZ1FoSXomFCg6MTFTaF96M1QuVGFmVihIamYFKEhsNAd5SGEzUHpIaWEFelNhZVYrUzpnQzc | 52.22.84.30 | 200 OK | 64 kB |
URL GET pringed.space/VWFKZVguQzkSByATJkdidwk%2BESgmW2VKPDoRJhx2OwQ%2BSisiTyAWenlDOQg%2Bd1t7SXomDDxHYndVZFV6eUM%2BBD8KCC5HYndYeFNgZ1FoSXomFCg6MTFTaF96M1QuVGFmVihIamYFKEhsNAd5SGEzUHpIaWEFelNhZVYrUzpnQzc IP52.22.84.30:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectpringed.space Fingerprint81:07:1E:81:74:98:8C:EF:C9:03:0E:E3:20:3F:CE:26:B8:10:67:EB ValidityTue, 22 Apr 2025 13:26:20 GMT - Mon, 21 Jul 2025 13:26:19 GMT
File typeJavaScript source, ASCII text, with very long lines (63765), with no line terminators Hash16853f852ae38aebc4ef451342b9c6f8 d24a6e5ad7a5b4b8582524f7e74dc5f9fd713e67 14aee8846af68b344356dc417317b32978834b5d22f745fccb273b680f3bca66
GET /VWFKZVguQzkSByATJkdidwk%2BESgmW2VKPDoRJhx2OwQ%2BSisiTyAWenlDOQg%2Bd1t7SXomDDxHYndVZFV6eUM%2BBD8KCC5HYndYeFNgZ1FoSXomFCg6MTFTaF96M1QuVGFmVihIamYFKEhsNAd5SGEzUHpIaWEFelNhZVYrUzpnQzc HTTP/1.1
Host: pringed.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: de7704700f063a02d3c531faeff14d7e=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"f915-0kpuWteltLhYJST3503F+f1xPmc"
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
|
|
| appointeeivyspongy.com/check.html | 94.242.247.24 | 200 OK | 926 B |
URL GET appointeeivyspongy.com/check.html IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30 ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeHTML document, ASCII text Hash088dba8e97eede53134c93219f7ebbae adb707654d1fe0af7d0d7a9f55660d22bd3625e4 6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff
GET /check.html HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:23 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 19 May 2025 08:12:42 GMT
vary: Accept-Encoding
etag: W/"682ae7fa-39e"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| epartoukfarepu.com/OGJCaFdZACEFaFlfIE4iSg5/TWV+R3AuM01SMh0zCBEmBDpCBGwLO1cXJg4lVww2RjldFmdaEUw4KRhkWSVyLh1qCQ09P3EIB1kBbTQsIh9gNDIpGF83DCtmSxcFKjB6KnA5DXwwLikeeTMKKS9iURIRIFchKwtldSELIRx8NCQnPHlHcCoTaRoTPjpPAAE5GnoGcy0ZeRUUWwVTVg8pPlApGi0kay0qDxNtIxcbFWlSFy0ucS0KOWJ5MjoyAXkjKR8fXzMAKmUBJA4EP3EHLiI2YDd2UR9fOwgrAwgnFj5ubygDJhlgUxhfBQg4JjlkU1MWPm5vMhBFY381cyIhaiEyIQFwDRIwO1QmJzwBdjpzMWN5N3MNHQsWBzASdjUbWR1ZOhMtIX4jDysGCwU6PzsJOicDM2I6FAwhajQlJBNCBREsMHEHIFgCTToEPnIKIBU+P3QncQwQHggxBzlIXwosElQPAzAYVgAAXwA | 108.156.22.70 | 200 OK | 3.1 kB |
URL GET epartoukfarepu.com/OGJCaFdZACEFaFlfIE4iSg5/TWV+R3AuM01SMh0zCBEmBDpCBGwLO1cXJg4lVww2RjldFmdaEUw4KRhkWSVyLh1qCQ09P3EIB1kBbTQsIh9gNDIpGF83DCtmSxcFKjB6KnA5DXwwLikeeTMKKS9iURIRIFchKwtldSELIRx8NCQnPHlHcCoTaRoTPjpPAAE5GnoGcy0ZeRUUWwVTVg8pPlApGi0kay0qDxNtIxcbFWlSFy0ucS0KOWJ5MjoyAXkjKR8fXzMAKmUBJA4EP3EHLiI2YDd2UR9fOwgrAwgnFj5ubygDJhlgUxhfBQg4JjlkU1MWPm5vMhBFY381cyIhaiEyIQFwDRIwO1QmJzwBdjpzMWN5N3MNHQsWBzASdjUbWR1ZOhMtIX4jDysGCwU6PzsJOicDM2I6FAwhajQlJBNCBREsMHEHIFgCTToEPnIKIBU+P3QncQwQHggxBzlIXwosElQPAzAYVgAAXwA IP108.156.22.70:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerAmazon Subjectepartoukfarepu.com FingerprintF2:21:93:3F:5D:DF:88:DE:E5:0D:7D:20:F9:57:B5:6B:5F:C1:0F:43 ValidityWed, 14 May 2025 00:00:00 GMT - Fri, 12 Jun 2026 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3063), with no line terminators Hashc6ccade461d729785ba0b53b891cfa8f 1a6c3f56a9b90033e33acd8edff36f73b616883c 37ba16f05c2418832d4554ccd0a484e449136b82fc453e54142a8eb1b2f802a9
GET /OGJCaFdZACEFaFlfIE4iSg5/TWV+R3AuM01SMh0zCBEmBDpCBGwLO1cXJg4lVww2RjldFmdaEUw4KRhkWSVyLh1qCQ09P3EIB1kBbTQsIh9gNDIpGF83DCtmSxcFKjB6KnA5DXwwLikeeTMKKS9iURIRIFchKwtldSELIRx8NCQnPHlHcCoTaRoTPjpPAAE5GnoGcy0ZeRUUWwVTVg8pPlApGi0kay0qDxNtIxcbFWlSFy0ucS0KOWJ5MjoyAXkjKR8fXzMAKmUBJA4EP3EHLiI2YDd2UR9fOwgrAwgnFj5ubygDJhlgUxhfBQg4JjlkU1MWPm5vMhBFY381cyIhaiEyIQFwDRIwO1QmJzwBdjpzMWN5N3MNHQsWBzASdjUbWR1ZOhMtIX4jDysGCwU6PzsJOicDM2I6FAwhajQlJBNCBREsMHEHIFgCTToEPnIKIBU+P3QncQwQHggxBzlIXwosElQPAzAYVgAAXwA HTTP/1.1
Host: epartoukfarepu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1210
date: Fri, 30 May 2025 10:29:24 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=AKhf7Yq5Gls5PCbtdcX1sjIlh91KW0eSbnqLQldRwKjyrManoe4HmeRfAsFSsi1DKwP+W1e8Nc342IWylN6uKVtIPIWaYppGy3iLLrNKx/lcNWljE6bL6mgrIVHp; Expires=Fri, 06 Jun 2025 10:29:24 GMT; Path=/
AWSALBCORS=AKhf7Yq5Gls5PCbtdcX1sjIlh91KW0eSbnqLQldRwKjyrManoe4HmeRfAsFSsi1DKwP+W1e8Nc342IWylN6uKVtIPIWaYppGy3iLLrNKx/lcNWljE6bL6mgrIVHp; Expires=Fri, 06 Jun 2025 10:29:24 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a3ecfb1a4acff795e79a73839fdf21a.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL51-P1
x-amz-cf-id: JmJHZEOgCogYgwTaBQj_uJR1hqYV-0_oKx_7fKB_X7Nk6ewZ3CuM1g==
X-Firefox-Spdy: h2
|
|
| tomlldahehun.org/multi?cs=eVpUUllJY2xhbkBuZmdpTW1gYms&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=1&tid=901258&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fdoply.net%2Fe%2F8fcdiimj3wyv&osr=doply.net&jst=8&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_TiVE=1748600965521&crc=1 | 108.157.214.7 | 200 OK | 3.9 kB |
URL GET tomlldahehun.org/multi?cs=eVpUUllJY2xhbkBuZmdpTW1gYms&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=1&tid=901258&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fdoply.net%2Fe%2F8fcdiimj3wyv&osr=doply.net&jst=8&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_TiVE=1748600965521&crc=1 IP108.157.214.7:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerAmazon Subjecttomlldahehun.org Fingerprint6B:F0:7B:63:2B:19:E1:74:83:15:1A:BF:1B:B4:E6:71:68:14:57:3D ValiditySun, 06 Apr 2025 00:00:00 GMT - Tue, 05 May 2026 23:59:59 GMT
File typeASCII text, with very long lines (3899), with no line terminators Hasha3aa07f75963aa1a1d2248f50bc82e4a 39a6e193117110bebbbcf281b098100886f01059 fe97683faf04c06e430934f3b8c3000ad4bd46a9c41c9cdc3a22b8d1373832a7
GET /multi?cs=eVpUUllJY2xhbkBuZmdpTW1gYms&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=1&tid=901258&rxy=1280_1024&fs=1&ref=https%3A%2F%2Fdoply.net%2Fe%2F8fcdiimj3wyv&osr=doply.net&jst=8&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_TiVE=1748600965521&crc=1 HTTP/1.1
Host: tomlldahehun.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
content-length: 1909
date: Fri, 30 May 2025 10:29:25 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=qTZmlVVNjMlcI1oO+XZisiJnMtgMo7X4H6xZtUk/IvzEeaJamgqk2LlLzG9ask/X+rAtECXlr2JJ9Iz9GY+E0rlPVrwsJasPWmeGmhRoWXrAK3tFrkJ+9hV0hWxI; Expires=Fri, 06 Jun 2025 10:29:25 GMT; Path=/
AWSALBCORS=qTZmlVVNjMlcI1oO+XZisiJnMtgMo7X4H6xZtUk/IvzEeaJamgqk2LlLzG9ask/X+rAtECXlr2JJ9Iz9GY+E0rlPVrwsJasPWmeGmhRoWXrAK3tFrkJ+9hV0hWxI; Expires=Fri, 06 Jun 2025 10:29:25 GMT; Path=/; SameSite=None
csu=6b39619b-ce50-495c-a7aa-0d8cc9e5e1cd
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://doply.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8ea75fde43c768e7e1d041f8b7a07bd6.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: lgNAWlEymGdc8xXVajZ13oN-2eoGmP3RiQ6TxOiiF3PNOtLsvBijEQ==
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=u0zg926526hx377438944p3e8scdx246 | 172.64.146.234 | 200 OK | 65 B |
URL GET my.rtmark.net/gid.js?userId=u0zg926526hx377438944p3e8scdx246 IP172.64.146.234:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82 ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT
Hash078802ab84901b8d4851dd1626982994 dfb9ba7f003fd30e2c39bfb8c92c66b11eec16c3 be7c4d446133cb844b44f4e5841349945794bd9fdb68a1d3ed9fea696cbe5fb0
GET /gid.js?userId=u0zg926526hx377438944p3e8scdx246 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: ID=0801d95c930b4b08fbc308a7098c893a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doply.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801d95c930b4b08fbc308a7098c893a; expires=Sat, 30 May 2026 10:29:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 947d8ce7b837568b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| doply.net/d/8fcdiimj3wyv?ad_format=video-outstream&spot=3&event_type=error_FAILED_TO_LOAD_VIDEO | 172.67.68.122 | 302 Found | 0 B |
URL POST doply.net/d/8fcdiimj3wyv?ad_format=video-outstream&spot=3&event_type=error_FAILED_TO_LOAD_VIDEO IP172.67.68.122:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoply.net Fingerprint4E:5D:5F:2C:19:38:42:0B:22:C2:28:41:55:6E:DA:EC:FA:5E:1A:AF ValiditySun, 18 May 2025 10:09:34 GMT - Sat, 16 Aug 2025 11:07:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /d/8fcdiimj3wyv?ad_format=video-outstream&spot=3&event_type=error_FAILED_TO_LOAD_VIDEO HTTP/1.1
Host: doply.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 100
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/d/8fcdiimj3wyv
Cookie: lang=1; dref_url=none; UGVyc2lzdFN0b3JhZ2U=%7B%22CAIFRQ%22%3A%22ADNFZwAAAAAAAAABADMZOgAAAAAAAAAB%22%2C%22CAIFRT%22%3A%22ADNFZwAAAABoOY%252BwADMZOgAAAABoOozQ%22%7D; ts_popunder-cnt=0; ts_popunder=Fri%20May%2030%202025%2010%3A30%3A25%20GMT%2B0000%20(GMT); bnState_1841679={"impressions":1,"delayStarted":0}; bnState_1841674={"impressions":1,"delayStarted":0}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 30 May 2025 10:29:27 GMT
content-length: 0
location: https://doodstream.com/
server: cloudflare
cf-ray: 947d8cecdbf956b7-OSL
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dvteFU%2BO6Rm7PL8%2Fau5BnPWiJVUWvBlEDi8BRYv7hokOOeK9GgRJNgBHvRewJiC69lZpuCOwREOo9jJWSAdUq%2BilrfeRiM7ij%2FqGhRblRG1TVcbiHc9WCt1xiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=584&min_rtt=455&rtt_var=60&sent=85&recv=76&lost=0&retrans=0&sent_bytes=83080&recv_bytes=2818&delivery_rate=22984126&cwnd=257&unsent_bytes=0&cid=3dfafc40a8dfcaaf&ts=5556&x=0"
X-Firefox-Spdy: h2
|
|
| isolatedovercomepasted.com/lv/esnk/1841674/code.js | 94.242.247.24 | 200 OK | 167 kB |
URL GET isolatedovercomepasted.com/lv/esnk/1841674/code.js IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject FingerprintBB:6D:E1:77:DE:80:15:9D:0B:90:58:D2:8F:D7:8F:9A:59:F5:B5:53 ValidityMon, 03 Mar 2025 23:53:40 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size167 kB (166677 bytes) Hash8b2ad291066a2eea40d9d9cb7e0042fb 956e0a2ba03779f80768e57ba7c76115382f7e9a b9615a47cc061a330bfe234c8dec883b24ae12b6b98f7c934831c465916b385b
GET /lv/esnk/1841674/code.js HTTP/1.1
Host: isolatedovercomepasted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 22 May 2025 10:24:41 GMT
vary: Accept-Encoding
etag: W/"682efb69-28bbb"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| d18t35yyry2k49.cloudfront.net/?ryytd=919673 | 3.167.7.70 | 204 No Content | 0 B |
URL GET d18t35yyry2k49.cloudfront.net/?ryytd=919673 IP3.167.7.70:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72 ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?ryytd=919673 HTTP/1.1
Host: d18t35yyry2k49.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 30 May 2025 10:29:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 bb7e95405d9101d4320e2582fcead450.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: iDqpPo64mcqHuFUBpM1gzfiFPAdmSJEwV1FbWsJeDERgyzqLDP3pWA==
X-Firefox-Spdy: h2
|
|
| cdn.tsyndicate.com/sdk/v1/p.js | 45.133.44.70 | 200 OK | 12 kB |
URL GET cdn.tsyndicate.com/sdk/v1/p.js IP45.133.44.70:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectcdn.tsyndicate.com FingerprintC8:21:B5:22:CE:B2:90:D0:CE:CF:F7:57:FA:B4:14:52:BA:AF:3B:EF ValidityFri, 04 Apr 2025 07:32:05 GMT - Thu, 03 Jul 2025 07:32:04 GMT
File typeJavaScript source, ASCII text, with very long lines (12242) Hash86d871d26d14d0f6129ede98ab46bd25 7140c1e643a3ef5394b15d86e7e53db932e25d84 1255376ace55a89f78ef754bf13aa350163b9fa096fa0841ff6475ad1be44911
GET /sdk/v1/p.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Fri, 02 May 2025 10:05:50 GMT
etag: W/"681498fe-301e"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Sun, 01 Jun 2025 10:29:23 GMT
vary: Accept-Encoding
x-cdn-host-id: ah1742,ds9893
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| static.doodcdn.io/js/embed3.js | 172.67.75.50 | 200 OK | 113 kB |
URL GET static.doodcdn.io/js/embed3.js IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (27236) Size113 kB (112942 bytes) Hash2cdc3aa1ffb8ca7b629675d83b2862dc be0a9072b9559c544d1c852c4559f5a64833c888 f23168d2b1910ff6e49bab3debce5786f7859e9e65ceda07a5554b66fd60f876
GET /js/embed3.js HTTP/1.1
Host: static.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript
content-length: 112942
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd65cc1b4fd-OSL
last-modified: Wed, 05 Mar 2025 20:27:01 GMT
etag: "67c8b395-1b92e"
expires: Sat, 28 Jun 2025 06:51:07 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 33234
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spbCF3NPV8hGk5dk2FVUPIdsaqNb%2BpGtEjaJ%2Bijv5dOhzIQj3WkRCeULwIqWs9QEV4tfuxHnBM8uguckURG7ZXeCNyy3Yri1i5PRVwAObpynDfmDJrbxVIvjJ9LNVgCkvPwN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3963&min_rtt=3121&rtt_var=1500&sent=33&recv=10&lost=0&retrans=0&sent_bytes=24757&recv_bytes=1920&delivery_rate=761996&cwnd=24000&unsent_bytes=0&cid=d1ab40f45877a52d&ts=1183&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| ukankingwithea.com/asd100.bin | 104.21.112.1 | 404 Not Found | 561 B |
URL GET ukankingwithea.com/asd100.bin IP104.21.112.1:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70 ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash9f3fb0948a012f975250df83e4adec47 09fda5065170e45e4847b550cc5a232aecc76bb8 d3dae34448fafbf40e6fef9a015397d39003ce732cbb59cd37e027bed55a7bed
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 30 May 2025 10:29:25 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 113
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=I13Odlh65pPGWeOgRb3A42ZOMeer4BuTvNsv0YB7B78iBh1XruJ5Ezg%2FNu02JTDYtiAfdCK%2FToODonvQYSYNWg9rwY8KL8h%2FFKlLkD2x%2FjI%3D"}]}
content-encoding: br
cf-ray: 947d8ce10f6d0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9e4bd5bb-30c7-405e-b198-a7c5be3e516f | 139.45.195.252 | 200 OK | 12 B |
URL POST fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9e4bd5bb-30c7-405e-b198-a7c5be3e516f IP139.45.195.252:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint23:5D:23:03:7B:8D:47:5A:E9:9C:E7:E0:5C:7E:E6:4F:A2:DC:B6:D0 ValidityWed, 11 Dec 2024 00:00:00 GMT - Sun, 11 Jan 2026 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9e4bd5bb-30c7-405e-b198-a7c5be3e516f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1412
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Fri, 30 May 2025 10:29:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://doply.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| betotodilea.com/impression/zoTI2RHSrZy5a6vHZmYPkWjXHYypsRntbUwNweswAlgFMHwMwzAT7tswdmKrqiHqAnsk8rOdIxc4zsyAqDPqi0WQmg33Rq2QhFtrnZuiEF4JqUQ3ysDZutoTxC--GPch67bRI9L84okswOAqaKpIO3tLiqc7N4wArkd4QBdXqamdhyKuGUsRDijM5rr3hbJtJDNtjzhQv6g---V4GRnMGyO-BAZeb6NxXOjvcyEZdQwV1Vv8Oc-XsgjKZrI_xUU5aLupAQkvtNdDm5uGtp_3zOP74_dJf58yh3U8A42DSq1OI2ZWxawHPgO-eFgALvTzgTuWRtcauDf2ifKjyucxaXhmQB4HRf_Eh5iqCCnhYfSI-Ubow7pK1_cFPQiF7W2B4DFWTkbuk1bT9rUADx7CIWsGRH0FjD6MSWmdGZv2UfO_kfN2XKfxCWkAieTQOvOKRGHO-tDS3NhSKCjB4FcWdBS6iRnn-7LCW9sCXNr-s94aZX-v7cbaOHimNmbFk8TYA8uTzn6B-UfJFs4-fx2AxuNOfaImqp1raXW-nhL3dcYbeZ_badNzS4dLhpTIvxqvorxzOxMoDNcnFsvxsNS9svp0cMB8STSi9cCHTwPmnq3axoFoAmqGLpaEvCannFG3ZA6kRgR-hFZ37_kLCACVabpKqCShgRFnIjjt0AcKpOxWOYxiYuHPKpGbhGcr2xDLU_razVyIN6oz26t_UJbqRhCN698gzTmTW0EsPC1tVlmCrwZW3xf2UX4ojkhSyDOJSA8YWIKuphyREFZv8fXbXrgXiQigaMI6bVaRhJVYd_9-7IvM23Vb5hHvCtjxyPdRc9d1qCRYMAgrbFUbMn_a9en0C1A270QtShmrVQ==?_z=4857535&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.104 | 200 OK | 43 B |
URL GET betotodilea.com/impression/zoTI2RHSrZy5a6vHZmYPkWjXHYypsRntbUwNweswAlgFMHwMwzAT7tswdmKrqiHqAnsk8rOdIxc4zsyAqDPqi0WQmg33Rq2QhFtrnZuiEF4JqUQ3ysDZutoTxC--GPch67bRI9L84okswOAqaKpIO3tLiqc7N4wArkd4QBdXqamdhyKuGUsRDijM5rr3hbJtJDNtjzhQv6g---V4GRnMGyO-BAZeb6NxXOjvcyEZdQwV1Vv8Oc-XsgjKZrI_xUU5aLupAQkvtNdDm5uGtp_3zOP74_dJf58yh3U8A42DSq1OI2ZWxawHPgO-eFgALvTzgTuWRtcauDf2ifKjyucxaXhmQB4HRf_Eh5iqCCnhYfSI-Ubow7pK1_cFPQiF7W2B4DFWTkbuk1bT9rUADx7CIWsGRH0FjD6MSWmdGZv2UfO_kfN2XKfxCWkAieTQOvOKRGHO-tDS3NhSKCjB4FcWdBS6iRnn-7LCW9sCXNr-s94aZX-v7cbaOHimNmbFk8TYA8uTzn6B-UfJFs4-fx2AxuNOfaImqp1raXW-nhL3dcYbeZ_badNzS4dLhpTIvxqvorxzOxMoDNcnFsvxsNS9svp0cMB8STSi9cCHTwPmnq3axoFoAmqGLpaEvCannFG3ZA6kRgR-hFZ37_kLCACVabpKqCShgRFnIjjt0AcKpOxWOYxiYuHPKpGbhGcr2xDLU_razVyIN6oz26t_UJbqRhCN698gzTmTW0EsPC1tVlmCrwZW3xf2UX4ojkhSyDOJSA8YWIKuphyREFZv8fXbXrgXiQigaMI6bVaRhJVYd_9-7IvM23Vb5hHvCtjxyPdRc9d1qCRYMAgrbFUbMn_a9en0C1A270QtShmrVQ==?_z=4857535&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.104:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectbetotodilea.com Fingerprint52:DD:84:C3:DF:8B:D7:F5:39:6F:8F:B6:E3:0A:14:B3:B2:C8:75:06 ValidityWed, 09 Apr 2025 02:23:21 GMT - Tue, 08 Jul 2025 02:23:20 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/zoTI2RHSrZy5a6vHZmYPkWjXHYypsRntbUwNweswAlgFMHwMwzAT7tswdmKrqiHqAnsk8rOdIxc4zsyAqDPqi0WQmg33Rq2QhFtrnZuiEF4JqUQ3ysDZutoTxC--GPch67bRI9L84okswOAqaKpIO3tLiqc7N4wArkd4QBdXqamdhyKuGUsRDijM5rr3hbJtJDNtjzhQv6g---V4GRnMGyO-BAZeb6NxXOjvcyEZdQwV1Vv8Oc-XsgjKZrI_xUU5aLupAQkvtNdDm5uGtp_3zOP74_dJf58yh3U8A42DSq1OI2ZWxawHPgO-eFgALvTzgTuWRtcauDf2ifKjyucxaXhmQB4HRf_Eh5iqCCnhYfSI-Ubow7pK1_cFPQiF7W2B4DFWTkbuk1bT9rUADx7CIWsGRH0FjD6MSWmdGZv2UfO_kfN2XKfxCWkAieTQOvOKRGHO-tDS3NhSKCjB4FcWdBS6iRnn-7LCW9sCXNr-s94aZX-v7cbaOHimNmbFk8TYA8uTzn6B-UfJFs4-fx2AxuNOfaImqp1raXW-nhL3dcYbeZ_badNzS4dLhpTIvxqvorxzOxMoDNcnFsvxsNS9svp0cMB8STSi9cCHTwPmnq3axoFoAmqGLpaEvCannFG3ZA6kRgR-hFZ37_kLCACVabpKqCShgRFnIjjt0AcKpOxWOYxiYuHPKpGbhGcr2xDLU_razVyIN6oz26t_UJbqRhCN698gzTmTW0EsPC1tVlmCrwZW3xf2UX4ojkhSyDOJSA8YWIKuphyREFZv8fXbXrgXiQigaMI6bVaRhJVYd_9-7IvM23Vb5hHvCtjxyPdRc9d1qCRYMAgrbFUbMn_a9en0C1A270QtShmrVQ==?_z=4857535&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: OAID=0801d95c930b4b08fbc308a7098c893a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:38 GMT
content-type: image/gif
content-length: 43
x-trace-id: ee625ea6bb9ddb684e531b2ab3530221
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js | 104.17.24.14 | 200 OK | 1.3 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js IP104.17.24.14:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1266) Hash4412bf8023109ee9eb1f1f226d391329 c273960aa874a87dd022b5e597887142f1b8e34f d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 947d8cd60edf5690-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 650357
expires: Wed, 20 May 2026 10:29:23 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gvyimgPLi629fpYwCh4E0PM0VYoaUaEJev3oAikKo9csOKGYrRPsJFJz0qbHqT%2F74HHoWgSjTQ4R7MN1rFYf49iU%2B6ZbdyucvOxspE57wSUzXBKt%2Fsbn3HElVAI3AqjkkmeZB0Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| doply.net/pass_md5/96247349-91-90-1748600962-710cb9478ca4f0664e3b74b9cd76642c/t2mkyp4k3i7w5hryuw94fbqw | 172.67.68.122 | 200 OK | 104 B |
URL GET doply.net/pass_md5/96247349-91-90-1748600962-710cb9478ca4f0664e3b74b9cd76642c/t2mkyp4k3i7w5hryuw94fbqw IP172.67.68.122:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoply.net Fingerprint4E:5D:5F:2C:19:38:42:0B:22:C2:28:41:55:6E:DA:EC:FA:5E:1A:AF ValiditySun, 18 May 2025 10:09:34 GMT - Sat, 16 Aug 2025 11:07:21 GMT
File typeASCII text, with no line terminators Hash727c206a97e6b86932322cfb209261f4 9a8ba42de3fb4798f7afbf6e9151a668c5d730b6 6f9b2b48944b3659d703063bee2f915667d3fb8ec36c7e9693f899b18f519290
GET /pass_md5/96247349-91-90-1748600962-710cb9478ca4f0664e3b74b9cd76642c/t2mkyp4k3i7w5hryuw94fbqw HTTP/1.1
Host: doply.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://doply.net/e/8fcdiimj3wyv
Cookie: lang=1; dref_url=none; UGVyc2lzdFN0b3JhZ2U=%7B%22CAIFRQ%22%3A%22ADMZOgAAAAAAAAAB%22%2C%22CAIFRT%22%3A%22ADMZOgAAAABoOozQ%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:24 GMT
content-type: text/html; charset=UTF-8
cf-ray: 947d8cda7a1356b7-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URJneKnPydW6N9DjM3ibfvpcRXGg0siAxz3nWBjSfbvOyCbxeVfTmuJsphQ91%2BzCc4WKsZQTIsOdCb0Bs0WDR2KfK1zj7c%2BXCAXQy%2BEPGwuWtd5%2BQtXFfMJGbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=694&min_rtt=455&rtt_var=43&sent=75&recv=66&lost=0&retrans=0&sent_bytes=80596&recv_bytes=1940&delivery_rate=22984126&cwnd=257&unsent_bytes=0&cid=3dfafc40a8dfcaaf&ts=2576&x=0"
X-Firefox-Spdy: h2
|
|
| segarkojiri.top/cuid/?f=https%3A%2F%2Fdoply.net |  23.109.170.138 | 200 OK | 0 B |
URL OPTIONS segarkojiri.top/cuid/?f=https%3A%2F%2Fdoply.net IP23.109.170.138:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerZeroSSL Subjectsegarkojiri.top FingerprintB1:D1:99:D4:6E:8F:E8:95:E2:D6:F3:32:5C:83:EB:8C:7C:23:2A:D7 ValidityTue, 22 Apr 2025 00:00:00 GMT - Mon, 21 Jul 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /cuid/?f=https%3A%2F%2Fdoply.net HTTP/1.1
Host: segarkojiri.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://doply.net/
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 May 2025 10:29:24 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://doply.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| du0pud0sdlmzf.cloudfront.net/tZkp3aG0FJRkOUhIjE1VUVnJHXVpAOgUNC1suGBgBH2QZDRlAIAQHAxZ3PywoCic2MCIIKDVfOkA+DQxQVmwbCQMBd1ENAwV3Rk4MAihKXEsSOhgDUAUsBQ0UEyIOHQ5APxZVAAkwHgQBB29FLlhIelJaXU49HgYJCT0ETV9WJANNX1Z7R0ZdQ3k1TV9WPR-4GW1JvRCpIVHoPXllDeTVNX1Y4AU1eJ3tEXENWY1JaXQEvFAMCQ3gxWl1XekdZXVdvRVgLDzgSDgIeb0UuXFV+WVhLE3dG | 3.167.7.49 | 200 OK | 881 B |
URL GET du0pud0sdlmzf.cloudfront.net/tZkp3aG0FJRkOUhIjE1VUVnJHXVpAOgUNC1suGBgBH2QZDRlAIAQHAxZ3PywoCic2MCIIKDVfOkA+DQxQVmwbCQMBd1ENAwV3Rk4MAihKXEsSOhgDUAUsBQ0UEyIOHQ5APxZVAAkwHgQBB29FLlhIelJaXU49HgYJCT0ETV9WJANNX1Z7R0ZdQ3k1TV9WPR-4GW1JvRCpIVHoPXllDeTVNX1Y4AU1eJ3tEXENWY1JaXQEvFAMCQ3gxWl1XekdZXVdvRVgLDzgSDgIeb0UuXFV+WVhLE3dG IP3.167.7.49:443
Requested byhttps://epartoukfarepu.com/OGJCaFdZACEFaFlfIE4iSg5/TWV+R3AuM01SMh0zCBEmBDpCBGwLO1cXJg4lVww2RjldFmdaEUw4KRhkWSVyLh1qCQ09P3EIB1kBbTQsIh9gNDIpGF83DCtmSxcFKjB6KnA5DXwwLikeeTMKKS9iURIRIFchKwtldSELIRx8NCQnPHlHcCoTaRoTPjpPAAE5GnoGcy0ZeRUUWwVTVg8pPlApGi0kay0qDxNtIxcbFWlSFy0ucS0KOWJ5MjoyAXkjKR8fXzMAKmUBJA4EP3EHLiI2YDd2UR9fOwgrAwgnFj5ubygDJhlgUxhfBQg4JjlkU1MWPm5vMhBFY381cyIhaiEyIQFwDRIwO1QmJzwBdjpzMWN5N3MNHQsWBzASdjUbWR1ZOhMtIX4jDysGCwU6PzsJOicDM2I6FAwhajQlJBNCBREsMHEHIFgCTToEPnIKIBU+P3QncQwQHggxBzlIXwosElQPAzAYVgAAXwA CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72 ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT
File typeASCII text, with very long lines (881), with no line terminators Hash6d53a2618cb7fd44ae7b64cef04277de 18aa77d7bb2788f74e29fd407a007f01c105df4f d94caabf52e72a75ecf36b23be437d0e5643938f656c32600c9270b72c3703ff
GET /tZkp3aG0FJRkOUhIjE1VUVnJHXVpAOgUNC1suGBgBH2QZDRlAIAQHAxZ3PywoCic2MCIIKDVfOkA+DQxQVmwbCQMBd1ENAwV3Rk4MAihKXEsSOhgDUAUsBQ0UEyIOHQ5APxZVAAkwHgQBB29FLlhIelJaXU49HgYJCT0ETV9WJANNX1Z7R0ZdQ3k1TV9WPR-4GW1JvRCpIVHoPXllDeTVNX1Y4AU1eJ3tEXENWY1JaXQEvFAMCQ3gxWl1XekdZXVdvRVgLDzgSDgIeb0UuXFV+WVhLE3dG HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://epartoukfarepu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 633
date: Fri, 30 May 2025 10:29:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 3ecfca26003921b3f6dfb1a287300c24.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: jN_ghg0B8JVQNSfOQE9WdqE3RMztpSnRI3IlkvD49tsiGIATxw2gow==
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 142.250.147.84 | 302 Found | 0 B |
URL GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP142.250.147.84:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectaccounts.google.com FingerprintB1:06:D8:49:F1:03:BE:43:D7:79:D9:25:25:FE:92:54:6C:93:0B:54 ValidityMon, 12 May 2025 08:44:47 GMT - Mon, 04 Aug 2025 08:44:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:ddEy83ZIzrdrNy5uIMS0qRFmDMBAeA:08ZbGZx-om8CNYk4; Expires=Sun, 30-May-2027 10:29:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 May 2025 10:29:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdBytiM3ZjWrrygFPrYkd3vmpAkCZIhRoXbwPvo6OSyhT7-FievI5mxFoavi3H3A0xUoh2E1nyz9ag
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-N9CR3jiuZtQ_CNBXB1iTow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| et.vizierspavan.com/fnWM0kwI7wCwkEF/111551 | 23.109.170.86 | 200 OK | 6 B |
URL GET et.vizierspavan.com/fnWM0kwI7wCwkEF/111551 IP23.109.170.86:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectet.vizierspavan.com Fingerprint68:2F:AA:17:29:26:89:9C:1D:42:97:F7:95:82:E3:8C:D6:78:15:5A ValidityWed, 28 May 2025 08:08:41 GMT - Tue, 26 Aug 2025 08:08:40 GMT
File typeASCII text, with no line terminators Hash4fc71bf68a1d477bd1523733e34d1e90 15119105cffbe108b6cf290146ab02c9aa8517ba 74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /fnWM0kwI7wCwkEF/111551 HTTP/1.1
Host: et.vizierspavan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 May 2025 10:29:22 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Origin
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Megageocheckolololo, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, OPTIONS
Set-Cookie: GGI10=G/IAAASeD7dNK/dmKv8IjKne3vVF23LHD4p/239bRbcCCoMg63NMJOcmHtdgLENcdVb9C/8fcU22F4TMszPXDn3bi0JM1sszQtMiPRle3iuF+nW+PadvTJQWghuEE2erh7OxP8CGug0ouFXNMz9sX8bofOhPVVBMTsv72LAiF5aGU46qKWF8uZ1fb+RKCE0MoKV13JEH4pvoZXocf6ywyRddqbWmm1R6/v8=; max-age=3600000; path=/; secure; SameSite=None
GUI4=G/gDAMRIp04r95OT6ECi2ZbXlKmVUfRDNNHq/c+tboiHQszEdl9md5hoHSQir3sjEjJxrxMS5srGlhZBEWEdknvyLM1tkP8V3CQYfHC8qlUWhW84OtVOXHJ++9EY1elN+5eVa9+0+XJsR84sW6d32ksc5soYwwBlpDXCMiRM2DYFWf4EDsYu7sV2zAu1w4tvBsHFdR0aOBfKTCdJHBBUow++IdIaOOpYAcG9ORVwlGgDBLITqeV6kA9QRoeG6McX6803cICgVFFc/DWP31hNXdz6K1d+aVpED7JRP1NtmVk2EpYVZPSiikhIvB8EqrMj6na0zukJOrIrH4WMwBkGR1moIl5r0uQTVIkjccsROFp8xX60JIddYhhsPa2n8RSeXsm7lCAG3KVncCeWepuTG/4ACaGZiRdKZcAn/hm9qrHOQRB+rGjnrrJ9qp4N1RdTsew4QjQGSkGI6ItEkjrSV1RaojqFalUXHjJlt8dAtdCPi8fRGFLRZYYc1IUY4/aKNfgongPCcIzKg72ncN0CJaFAIq64zJK7JWXyUpY8XH/02/wnjUnBVv0gGDpRmrSsHOE2eIyc1UAWzuxZSHacQBJiclkTrxyKArUn2A78SLgs0+MA; max-age=3600000; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| doply.net/favicon.ico | 172.67.68.122 | 200 OK | 15 kB |
IP172.67.68.122:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoply.net Fingerprint4E:5D:5F:2C:19:38:42:0B:22:C2:28:41:55:6E:DA:EC:FA:5E:1A:AF ValiditySun, 18 May 2025 10:09:34 GMT - Sat, 16 Aug 2025 11:07:21 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash30d3656f43c817e38c3e7d70b2bfbdad 1aa43b43755e7cba5e145d0978517f7bedad7da6 a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
GET /favicon.ico HTTP/1.1
Host: doply.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/d/8fcdiimj3wyv
Cookie: lang=1; dref_url=none; UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: image/x-icon
content-length: 15406
server: cloudflare
vary: Accept-Encoding
cf-ray: 947d8cd45f3c56b7-OSL
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-3c2e"
expires: Mon, 23 Jun 2025 15:50:03 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 499160
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0F6I8%2BNS9PYXyI1PcQGwmPzZni5Agbp5wiBWFlj61HVNV6H42DuHvHa2%2FOKJL6whT3rJh3Z2URoUf3SnAGuUE2nEInwnpxuI9eznK60dApTNWiwLVSts38Cxdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=730&min_rtt=455&rtt_var=334&sent=60&recv=51&lost=0&retrans=0&sent_bytes=64469&recv_bytes=1639&delivery_rate=22984126&cwnd=257&unsent_bytes=0&cid=3dfafc40a8dfcaaf&ts=1527&x=0"
X-Firefox-Spdy: h2
|
|
| ads.quality-traffic.com/outstream.video5.js?id=1692787692&ref=doply.net | 104.21.2.173 | 200 OK | 22 kB |
URL GET ads.quality-traffic.com/outstream.video5.js?id=1692787692&ref=doply.net IP104.21.2.173:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectquality-traffic.com Fingerprint4E:64:8D:53:45:D9:6A:2E:C2:EB:5E:57:01:14:6D:20:70:6B:76:67 ValidityFri, 04 Apr 2025 03:24:44 GMT - Thu, 03 Jul 2025 04:21:13 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1971) Hash210ed90dc4e186acbffd7197dee37f78 d9264c27efedd10b94ea2e75c3c32e8d9c5786a6 feeb4a114770a437eefc3f56dae1206d2166bc3eb5223e313acc4c7c2ccd4ac4
GET /outstream.video5.js?id=1692787692&ref=doply.net HTTP/1.1
Host: ads.quality-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:26 GMT
content-type: application/javascript
server: cloudflare
last-modified: Tue, 18 Mar 2025 13:02:29 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"67d96ee5-56cf"
x-powered-by: PleskLin
content-encoding: br
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Q8WdPwnaZQ4HhED6MgttkzvO1SXeHlwPQKtyeklaUnxeRpJod5IeVa8Bybh3NnuW5mJOBs8oCTWOjgWMyU5PhHWxN2esN0RgtRvGcI8AeQbjOi%2Bd2SoI"}]}
cf-ray: 947d8ce9ef2b3009-PRG
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/theme_2/css/style.css?v=0.1 | 172.67.75.50 | 200 OK | 249 kB |
URL GET i.doodcdn.io/theme_2/css/style.css?v=0.1 IP172.67.75.50:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
Size249 kB (249272 bytes) Hash59b293159a38ec92d8bd5fa4d09f8d59 7167b460de2cb4d2534163de707b0aa0e84b73cf 3f81f845eb11d647c4bd80b76d7af054203e52eab24bc359ddd5cb4f33efddd4
GET /theme_2/css/style.css?v=0.1 HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: text/css
content-length: 40748
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8ccecc15b517-OSL
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: public, max-age=2592000
expires: Sat, 30 May 2026 04:58:07 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 16946
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lK%2FpGaWrwGDh%2FO%2FOrE2tSdtw%2FCPOinZBgWb7IXjw1NPg2r%2FDHF%2BbQB1yxX0Zcg2UWwP7YC4hAcZPXQ69PHgIn0YZiW%2BhyQHo0M5J5xFfJMe1adsR93OjulljMNQb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1148&min_rtt=437&rtt_var=1246&sent=27&recv=14&lost=0&retrans=0&sent_bytes=28133&recv_bytes=1401&delivery_rate=8222600&cwnd=254&unsent_bytes=0&cid=bab63a4f26a86a92&ts=133&x=0"
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2 | 172.67.75.50 | 200 OK | 184 kB |
URL GET i.doodcdn.io/theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2 IP172.67.75.50:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 184476, version 330.-16253 Size184 kB (184476 bytes) Hash2a6dec1227f9970376f578270a642d06 150a6a7ffdec6e2e2ff4c712d7cee8bd9b930284 e228b909313044a18dec1a674cfd4935071c36eb3eb6a0cd38a45afac6ae3996
GET /theme_2/css/fontawesome/webfonts/fa-duotone-900.woff2 HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: font/woff2
content-length: 184476
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd1f8cf0b55-OSL
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sat, 28 Jun 2025 11:22:25 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 67108
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3m%2Fud2PF3E0OIBCX%2F5k0haYMrjeJJedUP5RPeEhrMSIzfqevNyrTQAYN16Yl0dDRYJ4P60oVqp2Th8v%2FUeC4sV31iVc0xlXaf8wM4X8bXjX5VxoVneAU8us4l%2Fiqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7550&min_rtt=7477&rtt_var=2949&sent=23&recv=10&lost=0&retrans=0&sent_bytes=16189&recv_bytes=1999&delivery_rate=79500&cwnd=12000&unsent_bytes=0&cid=103bbd9b95669f5f&ts=106&x=1", cfExtPri, cfHdrFlush;dur=19
|
|
| odw7bf.dood.video/404.html | 0.0.0.0 | | 0 B |
URL GET odw7bf.dood.video/404.html IP0.0.0.0:0
Requested byhttps://doply.net/e/8fcdiimj3wyv
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /404.html HTTP/1.1
Host: odw7bf.dood.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiPgkFeT84CIwpy_oqmVpJsGuwEEYoV1w2u6PPjFCW9ewG8YNNUk2ynplzeT7aT4rDjzPOgkMw | 142.250.147.84 | 302 Found | 0 B |
URL GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiPgkFeT84CIwpy_oqmVpJsGuwEEYoV1w2u6PPjFCW9ewG8YNNUk2ynplzeT7aT4rDjzPOgkMw IP142.250.147.84:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectaccounts.google.com FingerprintB1:06:D8:49:F1:03:BE:43:D7:79:D9:25:25:FE:92:54:6C:93:0B:54 ValidityMon, 12 May 2025 08:44:47 GMT - Mon, 04 Aug 2025 08:44:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiPgkFeT84CIwpy_oqmVpJsGuwEEYoV1w2u6PPjFCW9ewG8YNNUk2ynplzeT7aT4rDjzPOgkMw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:6Sk5TFAbLWctqVX6SZeyLgfD7ngj_w:BE55rQHUAHPtElFB;Path=/;Expires=Sun, 30-May-2027 10:29:25 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 May 2025 10:29:25 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdBytiNp0NhY9yahSYzXxeARMw5JvIiQJKS6Wz0A9Ud93RSjx63Gov0rFSYkG-Z4ThRUzDUZA_GXjw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1966752956%3A1748600965570969
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-i-dSwgP8GWhpgwc96iMv_A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 417
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 | 142.250.74.35 | 200 OK | 20 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 IP142.250.74.35:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20408, version 1.0 Hashe8730678d4610fa908d3cba1ef0b4ddf 1efcbee909ce74bf04878d74867f12a1e41ae7a4 e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 13:13:49 GMT
expires: Fri, 29 May 2026 13:13:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Jan 2025 18:23:12 GMT
content-type: font/woff2
age: 76549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vidply.com/d/8fcdiimj3wyv | 104.26.1.117 | 301 Moved Permanently | 18 kB |
URL User Request GET vidply.com/d/8fcdiimj3wyv IP104.26.1.117:443
CertificateIssuerGoogle Trust Services Subjectvidply.com FingerprintA3:C6:73:95:3B:43:91:98:80:58:FF:8C:55:F7:2C:09:23:C0:CD:04 ValiditySat, 03 May 2025 16:20:03 GMT - Fri, 01 Aug 2025 17:20:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/8fcdiimj3wyv HTTP/1.1
Host: vidply.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 30 May 2025 10:29:21 GMT
content-type: text/html
content-length: 167
location: https://do7go.com/d/8fcdiimj3wyv
cf-ray: 947d8cc9ebc87128-OSL
server: cloudflare
cache-control: max-age=3600
expires: Fri, 30 May 2025 11:29:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tu%2F%2FafMBBIv9hSGLbCF5ICjJspxaDgJA6jvaiw8nW45jqcdc17qcQyimFbQe7kk5rP10gGtwA%2BQ4wfc7ldZ%2FRusIXZbB%2Bu15ATBHGwyoeAmEK3355QKtPRTuIoA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| tsyndicate.com/do2/caa7533a8ebf4a10b903c4048a235ae3/vast?extid={extid} |  136.243.81.150 | 200 OK | 7.7 kB |
URL GET tsyndicate.com/do2/caa7533a8ebf4a10b903c4048a235ae3/vast?extid={extid} IP136.243.81.150:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjecttsyndicate.com Fingerprint1D:36:B3:AC:76:33:5C:64:BB:85:FE:5B:BA:AC:41:0D:8B:F7:20:65 ValidityTue, 25 Mar 2025 00:07:40 GMT - Mon, 23 Jun 2025 00:07:39 GMT
File typeXML 1.0 document, ASCII text, with very long lines (7514) Hash6f9231acfdcab0eb77d1babe987eb0b5 ab59cc848f2f2791fc27eb78e076cc4ab092301d 1da48357fed42215ceb2376c1295aa203803fac42ec77adf4b632d0e8d2dae5e
GET /do2/caa7533a8ebf4a10b903c4048a235ae3/vast?extid={extid} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:26 GMT
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://doply.net
access-control-allow-methods: POST, GET, HEAD
access-control-allow-headers: Accept, X-Requested-With, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Legacy, Content-Type,Authorization, Nav-Ua-He-Mobile, Nav-Ua-He-Platform, Nav-Ua-He-Brands, Nav-Ua-He-Platformversion, Nav-Ua-He-Model, Nav-Ua-He-Architecture, Nav-Ua-He-Bitness, Nav-Ua-He-Fullversionlist, Nav-Ua-He-Uafullversion, Nav-Ua-He-Wow64
access-control-allow-credentials: true
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-vast: 3.0
set-cookie: cookie_user_id=5389c1cd-55f1-4670-bd9a-5dbbe599a86e; expires=Sun, 30 Nov 2025 10:29:26 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYaMGLMuEHjRhcWIsYU3BLjoYgyE2MwxGEDx40ZNmx06aMg; expires=Sat, 31 May 2025 10:29:26 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
permissions-policy: ch-ua-model=(self "https://tsyndicate.com"), ch-ua-platform-version=(self)
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| doply.net/?op=splash_error&token=t2mkyp4k3i7w5hryuw94fbqw | 172.67.68.122 | 200 OK | 1 B |
URL GET doply.net/?op=splash_error&token=t2mkyp4k3i7w5hryuw94fbqw IP172.67.68.122:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoply.net Fingerprint4E:5D:5F:2C:19:38:42:0B:22:C2:28:41:55:6E:DA:EC:FA:5E:1A:AF ValiditySun, 18 May 2025 10:09:34 GMT - Sat, 16 Aug 2025 11:07:21 GMT
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /?op=splash_error&token=t2mkyp4k3i7w5hryuw94fbqw HTTP/1.1
Host: doply.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://doply.net/e/8fcdiimj3wyv
Cookie: lang=1; dref_url=none; UGVyc2lzdFN0b3JhZ2U=%7B%22CAIFRQ%22%3A%22ADNFZwAAAAAAAAABADMZOgAAAAAAAAAB%22%2C%22CAIFRT%22%3A%22ADNFZwAAAABoOY%252BwADMZOgAAAABoOozQ%22%7D; ts_popunder-cnt=0; ts_popunder=Fri%20May%2030%202025%2010%3A30%3A25%20GMT%2B0000%20(GMT); bnState_1841679={"impressions":1,"delayStarted":0}; bnState_1841674={"impressions":1,"delayStarted":0}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:28 GMT
content-type: text/html; charset=UTF-8
cf-ray: 947d8ce7fae956b7-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCeKBCdmjDvElFdqrBjAIU2%2FmtuislqwIItYMs6m876aavXWGsmDq6YkST9i3VK9r%2FwBeEV%2FmGVq4rPIIyMOfPnEOkCvMWd3RDqihTPaucsyt9%2F7CMu%2Fr79pRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=576&min_rtt=455&rtt_var=60&sent=86&recv=77&lost=0&retrans=0&sent_bytes=83525&recv_bytes=2818&delivery_rate=22984126&cwnd=257&unsent_bytes=0&cid=3dfafc40a8dfcaaf&ts=6495&x=0"
X-Firefox-Spdy: h2
|
|
| doply.net/d/outstream.video.v2.css | 172.67.68.122 | 200 OK | 2.5 kB |
URL GET doply.net/d/outstream.video.v2.css IP172.67.68.122:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoply.net Fingerprint4E:5D:5F:2C:19:38:42:0B:22:C2:28:41:55:6E:DA:EC:FA:5E:1A:AF ValiditySun, 18 May 2025 10:09:34 GMT - Sat, 16 Aug 2025 11:07:21 GMT
File typeHTML document, ASCII text, with very long lines (2502), with no line terminators Hash092e5e3797d6057d089f24dca9a8673c 8a1c8583149377cd4215f7d53e7ef03c48231575 4059a70a12549639ba2e3a822a599af43bd7193b3021df81c6818b56db2a485b
GET /d/outstream.video.v2.css HTTP/1.1
Host: doply.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/d/8fcdiimj3wyv
Cookie: lang=1; dref_url=none; UGVyc2lzdFN0b3JhZ2U=%7B%22CAIFRQ%22%3A%22ADNFZwAAAAAAAAABADMZOgAAAAAAAAAB%22%2C%22CAIFRT%22%3A%22ADNFZwAAAABoOY%252BwADMZOgAAAABoOozQ%22%7D; ts_popunder-cnt=0; ts_popunder=Fri%20May%2030%202025%2010%3A30%3A25%20GMT%2B0000%20(GMT); bnState_1841679={"impressions":1,"delayStarted":0}; bnState_1841674={"impressions":1,"delayStarted":0}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:27 GMT
content-type: text/html; charset=UTF-8
cf-ray: 947d8cebda3256b7-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding
expires: Thu, 29 May 2025 10:29:27 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 30 May 2025 10:29:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfWpyPQTVExUep5DrKx%2BheuJt6M4%2Bv4PPN3eZDqHJn5rk046mfpOzRgGPSY1yjNNnudaPUrBVoYfsgnBGdp0OHyuaRzfXQur5q%2F62KUvKX4v5Kray2yC1Gwv1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=634&min_rtt=455&rtt_var=53&sent=80&recv=71&lost=0&retrans=0&sent_bytes=81268&recv_bytes=2478&delivery_rate=22984126&cwnd=257&unsent_bytes=0&cid=3dfafc40a8dfcaaf&ts=5399&x=0"
X-Firefox-Spdy: h2
|
|
| undefined/UWcyWU4wBVE0cTBaUH87IwsPfHwXQgAfKiRXQiwqYRRWNSMrARw6Ij4SVj88PglGdyA0ExdrCAEwZBh/Mw1Vbx5gFHsbN2FSZw8DEwZlHAYGEHB8fBcudzoCCQpjaRk5UmcQBmQFcWk2dFV0FiUIJWQwIiU1SjV2Hh50Hx48VkcUIDYiZSF2FTBZMQMYHWMQFjlTAxQYIi1wAXZgMEVpCDAvaAwNPRdZAwwcBmEdF2Ykc2grGh1kFAlgJlUTGAsuZg0mJTBzHw0cI0oDCilWQB8pEyZxETY4JWcDHhwjBwsPBF9DPR81AmQwf2AlA20EMD8GHx0mFFA9H3wDVw00EEIAGw9gCFY4Jhg2ahgpOT1VHwISH0ZoDGBSeRV9BCB+LiIgPXAtKxQ/SjAMAAtWFiQlBmEuITc+VQ8oEiBeMQwHX1Y4fBMzcGkhaSleNhkZMEEODBdXfz18EDN1Lhg+QVgqIT8XDys5FQVDKR4EUFAUJDIhYTY | 0.0.0.0 | | 0 B |
URL GET undefined/UWcyWU4wBVE0cTBaUH87IwsPfHwXQgAfKiRXQiwqYRRWNSMrARw6Ij4SVj88PglGdyA0ExdrCAEwZBh/Mw1Vbx5gFHsbN2FSZw8DEwZlHAYGEHB8fBcudzoCCQpjaRk5UmcQBmQFcWk2dFV0FiUIJWQwIiU1SjV2Hh50Hx48VkcUIDYiZSF2FTBZMQMYHWMQFjlTAxQYIi1wAXZgMEVpCDAvaAwNPRdZAwwcBmEdF2Ykc2grGh1kFAlgJlUTGAsuZg0mJTBzHw0cI0oDCilWQB8pEyZxETY4JWcDHhwjBwsPBF9DPR81AmQwf2AlA20EMD8GHx0mFFA9H3wDVw00EEIAGw9gCFY4Jhg2ahgpOT1VHwISH0ZoDGBSeRV9BCB+LiIgPXAtKxQ/SjAMAAtWFiQlBmEuITc+VQ8oEiBeMQwHX1Y4fBMzcGkhaSleNhkZMEEODBdXfz18EDN1Lhg+QVgqIT8XDys5FQVDKR4EUFAUJDIhYTY IP0.0.0.0:0
Requested byhttps://doply.net/e/8fcdiimj3wyv
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /UWcyWU4wBVE0cTBaUH87IwsPfHwXQgAfKiRXQiwqYRRWNSMrARw6Ij4SVj88PglGdyA0ExdrCAEwZBh/Mw1Vbx5gFHsbN2FSZw8DEwZlHAYGEHB8fBcudzoCCQpjaRk5UmcQBmQFcWk2dFV0FiUIJWQwIiU1SjV2Hh50Hx48VkcUIDYiZSF2FTBZMQMYHWMQFjlTAxQYIi1wAXZgMEVpCDAvaAwNPRdZAwwcBmEdF2Ykc2grGh1kFAlgJlUTGAsuZg0mJTBzHw0cI0oDCilWQB8pEyZxETY4JWcDHhwjBwsPBF9DPR81AmQwf2AlA20EMD8GHx0mFFA9H3wDVw00EEIAGw9gCFY4Jhg2ahgpOT1VHwISH0ZoDGBSeRV9BCB+LiIgPXAtKxQ/SjAMAAtWFiQlBmEuITc+VQ8oEiBeMQwHX1Y4fBMzcGkhaSleNhkZMEEODBdXfz18EDN1Lhg+QVgqIT8XDys5FQVDKR4EUFAUJDIhYTY HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| segarkojiri.top/cuid/?f=https%3A%2F%2Fdoply.net | 23.109.170.138 | 200 OK | 32 B |
URL POST segarkojiri.top/cuid/?f=https%3A%2F%2Fdoply.net IP23.109.170.138:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerZeroSSL Subjectsegarkojiri.top FingerprintB1:D1:99:D4:6E:8F:E8:95:E2:D6:F3:32:5C:83:EB:8C:7C:23:2A:D7 ValidityTue, 22 Apr 2025 00:00:00 GMT - Mon, 21 Jul 2025 23:59:59 GMT
Hash5e9d0f946123de6a7901fa3edd7b2639 e25e2876383b4ddf9370a314af587279fb3ef1b2 46928149323ce3a477583cc78d8ecdae80f4e4801a629cb74a40f431736eae98
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /cuid/?f=https%3A%2F%2Fdoply.net HTTP/1.1
Host: segarkojiri.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
Content-Type: application/json
Content-Length: 10
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 May 2025 10:29:25 GMT
Content-Type: application/json
Content-Length: 32
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://doply.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: a97fa794a0f9=6775612e092441746b9faa; expires=Sun, 13 Oct 2052 11:18:39 GMT; domain=segarkojiri.top; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| betotodilea.com/401/4857535?oo=1&sw_version=v1.634.7&oaid=u0zg926526hx377438944p3e8scdx246&tgp= | 139.45.197.104 | 200 OK | 2.4 kB |
URL POST betotodilea.com/401/4857535?oo=1&sw_version=v1.634.7&oaid=u0zg926526hx377438944p3e8scdx246&tgp= IP139.45.197.104:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectbetotodilea.com Fingerprint52:DD:84:C3:DF:8B:D7:F5:39:6F:8F:B6:E3:0A:14:B3:B2:C8:75:06 ValidityWed, 09 Apr 2025 02:23:21 GMT - Tue, 08 Jul 2025 02:23:20 GMT
Hash598f72d6fef062a57ba491ae3b4f16db 718276c18f2b8e7db6580cd4d50bba2bf41322b1 87a85488705065ebe544f0d25f4ec7815800633a9c1e1bba9e0de2f60a02bbb6
POST /401/4857535?oo=1&sw_version=v1.634.7&oaid=u0zg926526hx377438944p3e8scdx246&tgp= HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2544
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: OAID=0301d92c3b384c93f21f7eb0c456008e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:26 GMT
content-type: application/json
x-trace-id: e44d0481135bf3e51cdde16787ec01b9
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://doply.net
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=u0zg926526hx377438944p3e8scdx246; expires=Sat, 30 May 2026 10:29:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| doply.net/e/8fcdiimj3wyv | 172.67.68.122 | 200 OK | 38 kB |
IP172.67.68.122:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoply.net Fingerprint4E:5D:5F:2C:19:38:42:0B:22:C2:28:41:55:6E:DA:EC:FA:5E:1A:AF ValiditySun, 18 May 2025 10:09:34 GMT - Sat, 16 Aug 2025 11:07:21 GMT
File typeHTML document, ASCII text, with very long lines (38260), with no line terminators Hash209bf82a4b6e461988a2e4878f69a3d0 cbf7f3f9e6fe31f36789cd70dcee32cf3406a97f 5480374c74b63626218df3995cb5b59b91a0a17669b8971a3ebde9033f95c000
GET /e/8fcdiimj3wyv HTTP/1.1
Host: doply.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/d/8fcdiimj3wyv
Cookie: lang=1; dref_url=none
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: text/html; charset=UTF-8
cf-ray: 947d8cd1290856b7-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding
expires: Thu, 29 May 2025 10:29:22 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUgT%2BYp5OpH8NOe0yESc9eKE5lW6JpMX84a0s3tpZz0h8WgtLFgb%2BGdQzklfKdVLC6g38JXzH0FCePa1INxd5tTOiQJbv6x8UVX%2FhIrRadU%2F4M6nNJRymehxUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=1534&min_rtt=455&rtt_var=1274&sent=46&recv=37&lost=0&retrans=0&sent_bytes=49591&recv_bytes=1493&delivery_rate=22984126&cwnd=257&unsent_bytes=0&cid=3dfafc40a8dfcaaf&ts=1099&x=0"
X-Firefox-Spdy: h2
|
|
| appointeeivyspongy.com/whob.gif?z=1841679&pid=__clb-1841679_1&pb=d3e93ae540697ac66ab30e7ff1cb6d2e1748608163&pbc=qd8nD2jhMBOjpDlo&pbu=oBUTl2NGmrGjpDlo&psp=o8u4JJEd0pZVC4gaLQQB-JoPBq9uX78wzx9yaP45mRk1Mi1PyPPaTQ4XpRE1FjIGN9JZK_-anolMtZPRu3tbSoLMuPm-czo_M4LZOS4nep7wypysTFiYbX6X_EW_n2odSJxV5SKtbfMKmQ8aT0Qw2lSi_U5rfg6nqD34XpB3HxSuskuRkKg3xCboYusix2H2aw6X300suUzKEFIpXLZlbSkGDSyff3cmRyEsVXFsnpXIM78oXgCaIhD_NION13q8VFwMoZG8ZRd7aXhth6TMyVTOyhDR1NGLrm6dk1jgSX_-Je6KesGYaVYuJKol1xBvs7CXVjlwq4-WEnWd9-MhqUqgq7v9H7mWVXmj-OzpemqJvcQ06XEXcE1aeRVkUEzZ-rwjlsduQecllhtq98_lFdIXQjvTnANeynmvxid9BKY0wyV54zk3MjAIXBzO6_LmxUhc0yOSqDZuOyOIkp2-ei_IPq7AbFuV1peWv2XwnlOV15yY-5cV56IdIRpQmGLiBhMVBxxqySuE7DRTyqB7Tuk3Y0QXoNqJyGnrbNClOEKelCHeJrGI85IhYxojpCcYTW1LNrdKahQzVjtuqoiZRKPybywouAdipxLs5iMnqCe-KfY9suCgW3NGW_a1fxmcYz-CdrCpasO2VMBrWUM0_LbAttJNWj9LOd0xJKAkQyLIl2uay19HQU3XRsnMvwp7HryTmrfcecYBnpg4hztgDGpFS4he0rwDJ8hIVmZ1yDMoOvYSVa7s95-VKJykghVkL5HOL59fv8yLjLBQV4wFyd5wK0ICC5Wmsg0tKpxjUWo9-L7SlyHd9r4SZP0BHeIrZOUjnYmPYUuQMMwiEA6H9J6EtTR8RkSLMgeIY1hQN1yuDQbtsU5JL-I2nU2AUqsNVEqa8HYJYpcBLCo=&freq=0&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=rtPcUSfaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=959021243036160&caifrq=ADNFZwAAAAAAAAABADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=3&tp=0&vp=0&dto=2&im=1&noch=1&de=0&cs=5&pload=850&bp=2 | 94.242.247.24 | 200 OK | 43 B |
URL GET appointeeivyspongy.com/whob.gif?z=1841679&pid=__clb-1841679_1&pb=d3e93ae540697ac66ab30e7ff1cb6d2e1748608163&pbc=qd8nD2jhMBOjpDlo&pbu=oBUTl2NGmrGjpDlo&psp=o8u4JJEd0pZVC4gaLQQB-JoPBq9uX78wzx9yaP45mRk1Mi1PyPPaTQ4XpRE1FjIGN9JZK_-anolMtZPRu3tbSoLMuPm-czo_M4LZOS4nep7wypysTFiYbX6X_EW_n2odSJxV5SKtbfMKmQ8aT0Qw2lSi_U5rfg6nqD34XpB3HxSuskuRkKg3xCboYusix2H2aw6X300suUzKEFIpXLZlbSkGDSyff3cmRyEsVXFsnpXIM78oXgCaIhD_NION13q8VFwMoZG8ZRd7aXhth6TMyVTOyhDR1NGLrm6dk1jgSX_-Je6KesGYaVYuJKol1xBvs7CXVjlwq4-WEnWd9-MhqUqgq7v9H7mWVXmj-OzpemqJvcQ06XEXcE1aeRVkUEzZ-rwjlsduQecllhtq98_lFdIXQjvTnANeynmvxid9BKY0wyV54zk3MjAIXBzO6_LmxUhc0yOSqDZuOyOIkp2-ei_IPq7AbFuV1peWv2XwnlOV15yY-5cV56IdIRpQmGLiBhMVBxxqySuE7DRTyqB7Tuk3Y0QXoNqJyGnrbNClOEKelCHeJrGI85IhYxojpCcYTW1LNrdKahQzVjtuqoiZRKPybywouAdipxLs5iMnqCe-KfY9suCgW3NGW_a1fxmcYz-CdrCpasO2VMBrWUM0_LbAttJNWj9LOd0xJKAkQyLIl2uay19HQU3XRsnMvwp7HryTmrfcecYBnpg4hztgDGpFS4he0rwDJ8hIVmZ1yDMoOvYSVa7s95-VKJykghVkL5HOL59fv8yLjLBQV4wFyd5wK0ICC5Wmsg0tKpxjUWo9-L7SlyHd9r4SZP0BHeIrZOUjnYmPYUuQMMwiEA6H9J6EtTR8RkSLMgeIY1hQN1yuDQbtsU5JL-I2nU2AUqsNVEqa8HYJYpcBLCo=&freq=0&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=rtPcUSfaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=959021243036160&caifrq=ADNFZwAAAAAAAAABADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=3&tp=0&vp=0&dto=2&im=1&noch=1&de=0&cs=5&pload=850&bp=2 IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30 ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1841679&pid=__clb-1841679_1&pb=d3e93ae540697ac66ab30e7ff1cb6d2e1748608163&pbc=qd8nD2jhMBOjpDlo&pbu=oBUTl2NGmrGjpDlo&psp=o8u4JJEd0pZVC4gaLQQB-JoPBq9uX78wzx9yaP45mRk1Mi1PyPPaTQ4XpRE1FjIGN9JZK_-anolMtZPRu3tbSoLMuPm-czo_M4LZOS4nep7wypysTFiYbX6X_EW_n2odSJxV5SKtbfMKmQ8aT0Qw2lSi_U5rfg6nqD34XpB3HxSuskuRkKg3xCboYusix2H2aw6X300suUzKEFIpXLZlbSkGDSyff3cmRyEsVXFsnpXIM78oXgCaIhD_NION13q8VFwMoZG8ZRd7aXhth6TMyVTOyhDR1NGLrm6dk1jgSX_-Je6KesGYaVYuJKol1xBvs7CXVjlwq4-WEnWd9-MhqUqgq7v9H7mWVXmj-OzpemqJvcQ06XEXcE1aeRVkUEzZ-rwjlsduQecllhtq98_lFdIXQjvTnANeynmvxid9BKY0wyV54zk3MjAIXBzO6_LmxUhc0yOSqDZuOyOIkp2-ei_IPq7AbFuV1peWv2XwnlOV15yY-5cV56IdIRpQmGLiBhMVBxxqySuE7DRTyqB7Tuk3Y0QXoNqJyGnrbNClOEKelCHeJrGI85IhYxojpCcYTW1LNrdKahQzVjtuqoiZRKPybywouAdipxLs5iMnqCe-KfY9suCgW3NGW_a1fxmcYz-CdrCpasO2VMBrWUM0_LbAttJNWj9LOd0xJKAkQyLIl2uay19HQU3XRsnMvwp7HryTmrfcecYBnpg4hztgDGpFS4he0rwDJ8hIVmZ1yDMoOvYSVa7s95-VKJykghVkL5HOL59fv8yLjLBQV4wFyd5wK0ICC5Wmsg0tKpxjUWo9-L7SlyHd9r4SZP0BHeIrZOUjnYmPYUuQMMwiEA6H9J6EtTR8RkSLMgeIY1hQN1yuDQbtsU5JL-I2nU2AUqsNVEqa8HYJYpcBLCo=&freq=0&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=rtPcUSfaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=959021243036160&caifrq=ADNFZwAAAAAAAAABADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=3&tp=0&vp=0&dto=2&im=1&noch=1&de=0&cs=5&pload=850&bp=2 HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cart=1; cart_p=2; CHCK=1; UID=2505300529d29e00a5ab3b45ba81c782ea3d; OACICAP=ADMZOgAAAAAAAAAB; OACIBLOCK=ADMZOgAAAABoOTtQ; BCAI=ADMZOgAAAAAAAAAB; BMI=AEV3JQAAAAAAAAAB; BCRI=c6zKEQAAAAAAAAAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:26 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
set-cookie: CRICAP=c6zKEQAAAAAAAAAB; Path=/; Expires=Sun, 29 Jun 2025 10:29:26 GMT; Secure; SameSite=None
CRIBLOCK=c6zKEQAAAABoOYGg; Path=/; Expires=Sun, 29 Jun 2025 10:29:26 GMT; Secure; SameSite=None
BCAV=ADMZOgAAAAAAAAAB; Path=/; Expires=Sat, 31 May 2025 10:29:26 GMT; Secure; SameSite=None
BMV=AEV3JQAAAAAAAAAB; Path=/; Expires=Sat, 31 May 2025 10:29:26 GMT; Secure; SameSite=None
BCRV=c6zKEQAAAAAAAAAB; Path=/; Expires=Sat, 31 May 2025 10:29:26 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| bobapsoabauns.com/www/images/c8e226f2ae8c3f4af7477b3681f07cd2.png | 104.21.73.203 | 200 OK | 29 kB |
URL GET bobapsoabauns.com/www/images/c8e226f2ae8c3f4af7477b3681f07cd2.png IP104.21.73.203:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectbobapsoabauns.com Fingerprint8C:C2:83:27:EF:DF:2F:25:DF:58:17:A2:0F:5F:E7:86:EA:92:7F:D9 ValidityWed, 21 May 2025 20:50:33 GMT - Tue, 19 Aug 2025 21:47:54 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hashc8e226f2ae8c3f4af7477b3681f07cd2 2de6f877d53a61f9a96a46f2b238eb35627baf2c 2480203e9479426d4835a11bc7e1e82980a92041d7033b6f0450e66fe3027088
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /www/images/c8e226f2ae8c3f4af7477b3681f07cd2.png HTTP/1.1
Host: bobapsoabauns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:28 GMT
content-type: image/png
content-length: 28672
server: cloudflare
last-modified: Tue, 08 Apr 2025 11:57:00 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "67f50f0c-7000"
expires: Sat, 31 May 2025 03:53:38 GMT
cache-control: max-age=86400
timing-allow-origin: *
accept-ranges: bytes
age: 23749
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CqXljkBjlbBt7c2nBA6VZrnaIzG3SwB6l%2Bp5OCklqZw9oiwB6zI78pdCYxHbHUtAJoJV3tYdkjeN1tolDFeOoBVim8wXpPw2JKBVykW72g%3D%3D"}]}
cf-ray: 947d8cf649f7712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| betotodilea.com/split_track?action=first_match&zone=4857535&oaid=undefined&requesting%20options%20with%20retry=false | 139.45.197.104 | 204 No Content | 0 B |
URL POST betotodilea.com/split_track?action=first_match&zone=4857535&oaid=undefined&requesting%20options%20with%20retry=false IP139.45.197.104:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectbetotodilea.com Fingerprint52:DD:84:C3:DF:8B:D7:F5:39:6F:8F:B6:E3:0A:14:B3:B2:C8:75:06 ValidityWed, 09 Apr 2025 02:23:21 GMT - Tue, 08 Jul 2025 02:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /split_track?action=first_match&zone=4857535&oaid=undefined&requesting%20options%20with%20retry=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: OAID=0301d92c3b384c93f21f7eb0c456008e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
server: nginx
date: Fri, 30 May 2025 10:29:23 GMT
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, favicon
X-Firefox-Spdy: h2
|
|
| divisiondrearilyunfiled.com/aas/r45d/vki/1941940/4d81a660.js | 94.242.247.24 | 200 OK | 153 kB |
URL GET divisiondrearilyunfiled.com/aas/r45d/vki/1941940/4d81a660.js IP94.242.247.24:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject FingerprintCF:34:D4:54:A1:7A:18:F4:1A:75:2E:BB:C8:B3:74:87:96:B5:A3:6C ValidityMon, 03 Mar 2025 23:54:00 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size153 kB (152860 bytes) Hash321946b057d656e9fce49c71420167ce a38ddbfd1b79c1f527e251261a8770f9ea536aa3 e0514811e4b75a6721553c7ac0539ed22991669632b82c1cf9999e170ec03b39
GET /aas/r45d/vki/1941940/4d81a660.js HTTP/1.1
Host: divisiondrearilyunfiled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 22 May 2025 10:24:41 GMT
vary: Accept-Encoding
etag: W/"682efb69-255c0"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=u0zg926526hx377438944p3e8scdx246 | 172.64.146.234 | 200 OK | 65 B |
URL GET my.rtmark.net/gid.js?userId=u0zg926526hx377438944p3e8scdx246 IP172.64.146.234:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82 ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT
Hash078802ab84901b8d4851dd1626982994 dfb9ba7f003fd30e2c39bfb8c92c66b11eec16c3 be7c4d446133cb844b44f4e5841349945794bd9fdb68a1d3ed9fea696cbe5fb0
GET /gid.js?userId=u0zg926526hx377438944p3e8scdx246 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: ID=0801d95c930b4b08fbc308a7098c893a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doply.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801d95c930b4b08fbc308a7098c893a; expires=Sat, 30 May 2026 10:29:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 947d8cdf58e3568b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| ukankingwithea.com/ | 104.21.112.1 | 200 OK | 27 B |
IP104.21.112.1:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectukankingwithea.com Fingerprint02:15:28:2A:F2:F8:5D:3A:DE:6D:1D:DC:CF:6D:06:BA:00:3A:63:70 ValidityTue, 29 Apr 2025 13:46:48 GMT - Mon, 28 Jul 2025 14:44:24 GMT
File typeASCII text, with no line terminators Hash3ce832125dcee340a568dbdcd42cf5d7 8b85c8efb4ce4dcbd7963e21894fd1c5fba1238e 192d0dfdebd17cba874af3866e308b037e1bdd67f830297806df6d8200d336a4
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:25 GMT
content-type: text/plain
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: https://doply.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EkWhIe34YB0XY5we6ZWVbMzbIE5XIHOt0ZVZp9yin9edU46oqcwp7wLoLqQoE9rTjXj7Mhc9KXFnH8RobQf0ti4EKW0UYNTnhe0DqyuWyWM%3D"}]}
content-encoding: br
set-cookie: csu=2184094497790471@1@1748600965; SameSite=None; Secure; Max-Age=31104000
cf-ray: 947d8ce11f7b0b55-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/4857535?excludes=&oaid=0801d95c930b4b08fbc308a7098c893a&var=&ymid=&tgp=&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.104 | 200 OK | 2.2 kB |
URL GET betotodilea.com/500/4857535?excludes=&oaid=0801d95c930b4b08fbc308a7098c893a&var=&ymid=&tgp=&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.104:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectbetotodilea.com Fingerprint52:DD:84:C3:DF:8B:D7:F5:39:6F:8F:B6:E3:0A:14:B3:B2:C8:75:06 ValidityWed, 09 Apr 2025 02:23:21 GMT - Tue, 08 Jul 2025 02:23:20 GMT
Hashae445e5ee6c1486ced9a35694cb9ca51 883a1249b2da64244a808f83d95383eac99ec39b 3cd33312be0cb6fd3e2f77c7c3e998ad7df40aa8b4eb6c04997a79c09accf6bb
GET /500/4857535?excludes=&oaid=0801d95c930b4b08fbc308a7098c893a&var=&ymid=&tgp=&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: OAID=u0zg926526hx377438944p3e8scdx246
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:28 GMT
content-type: application/javascript
x-trace-id: 17732e74ab0d881470fa13ecb0885db6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://doply.net
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
set-cookie: OAID=0801d95c930b4b08fbc308a7098c893a; expires=Sat, 30 May 2026 10:29:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/theme_2/fonts/avertastd-bold-webfont.woff2 | 172.67.75.50 | 200 OK | 24 kB |
URL GET i.doodcdn.io/theme_2/fonts/avertastd-bold-webfont.woff2 IP172.67.75.50:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23604, version 1.0 Hashe9133fd11f14c09a2e4556c395a0ef7d 00fad09605f3342df5c9aeba130156fe19ade8b0 06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91
GET /theme_2/fonts/avertastd-bold-webfont.woff2 HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: font/woff2
content-length: 23604
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd1f8cb0b55-OSL
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sat, 28 Jun 2025 11:22:28 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 67108
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxNc29B5GU2cxT9aYPxIqSpDxxuVvcFlpvKD4eLW%2FTHE0s8W62RPxqbKy%2Bib2%2BSHkVOFDLAOtf3OiZ%2FJ7geYO3ruXWsC2K9Sx3Eq4iC3sZ9lWqnzqiVFClpGUM27uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7550&min_rtt=7477&rtt_var=2949&sent=23&recv=10&lost=0&retrans=0&sent_bytes=16189&recv_bytes=1999&delivery_rate=79500&cwnd=12000&unsent_bytes=0&cid=103bbd9b95669f5f&ts=100&x=1", cfExtPri, cfHdrFlush;dur=9
|
|
| du0pud0sdlmzf.cloudfront.net/?dupud=908057 | 3.167.7.49 | 200 OK | 320 kB |
URL GET du0pud0sdlmzf.cloudfront.net/?dupud=908057 IP3.167.7.49:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerAmazon Subject*.cloudfront.net Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72 ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (38488) Size320 kB (320398 bytes) Hash2e708b9feb386bef2d0f6ac8e3ad8935 10c784d775c655f51a4e557f587819cf71a23bc8 65de76a427d9bf149475a9c2f0e4ebcf5765e6b43678e71a694f958db1535d7b
GET /?dupud=908057 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 106759
date: Fri, 30 May 2025 10:29:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 3ecfca26003921b3f6dfb1a287300c24.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: _YAwfHMqjiQd6Row8Z7rTZNVMFw8CXC5egmhdp8qcvWNrN3MTo_Okg==
X-Firefox-Spdy: h2
|
|
| cdn.tsyndicate.com/ed85951b219e49ffa74b7b74a3c8089c.js | 45.133.44.70 | 404 Not Found | 0 B |
URL GET cdn.tsyndicate.com/ed85951b219e49ffa74b7b74a3c8089c.js IP45.133.44.70:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectcdn.tsyndicate.com FingerprintC8:21:B5:22:CE:B2:90:D0:CE:CF:F7:57:FA:B4:14:52:BA:AF:3B:EF ValidityFri, 04 Apr 2025 07:32:05 GMT - Thu, 03 Jul 2025 07:32:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ed85951b219e49ffa74b7b74a3c8089c.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 30 May 2025 10:29:24 GMT
content-type: text/html; charset=utf-8
server: nginx
content-encoding: gzip
x-cdn-host-id: ah1742,ds9893
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| divisiondrearilyunfiled.com/check.html | 94.242.247.24 | 200 OK | 926 B |
URL GET divisiondrearilyunfiled.com/check.html IP94.242.247.24:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject FingerprintCF:34:D4:54:A1:7A:18:F4:1A:75:2E:BB:C8:B3:74:87:96:B5:A3:6C ValidityMon, 03 Mar 2025 23:54:00 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeHTML document, ASCII text Hash088dba8e97eede53134c93219f7ebbae adb707654d1fe0af7d0d7a9f55660d22bd3625e4 6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff
GET /check.html HTTP/1.1
Host: divisiondrearilyunfiled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:24 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 19 May 2025 08:12:42 GMT
vary: Accept-Encoding
etag: W/"682ae7fa-39e"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| divisiondrearilyunfiled.com/solid.gif?z=1941940&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=dbQQaVJaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&ix=0&x=1110&y=624&md=0&psu=fM8Ib7taHR0cHM6Ly9kb3BseS5uZXQvZS84ZmNkaWltajN3eXY&afid=8277370637394944&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&vp=1&dto=2&im=1&noch=1&de=0&cs=5 | 94.242.247.24 | 200 OK | 43 B |
URL POST divisiondrearilyunfiled.com/solid.gif?z=1941940&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=dbQQaVJaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&ix=0&x=1110&y=624&md=0&psu=fM8Ib7taHR0cHM6Ly9kb3BseS5uZXQvZS84ZmNkaWltajN3eXY&afid=8277370637394944&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&vp=1&dto=2&im=1&noch=1&de=0&cs=5 IP94.242.247.24:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject FingerprintCF:34:D4:54:A1:7A:18:F4:1A:75:2E:BB:C8:B3:74:87:96:B5:A3:6C ValidityMon, 03 Mar 2025 23:54:00 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28e463819a210071de3b45ebe7633613 6dccd571828ec0912629119cf7eabfea9f33ddbc 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1941940&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=dbQQaVJaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&ix=0&x=1110&y=624&md=0&psu=fM8Ib7taHR0cHM6Ly9kb3BseS5uZXQvZS84ZmNkaWltajN3eXY&afid=8277370637394944&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&vp=1&dto=2&im=1&noch=1&de=0&cs=5 HTTP/1.1
Host: divisiondrearilyunfiled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:25 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Fri, 03 Jul 2026 10:29:25 GMT; Secure; SameSite=None
UID=250530052906346947524742488c1a488cb2; Path=/; Expires=Fri, 03 Jul 2026 10:29:25 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| divisiondrearilyunfiled.com/get/1941940?zoneid=1941940&jp=_clzovivqdddozzowandacx&dr=49&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=dbQQaVJaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&ix=0&x=1110&y=624&md=0&psu=fM8Ib7taHR0cHM6Ly9kb3BseS5uZXQvZS84ZmNkaWltajN3eXY&afid=8277370637394944&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&vp=1&dto=2&im=1&noch=1&de=0&cs=5&uf=0 | 94.242.247.24 | 200 OK | 3.4 kB |
URL GET divisiondrearilyunfiled.com/get/1941940?zoneid=1941940&jp=_clzovivqdddozzowandacx&dr=49&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=dbQQaVJaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&ix=0&x=1110&y=624&md=0&psu=fM8Ib7taHR0cHM6Ly9kb3BseS5uZXQvZS84ZmNkaWltajN3eXY&afid=8277370637394944&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&vp=1&dto=2&im=1&noch=1&de=0&cs=5&uf=0 IP94.242.247.24:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject FingerprintCF:34:D4:54:A1:7A:18:F4:1A:75:2E:BB:C8:B3:74:87:96:B5:A3:6C ValidityMon, 03 Mar 2025 23:54:00 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeASCII text, with very long lines (3394), with no line terminators Hashef3516c9b21afce98533ee872d6d3f65 d02dfae28e2bbbfea49a2249b30deb5814699741 859d7678171c213b8bde1931e5489e707f61a2628f0d2080493ed94a58e8e6fa
GET /get/1941940?zoneid=1941940&jp=_clzovivqdddozzowandacx&dr=49&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&psr=dbQQaVJaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&ix=0&x=1110&y=624&md=0&psu=fM8Ib7taHR0cHM6Ly9kb3BseS5uZXQvZS84ZmNkaWltajN3eXY&afid=8277370637394944&caifrq=ADMZOgAAAAAAAAAB&eclog=0&snc=0&ssc=2&vp=1&dto=2&im=1&noch=1&de=0&cs=5&uf=0 HTTP/1.1
Host: divisiondrearilyunfiled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:25 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=250530052957e986adacfc4de7a2ca4788d7; Path=/; Expires=Fri, 03 Jul 2026 10:29:25 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Fri, 03 Jul 2026 10:29:25 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| doodstream.com/ |  185.178.208.163 | 403 Forbidden | 0 B |
IP185.178.208.163:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectdoodstream.com FingerprintB3:E8:9E:E2:B5:EB:13:9C:9A:10:12:F6:D8:7F:F1:B8:C4:B9:28:3D ValidityWed, 28 May 2025 09:17:49 GMT - Tue, 26 Aug 2025 09:17:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: doodstream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Referer: https://doply.net/
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: ddos-guard
set-cookie: __ddg8_=J8ShVTp9miToswAj; Domain=.doodstream.com; Path=/; Expires=Fri, 30-May-2025 10:49:27 GMT
__ddg10_=1748600967; Domain=.doodstream.com; Path=/; Expires=Fri, 30-May-2025 10:49:27 GMT
__ddg9_=91.90.42.154; Domain=.doodstream.com; Path=/; Expires=Fri, 30-May-2025 10:49:27 GMT
__ddg1_=bOWgy2VMWHtVCPkeEKh2; Domain=.doodstream.com; HttpOnly; Path=/; Expires=Sat, 30-May-2026 10:29:27 GMT
content-security-policy: upgrade-insecure-requests;
date: Fri, 30 May 2025 10:29:27 GMT
content-type: text/html
content-length: 159
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/img/no_video_3.svg | 172.67.75.50 | 200 OK | 2.8 kB |
URL GET i.doodcdn.io/img/no_video_3.svg IP172.67.75.50:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeSVG Scalable Vector Graphics image Hash077bfdaa49ae4877a42611b739ec4752 a2f9e1222b7af9abc05122411ab8902efcc08ead 70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: image/svg+xml
content-length: 2812
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8ccecc18b517-OSL
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Sun, 29 Jun 2025 05:02:17 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 15910
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6OmTD2nNCTem1eV7qKyW53MMRbQsololxNdg4opia5%2BL6Hj3fT637%2F%2BhaFzhOivhBXqLV4vhOKeAe43xz7JWh838CaZ42mkXUp0ee084PXz4kaHwqmdJyOzirROVRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1385&min_rtt=437&rtt_var=1446&sent=60&recv=16&lost=0&retrans=0&sent_bytes=69940&recv_bytes=1401&delivery_rate=13138300&cwnd=254&unsent_bytes=0&cid=bab63a4f26a86a92&ts=176&x=0"
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js | 172.64.146.234 | 200 OK | 65 B |
IP172.64.146.234:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82 ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT
Hash078802ab84901b8d4851dd1626982994 dfb9ba7f003fd30e2c39bfb8c92c66b11eec16c3 be7c4d446133cb844b44f4e5841349945794bd9fdb68a1d3ed9fea696cbe5fb0
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doply.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801d95c930b4b08fbc308a7098c893a; expires=Sat, 30 May 2026 10:29:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 947d8cd65bbd568f-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vacdn.tsyndicate.com/videos/6/0/5f67644275ca05cb63543c6c1b61c34d96efb8/440x240.mp4 | 45.133.44.71 | 206 Partial Content | 66 kB |
URL GET vacdn.tsyndicate.com/videos/6/0/5f67644275ca05cb63543c6c1b61c34d96efb8/440x240.mp4 IP45.133.44.71:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectvacdn.tsyndicate.com Fingerprint4A:16:30:0B:02:D9:FA:22:C5:D1:89:E3:BE:C0:73:90:00:19:35:D1 ValidityTue, 08 Apr 2025 06:18:34 GMT - Mon, 07 Jul 2025 06:18:33 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash9e9fbf43188c9ad48983121ce77e68a3 e1ef7d0496ea84ccdbfcd96979b3b6134c7ea02c e5b8954b218dce3b0c6a1de715d96fdfbebdf2966f40f573033ec24847e573d4
GET /videos/6/0/5f67644275ca05cb63543c6c1b61c34d96efb8/440x240.mp4 HTTP/1.1
Host: vacdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 30 May 2025 10:29:27 GMT
content-type: video/mp4
content-length: 822654
server: nginx/1.20.1
cache-control: max-age=1209600
last-modified: Sun, 29 Dec 2024 13:56:38 GMT
access-control-allow-origin: *
etag: "67715516-c8d7e"
expires: Fri, 13 Jun 2025 10:29:27 GMT
vary: Accept-Encoding
x-cdn-host-id: ds9612,ds9893
x-proxy-cache: HIT
content-range: bytes 0-822653/822654
X-Firefox-Spdy: h2
|
|
| doply.net/sw.js | 172.67.68.122 | 200 OK | 103 kB |
IP172.67.68.122:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoply.net Fingerprint4E:5D:5F:2C:19:38:42:0B:22:C2:28:41:55:6E:DA:EC:FA:5E:1A:AF ValiditySun, 18 May 2025 10:09:34 GMT - Sat, 16 Aug 2025 11:07:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size103 kB (102634 bytes) Hash5a640158e056b33f4b8d128d6391abfe 771038c5e54ac3ea809bf5243aa17214ada6faeb 38a182529482fb6c78544580680b0fcd567260a220e36f8b208f65043289469e
GET /sw.js HTTP/1.1
Host: doply.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/d/8fcdiimj3wyv
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: application/javascript
content-length: 38291
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 947d8ccdeaa556b7-OSL
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: public, max-age=2592000
expires: Sun, 24 May 2026 15:50:05 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 499157
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sUFXQEew3fMAde7WP%2ByLEYjx89ji7nobp5IG3tGTa7B2knUJPybsVlMvOVqEN6X1htRlPcs2RtnxlPjMBuEr1zuVCG%2BY6G1uqlUpFgTbXozUYzIRRS2XlfYHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=2885&min_rtt=455&rtt_var=4634&sent=14&recv=19&lost=0&retrans=0&sent_bytes=10014&recv_bytes=1386&delivery_rate=8100699&cwnd=257&unsent_bytes=0&cid=3dfafc40a8dfcaaf&ts=506&x=0"
X-Firefox-Spdy: h2
|
|
| isolatedovercomepasted.com/jserror?type=banner&abvar=0&build=1.0.550&zoneid=1841674&e=Error&m=BCLC&aa=0&trid=&url=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv | 94.242.247.24 | 200 OK | 0 B |
URL GET isolatedovercomepasted.com/jserror?type=banner&abvar=0&build=1.0.550&zoneid=1841674&e=Error&m=BCLC&aa=0&trid=&url=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject FingerprintBB:6D:E1:77:DE:80:15:9D:0B:90:58:D2:8F:D7:8F:9A:59:F5:B5:53 ValidityMon, 03 Mar 2025 23:53:40 GMT - Sat, 30 Aug 2025 21:59:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jserror?type=banner&abvar=0&build=1.0.550&zoneid=1841674&e=Error&m=BCLC&aa=0&trid=&url=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv HTTP/1.1
Host: isolatedovercomepasted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: cart=1; cart_p=2; CHCK=1; UID=25053005296b0da80030b649f0929af6465b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:26 GMT
content-type: application/octet-stream
content-length: 0
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=u0zg926526hx377438944p3e8scdx246 | 172.64.146.234 | 200 OK | 65 B |
URL GET my.rtmark.net/gid.js?userId=u0zg926526hx377438944p3e8scdx246 IP172.64.146.234:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint61:93:FB:BF:25:C3:CE:7B:CB:69:5D:87:04:AA:ED:1B:35:8D:44:82 ValidityFri, 02 May 2025 11:10:51 GMT - Thu, 31 Jul 2025 12:10:47 GMT
Hash078802ab84901b8d4851dd1626982994 dfb9ba7f003fd30e2c39bfb8c92c66b11eec16c3 be7c4d446133cb844b44f4e5841349945794bd9fdb68a1d3ed9fea696cbe5fb0
GET /gid.js?userId=u0zg926526hx377438944p3e8scdx246 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: ID=0801d95c930b4b08fbc308a7098c893a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://doply.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0801d95c930b4b08fbc308a7098c893a; expires=Sat, 30 May 2026 10:29:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
priority: u=3,i=?0
server: cloudflare
cf-ray: 947d8ce7e8a3568b-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| tzegilo.com/stattag.js | 104.21.11.245 | 200 OK | 18 kB |
IP104.21.11.245:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjecttzegilo.com FingerprintBD:3B:17:0D:E4:BF:2D:A2:D2:DE:AD:AD:5B:4E:50:C8:BC:18:2A:3A ValiditySat, 17 May 2025 12:47:13 GMT - Fri, 15 Aug 2025 13:41:30 GMT
File typeJavaScript source, ASCII text, with very long lines (17229) Hash01227f5edc20e0ff4ed643b27cb8bb68 d71a88f7341f2b1bdaa7deb9a66888607bd52598 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:26 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iIrkPkIJ5Ya%2B9isabY%2Bp82wqnJJiGKg%2FesaLl6OX7Sp7qzDvC4TBM2G3S5ljyWyCEkOsBop7pwIcUPHBwzzKOAyIraGEjTeuEYB%2B"}]}
age: 3211
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
content-encoding: br
cf-ray: 947d8cea885eb605-PRG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js | 104.17.24.14 | 200 OK | 88 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 947d8cce2fbd56ae-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 32450
expires: Wed, 20 May 2026 10:29:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWB%2F682XVCNMDdgwlzDjgTbwCEKEu44%2FvI9%2BwF3LNsd%2Bqk7AKugTL7vMUeezHCMxa%2BucWcNAvj%2BCtmXMnKhvMlCpBGEartoxiSjFHl3luV%2BCY%2BHpUBtRLlaqQyRfWBa70zj4ptzP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| playhubconnect.com/bn/bf3/7d0/56d/bf37d056d84d92ce50d337c48e4cb6ab143cda69.mp4 | 104.18.14.39 | 206 Partial Content | 953 kB |
URL GET playhubconnect.com/bn/bf3/7d0/56d/bf37d056d84d92ce50d337c48e4cb6ab143cda69.mp4 IP104.18.14.39:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectplayhubconnect.com Fingerprint2D:1F:FB:2B:88:35:8C:8D:A2:9A:DC:7D:D0:1A:7E:79:7F:76:1A:AA ValidityMon, 19 May 2025 17:44:53 GMT - Sun, 17 Aug 2025 18:44:46 GMT
File typeISO Media, MP4 v2 [ISO 14496-14] Size953 kB (952885 bytes) Hash87ef915cc39e1ca0204ebda8289b4f52 bf37d056d84d92ce50d337c48e4cb6ab143cda69 a5c2f77a616c7caf3801bb24f99ee6ac1c6cc2bc85c0d79f4224779e39a16249
GET /bn/bf3/7d0/56d/bf37d056d84d92ce50d337c48e4cb6ab143cda69.mp4 HTTP/1.1
Host: playhubconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Fri, 30 May 2025 10:29:25 GMT
content-type: video/mp4
content-length: 952885
x-amz-id-2: HD0L/UjDOsrgKzgLcNnxtcUoUtk/2Bg3WeJ4EerewbaHdRR76LfYt6HOb5OH9O/4njtj19Rgl+A=
x-amz-request-id: 01Z1A3SEZWF3GS1G
last-modified: Thu, 20 Mar 2025 14:21:13 GMT
etag: "87ef915cc39e1ca0204ebda8289b4f52"
x-amz-server-side-encryption: AES256
cf-cache-status: HIT
age: 2008641
expires: Mon, 30 Jun 2025 10:29:25 GMT
cache-control: public, max-age=2678400
content-range: bytes 0-952884/952885
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 947d8ce38dd05689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 | 142.250.74.35 | 200 OK | 40 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 IP142.250.74.35:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0 Hash9a01b69183a9604ab3a439e388b30501 8ed1d59003d0dbe6360481017b44665153665fbe 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 10:03:46 GMT
expires: Fri, 29 May 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 87952
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/img/no_video_3.svg | 172.67.75.50 | 200 OK | 2.8 kB |
URL GET i.doodcdn.io/img/no_video_3.svg IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeSVG Scalable Vector Graphics image Hash077bfdaa49ae4877a42611b739ec4752 a2f9e1222b7af9abc05122411ab8902efcc08ead 70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: image/svg+xml
content-length: 2812
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd89842b4fd-OSL
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Sun, 29 Jun 2025 05:02:17 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 15911
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XyoinJfBbz0gjRZ8npT1OnD5jxQI964EpdrAJth%2BCbhkJ6N1fGKbWZcWegxWN9pL51StawZDgC5BU1ZrtUvulcWxYxYugcTF8hcYJ95UZT0bO0g2GQMODSd4tHhSng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4172&min_rtt=1719&rtt_var=1714&sent=134&recv=15&lost=0&retrans=0&sent_bytes=142198&recv_bytes=2384&delivery_rate=512818&cwnd=96000&unsent_bytes=0&cid=d1ab40f45877a52d&ts=1537&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| cdnjs.cloudflare.com/ajax/libs/videojs-hotkeys/0.2.28/videojs.hotkeys.min.js | 104.17.24.14 | 200 OK | 4.6 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/videojs-hotkeys/0.2.28/videojs.hotkeys.min.js IP104.17.24.14:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, ASCII text, with very long lines (4505) Hashf2ecb2bd8a424c8e8cf507ce8bd933c2 3cbc08ca052ea25c3b0834b9291a3ca1e9122e26 4c0745052abbb26087a707bb0a043b43c393674055ba2d4452ac89e6923eb099
GET /ajax/libs/videojs-hotkeys/0.2.28/videojs.hotkeys.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 1571
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 947d8cd61f055690-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630ad3e5-623"
last-modified: Sun, 28 Aug 2022 02:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 650747
expires: Wed, 20 May 2026 10:29:23 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeVDiRbbSzkvMkYQQO9y6MnetFUf2uIPLJQryh9WFpUlfpx3mt7UbIBuqVozx%2B0GOkjx42ud3bXrh4mEfjwhlqPMOuo5GDt16iPMN74q5F3%2BXQcYambpM%2F4cKn8LqhUDT%2BsvWcmx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 142.250.147.84 | 302 Found | 0 B |
URL GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP142.250.147.84:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectaccounts.google.com FingerprintB1:06:D8:49:F1:03:BE:43:D7:79:D9:25:25:FE:92:54:6C:93:0B:54 ValidityMon, 12 May 2025 08:44:47 GMT - Mon, 04 Aug 2025 08:44:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:gO9hd6-bh_53UwaLT_DeZU6cAfpD3g:g6Gy872HmP---wbb; Expires=Sun, 30-May-2027 10:29:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 May 2025 10:29:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdBytiPgkFeT84CIwpy_oqmVpJsGuwEEYoV1w2u6PPjFCW9ewG8YNNUk2ynplzeT7aT4rDjzPOgkMw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-UjPAtwXgs6zkHzgNZAUUJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYuVFGzIwbZMi0MDOjZAsaOWrQaJGDBg4YLXDUIJPjhpgxEcvYuCHiYZg6YzLGsGGmjJkwNnKwDAPDzMkYMWa08FgjzNQxVWWEYUpyZ0-IZOxQLHkDhoyHcOqIWShjRo0bMipChANnoY2XMGg8nANnog4aN2zQEHzj4Zg2dXXcGBpjsU8yZuzOeCjGjZuFNGBEvQH4YRs3GBnOkCEDBtrPoRvLqCG3jhw2mEnPEOxQRB0ZGdHQoQNnjo4XL47CQfOmzpwyLsa8afOCTnE5P-rQafMFJ-Iwac646YHdRRs8WbjUgWHWhnTqyt3QKaO-Bxw5CN-wYSOevAzz07-sl9PGvRsyctRX3hxq9RBHGWOwoUQbeeQghRJDoEEGHEmgAQMbc9CARA53RFHEHWcEwYYdbrBBhBIzoBFHhkuoWMYceLSwxBQwGKFEGjgkQQQOMaAhxRJkiMGGFko0cUMceKxhxRVqNKGEGHU0IUUZBw5x5BRNODFDFngQEUYMMpBxhx1a5CDDkVHEoYcWMOQwRx5xVBHFF2dUoaMUVaTxFRnLZcQnHGzk4YIbZUxkWBh-bTFDDF1QFpkOMLig2UNy2JGYDabZVoeeOohQwww45DBGDGOIVEMNZsRw0k4wiUGTVTOJIUYZNeSQQxg42FDGV2kkJkIOMbiQQ6Q0yOBCQzR8JccXvWYErLDEGovsV3WEkVETb-iRxnxhvFCDpCCgcEUa_71xxxwgOEEFCDFECsMOIIzrhmDw4kEvCJWKRoOkKYBwBIJrvPFCae1qphkIRqQBnxlv4PFCVPvC8NUYQXXqxBNfvbEsxRld_BUbFYtQhBN7lmHHF_DBxtBbN-AwG16UasdWDTgUJsJBJ4shx0I44PAQzl-08QYZbOUqF4BvLDSZCG8o9BdacjScx0K1Lfue1FT_nMdlOtAhRx1lUGpUbrv19tsLfwY6aKEvfDVHpRlFTQeiGrdQhxtp0NFCWS6QMSpuDzUNN0My2NpmVPf9HPJBX_gN5lfTUcRZruTlYIMNFrWBG0OTY9rm5ZbXZhDKL8LxBaKSu-S55ZiLYPLpbCBEh9OKVjQDDY1CJIZfNxv1ExuGigBoxZmOEVrxaCy0hQhfNf-Q88w_L3301EPffBd9KBAQ&s=3414a2996c7d9a9a9942b80c63de1b24def5197aaed96e4a38d66483b55b88921748600966 | 136.243.51.205 | 200 OK | 43 B |
URL GET pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYuVFGzIwbZMi0MDOjZAsaOWrQaJGDBg4YLXDUIJPjhpgxEcvYuCHiYZg6YzLGsGGmjJkwNnKwDAPDzMkYMWa08FgjzNQxVWWEYUpyZ0-IZOxQLHkDhoyHcOqIWShjRo0bMipChANnoY2XMGg8nANnog4aN2zQEHzj4Zg2dXXcGBpjsU8yZuzOeCjGjZuFNGBEvQH4YRs3GBnOkCEDBtrPoRvLqCG3jhw2mEnPEOxQRB0ZGdHQoQNnjo4XL47CQfOmzpwyLsa8afOCTnE5P-rQafMFJ-Iwac646YHdRRs8WbjUgWHWhnTqyt3QKaO-Bxw5CN-wYSOevAzz07-sl9PGvRsyctRX3hxq9RBHGWOwoUQbeeQghRJDoEEGHEmgAQMbc9CARA53RFHEHWcEwYYdbrBBhBIzoBFHhkuoWMYceLSwxBQwGKFEGjgkQQQOMaAhxRJkiMGGFko0cUMceKxhxRVqNKGEGHU0IUUZBw5x5BRNODFDFngQEUYMMpBxhx1a5CDDkVHEoYcWMOQwRx5xVBHFF2dUoaMUVaTxFRnLZcQnHGzk4YIbZUxkWBh-bTFDDF1QFpkOMLig2UNy2JGYDabZVoeeOohQwww45DBGDGOIVEMNZsRw0k4wiUGTVTOJIUYZNeSQQxg42FDGV2kkJkIOMbiQQ6Q0yOBCQzR8JccXvWYErLDEGovsV3WEkVETb-iRxnxhvFCDpCCgcEUa_71xxxwgOEEFCDFECsMOIIzrhmDw4kEvCJWKRoOkKYBwBIJrvPFCae1qphkIRqQBnxlv4PFCVPvC8NUYQXXqxBNfvbEsxRld_BUbFYtQhBN7lmHHF_DBxtBbN-AwG16UasdWDTgUJsJBJ4shx0I44PAQzl-08QYZbOUqF4BvLDSZCG8o9BdacjScx0K1Lfue1FT_nMdlOtAhRx1lUGpUbrv19tsLfwY6aKEvfDVHpRlFTQeiGrdQhxtp0NFCWS6QMSpuDzUNN0My2NpmVPf9HPJBX_gN5lfTUcRZruTlYIMNFrWBG0OTY9rm5ZbXZhDKL8LxBaKSu-S55ZiLYPLpbCBEh9OKVjQDDY1CJIZfNxv1ExuGigBoxZmOEVrxaCy0hQhfNf-Q88w_L3301EPffBd9KBAQ&s=3414a2996c7d9a9a9942b80c63de1b24def5197aaed96e4a38d66483b55b88921748600966 IP136.243.51.205:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjecttsyndicate.com Fingerprint1D:36:B3:AC:76:33:5C:64:BB:85:FE:5B:BA:AC:41:0D:8B:F7:20:65 ValidityTue, 25 Mar 2025 00:07:40 GMT - Mon, 23 Jun 2025 00:07:39 GMT
File typeGIF image data, version 89a, 1 x 1 Hashba036c43037cfe89320d1ef7b64cd43f 88c72d3e26047eb1e45e5564a76427734f120efe 42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
GET /api/v1/p/p.gif?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYuVFGzIwbZMi0MDOjZAsaOWrQaJGDBg4YLXDUIJPjhpgxEcvYuCHiYZg6YzLGsGGmjJkwNnKwDAPDzMkYMWa08FgjzNQxVWWEYUpyZ0-IZOxQLHkDhoyHcOqIWShjRo0bMipChANnoY2XMGg8nANnog4aN2zQEHzj4Zg2dXXcGBpjsU8yZuzOeCjGjZuFNGBEvQH4YRs3GBnOkCEDBtrPoRvLqCG3jhw2mEnPEOxQRB0ZGdHQoQNnjo4XL47CQfOmzpwyLsa8afOCTnE5P-rQafMFJ-Iwac646YHdRRs8WbjUgWHWhnTqyt3QKaO-Bxw5CN-wYSOevAzz07-sl9PGvRsyctRX3hxq9RBHGWOwoUQbeeQghRJDoEEGHEmgAQMbc9CARA53RFHEHWcEwYYdbrBBhBIzoBFHhkuoWMYceLSwxBQwGKFEGjgkQQQOMaAhxRJkiMGGFko0cUMceKxhxRVqNKGEGHU0IUUZBw5x5BRNODFDFngQEUYMMpBxhx1a5CDDkVHEoYcWMOQwRx5xVBHFF2dUoaMUVaTxFRnLZcQnHGzk4YIbZUxkWBh-bTFDDF1QFpkOMLig2UNy2JGYDabZVoeeOohQwww45DBGDGOIVEMNZsRw0k4wiUGTVTOJIUYZNeSQQxg42FDGV2kkJkIOMbiQQ6Q0yOBCQzR8JccXvWYErLDEGovsV3WEkVETb-iRxnxhvFCDpCCgcEUa_71xxxwgOEEFCDFECsMOIIzrhmDw4kEvCJWKRoOkKYBwBIJrvPFCae1qphkIRqQBnxlv4PFCVPvC8NUYQXXqxBNfvbEsxRld_BUbFYtQhBN7lmHHF_DBxtBbN-AwG16UasdWDTgUJsJBJ4shx0I44PAQzl-08QYZbOUqF4BvLDSZCG8o9BdacjScx0K1Lfue1FT_nMdlOtAhRx1lUGpUbrv19tsLfwY6aKEvfDVHpRlFTQeiGrdQhxtp0NFCWS6QMSpuDzUNN0My2NpmVPf9HPJBX_gN5lfTUcRZruTlYIMNFrWBG0OTY9rm5ZbXZhDKL8LxBaKSu-S55ZiLYPLpbCBEh9OKVjQDDY1CJIZfNxv1ExuGigBoxZmOEVrxaCy0hQhfNf-Q88w_L3301EPffBd9KBAQ&s=3414a2996c7d9a9a9942b80c63de1b24def5197aaed96e4a38d66483b55b88921748600966 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:27 GMT
content-type: image/gif
content-length: 43
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/theme_2/css/bootstrap.min.css | 172.67.75.50 | 200 OK | 160 kB |
URL GET i.doodcdn.io/theme_2/css/bootstrap.min.css IP172.67.75.50:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeASCII text, with very long lines (65324) Size160 kB (159515 bytes) Hash7cc40c199d128af6b01e74a28c5900b0 d305110fb79113a961394b433d851a3410342b8c 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: text/css
content-length: 23688
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8ccedc2db517-OSL
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: public, max-age=2592000
expires: Fri, 29 May 2026 06:42:17 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 21791
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJRYjJYIAQaGk6xlbJdUqdp1vcn4vrC1VUGVcog79g54dl9FFdvVz649bYWHNDRT46%2BmtrjigeydnIbxqeoVY7IKtUSUgESRZL4qccZPZ6SVR%2F00tcLcoCH2RDuKtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=808&min_rtt=437&rtt_var=756&sent=7&recv=13&lost=0&retrans=0&sent_bytes=3268&recv_bytes=1401&delivery_rate=8119626&cwnd=254&unsent_bytes=0&cid=bab63a4f26a86a92&ts=127&x=0"
X-Firefox-Spdy: h2
|
|
| img.doodcdn.io/cover/pyzg20z1iuikk8my-rsckc5byql7f.jpg | 172.67.75.50 | 302 Found | 0 B |
URL GET img.doodcdn.io/cover/pyzg20z1iuikk8my-rsckc5byql7f.jpg IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cover/pyzg20z1iuikk8my-rsckc5byql7f.jpg HTTP/1.1
Host: img.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 30 May 2025 10:29:23 GMT
content-type: text/html
location: https://odw7bf.dood.video/404.html
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd68cfab4fd-OSL
access-control-allow-origin: *
cf-cache-status: BYPASS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fqgtj4tNt%2FtZzwZJNuUVO%2FRjUOvC7KQtlM5KE6DxU1F2zheu6EiUlqssVvTe%2BCSBk1bupRlE2wTTv09Ql%2Fw6%2Fd1Zq3U6YktYy131aLH9vwtwoouZ44R40bUGTZEmAD%2Bj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4522&min_rtt=3121&rtt_var=1351&sent=131&recv=13&lost=0&retrans=0&sent_bytes=141289&recv_bytes=2059&delivery_rate=3120867&cwnd=96000&unsent_bytes=0&cid=d1ab40f45877a52d&ts=1361&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| appointeeivyspongy.com/get/1841679?zoneid=1841679&pid=__clb-1841679_1&jp=_cllnsyguwczcvxdfzqwlvi&dr=52&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=MhqW3pKaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=6588520777075200&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&bp=3&uf=0&freq=0 | 94.242.247.24 | 200 OK | 5.3 kB |
URL GET appointeeivyspongy.com/get/1841679?zoneid=1841679&pid=__clb-1841679_1&jp=_cllnsyguwczcvxdfzqwlvi&dr=52&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=MhqW3pKaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=6588520777075200&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&bp=3&uf=0&freq=0 IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject Fingerprint22:0A:29:24:35:4B:B9:91:E2:D5:B4:B8:11:B7:D6:27:9C:32:E6:30 ValidityMon, 03 Mar 2025 23:53:54 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeASCII text, with very long lines (5328), with no line terminators Hash0c135f05ac66ebe66abea99018b16d3a 01153400a6f7785df22b320a1b8d3070e34ebe2c 6aedd6461b46373b4439d418e04343b5a180320eaa9498c21881e31af1aa382f
GET /get/1841679?zoneid=1841679&pid=__clb-1841679_1&jp=_cllnsyguwczcvxdfzqwlvi&dr=52&nojs=0&abvar=0&febuild=1.0.550&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=U6xMfJw0Ma-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=MhqW3pKaHR0cHM6Ly9kb3BseS5uZXQvZC84ZmNkaWltajN3eXY&afid=6588520777075200&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&bp=3&uf=0&freq=0 HTTP/1.1
Host: appointeeivyspongy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Fri, 03 Jul 2026 10:29:23 GMT; Secure; SameSite=None
UID=2505300529d29e00a5ab3b45ba81c782ea3d; Path=/; Expires=Fri, 03 Jul 2026 10:29:23 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
|
|
| hoptreeperrie.shop/gd/70849?md=eyJhIjo1NzI5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExMTB4NjI0IiwiciI6Imh0dHBzOi8vZG9wbHkubmV0L2QvOGZjZGlpbWozd3l2IiwicSI6Imh0dHBzOi8vZG9wbHkubmV0L2UvOGZjZGlpbWozd3l2IiwiaCI6NDU2NywibCI6ImVuLVVTIiwidCI6MCwieiI6MjUxNCwiayI6MCwidSI6IiIsImYiOnRydWUsIndoIjoiMTExMHg2MjQiLCJpaCI6IjEyODB4MTAyNCIsImUiOiJoaWpleHRsM2Y2NXA3dW8iLCJvIjp0cnVlLCJtIjoxNzQ4NjAwOTY0NTI1LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJDb3luZXNzJTIwR2VuZXZhJTIwcHJpdmF0ZSUyMC0lMjAxMTI2Mjg4MCUyMC0lMjBEb29kU3RyZWFtJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiUyMndpbmRvdyUzQTUlMjIlMkMlMjJsaXZlJTNBNCUyMiUyQyUyMnlvdSUzQTQlMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImhjIjo0OCwiYmwiOi0xLCJiYyI6MywidnYiOiJNZXNhIiwidnIiOiJsbHZtcGlwZSIsImFjIjowLCJjdCI6InVua25vd24iLCJjZXQiOiJ1bmtub3duIiwiY2RsbSI6LTEsImNkbCI6LTEsImNydHQiOi0xLCJ0bXMiOjEyMCwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&fc=h7q5T8idLKWMMrmW6iTG0g&pr=1YB8DBYXc1mTRxnxJxgO3A | 212.117.184.4 | 200 OK | 669 B |
URL POST hoptreeperrie.shop/gd/70849?md=eyJhIjo1NzI5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExMTB4NjI0IiwiciI6Imh0dHBzOi8vZG9wbHkubmV0L2QvOGZjZGlpbWozd3l2IiwicSI6Imh0dHBzOi8vZG9wbHkubmV0L2UvOGZjZGlpbWozd3l2IiwiaCI6NDU2NywibCI6ImVuLVVTIiwidCI6MCwieiI6MjUxNCwiayI6MCwidSI6IiIsImYiOnRydWUsIndoIjoiMTExMHg2MjQiLCJpaCI6IjEyODB4MTAyNCIsImUiOiJoaWpleHRsM2Y2NXA3dW8iLCJvIjp0cnVlLCJtIjoxNzQ4NjAwOTY0NTI1LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJDb3luZXNzJTIwR2VuZXZhJTIwcHJpdmF0ZSUyMC0lMjAxMTI2Mjg4MCUyMC0lMjBEb29kU3RyZWFtJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiUyMndpbmRvdyUzQTUlMjIlMkMlMjJsaXZlJTNBNCUyMiUyQyUyMnlvdSUzQTQlMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImhjIjo0OCwiYmwiOi0xLCJiYyI6MywidnYiOiJNZXNhIiwidnIiOiJsbHZtcGlwZSIsImFjIjowLCJjdCI6InVua25vd24iLCJjZXQiOiJ1bmtub3duIiwiY2RsbSI6LTEsImNkbCI6LTEsImNydHQiOi0xLCJ0bXMiOjEyMCwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&fc=h7q5T8idLKWMMrmW6iTG0g&pr=1YB8DBYXc1mTRxnxJxgO3A IP212.117.184.4:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjecthoptreeperrie.shop FingerprintC6:93:EA:0D:2E:33:EB:CD:93:C7:EA:53:6D:B5:0C:7B:CC:38:E5:85 ValidityTue, 22 Apr 2025 20:48:41 GMT - Mon, 21 Jul 2025 20:48:40 GMT
Hashdd7caf473ca49bfc887c49ced00d45c5 c187ba7a693d66537d8c1056f539551708f69989 6b15991a569329e461a50d9d1f23973c38d9e64ffa5305dd6a2f9f76ca2aa7ce
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /gd/70849?md=eyJhIjo1NzI5LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExMTB4NjI0IiwiciI6Imh0dHBzOi8vZG9wbHkubmV0L2QvOGZjZGlpbWozd3l2IiwicSI6Imh0dHBzOi8vZG9wbHkubmV0L2UvOGZjZGlpbWozd3l2IiwiaCI6NDU2NywibCI6ImVuLVVTIiwidCI6MCwieiI6MjUxNCwiayI6MCwidSI6IiIsImYiOnRydWUsIndoIjoiMTExMHg2MjQiLCJpaCI6IjEyODB4MTAyNCIsImUiOiJoaWpleHRsM2Y2NXA3dW8iLCJvIjp0cnVlLCJtIjoxNzQ4NjAwOTY0NTI1LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJDb3luZXNzJTIwR2VuZXZhJTIwcHJpdmF0ZSUyMC0lMjAxMTI2Mjg4MCUyMC0lMjBEb29kU3RyZWFtJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiUyMndpbmRvdyUzQTUlMjIlMkMlMjJsaXZlJTNBNCUyMiUyQyUyMnlvdSUzQTQlMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImhjIjo0OCwiYmwiOi0xLCJiYyI6MywidnYiOiJNZXNhIiwidnIiOiJsbHZtcGlwZSIsImFjIjowLCJjdCI6InVua25vd24iLCJjZXQiOiJ1bmtub3duIiwiY2RsbSI6LTEsImNkbCI6LTEsImNydHQiOi0xLCJ0bXMiOjEyMCwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&fc=h7q5T8idLKWMMrmW6iTG0g&pr=1YB8DBYXc1mTRxnxJxgO3A HTTP/1.1
Host: hoptreeperrie.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
Content-Type: application/json
Content-Length: 82
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 30 May 2025 10:29:24 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://doply.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Sat, 31-May-2025 10:29:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 31-May-2025 10:29:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js | 104.17.24.14 | 200 OK | 90 kB |
URL GET cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77 ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 947d8cd60eca5690-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 31349
expires: Wed, 20 May 2026 10:29:23 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reeOAXsT8M8iibDy5Bik5x3yOKAAVZUQumPSNvUWYpsh6iRnZeVLoQpOJ2ANtHHAa5SZIKp5%2Fuog9B5xOCam2lsFFxLDRKqpjbulL8n1r7bVe6DSEUAApLkIaAko%2F7HmKxo1YLV5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| ads.quality-traffic.com/ad-loader.js | 104.21.2.173 | 200 OK | 464 B |
URL GET ads.quality-traffic.com/ad-loader.js IP104.21.2.173:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectquality-traffic.com Fingerprint4E:64:8D:53:45:D9:6A:2E:C2:EB:5E:57:01:14:6D:20:70:6B:76:67 ValidityFri, 04 Apr 2025 03:24:44 GMT - Thu, 03 Jul 2025 04:21:13 GMT
Hashbd76bfa1a2ec0b05f65ba9978f0b165d af49e57250656895321c90dc1e9accced7fc1773 c4373554e46182ba0ce960e6722c34167f71218b3301b348c512c699efccddbf
GET /ad-loader.js HTTP/1.1
Host: ads.quality-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:24 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-accel-version: 0.01
last-modified: Wed, 19 Mar 2025 20:14:07 GMT
etag: W/"1d0-630b7a9e81fed"
x-powered-by: PleskLin
content-encoding: br
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fbfvzqiBfa12fy%2BFZnVKZbuDiSkfoysYweA7rgxWIMPgfrfFOYTDYxrpITJNem9bvgeDWNv0NCDtM768Ruq%2F4k74zGyqKe0NQiCXh%2BXVk%2F5Srl9jf12E"}]}
cf-ray: 947d8cda9d013009-PRG
X-Firefox-Spdy: h2
|
|
| hebenefitssheasht.com/ZHllaFNLRgYbbgBIJysGLBUtCQsUEzEDZg8aIj4ZNUsBWgohCkMcOgBEXFhiVkxdTiMNHVhaakIKEQknEQpYWXUNFwMHbkIPWFl9VFdTWH1QXxBVYkINFQk0WUhDGCcQFVhZZFBBU1hjXU9RW2BW | 188.114.97.1 | 204 No Content | 0 B |
URL GET hebenefitssheasht.com/ZHllaFNLRgYbbgBIJysGLBUtCQsUEzEDZg8aIj4ZNUsBWgohCkMcOgBEXFhiVkxdTiMNHVhaakIKEQknEQpYWXUNFwMHbkIPWFl9VFdTWH1QXxBVYkINFQk0WUhDGCcQFVhZZFBBU1hjXU9RW2BW IP188.114.97.1:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjecthebenefitssheasht.com FingerprintED:8B:52:5D:3B:8F:DF:14:28:3A:16:CE:D9:C0:54:E8:35:84:04:03 ValidityTue, 22 Apr 2025 10:33:19 GMT - Mon, 21 Jul 2025 11:31:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZHllaFNLRgYbbgBIJysGLBUtCQsUEzEDZg8aIj4ZNUsBWgohCkMcOgBEXFhiVkxdTiMNHVhaakIKEQknEQpYWXUNFwMHbkIPWFl9VFdTWH1QXxBVYkINFQk0WUhDGCcQFVhZZFBBU1hjXU9RW2BW HTTP/1.1
Host: hebenefitssheasht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 30 May 2025 10:29:24 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XwfUnhzN%2Fi%2FArZG3lGF8iTdBoFVaNIeTipfqzHwayHa2xcVbhhFI6E4zw%2B8kQUhyckkpcjd0tpwce3fLfvjN47H70e%2F%2FL5Kp4vYI%2Ff8ApoTeCm4%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 947d8cdc19335693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| isolatedovercomepasted.com/check.html | 94.242.247.24 | 200 OK | 926 B |
URL GET isolatedovercomepasted.com/check.html IP94.242.247.24:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerBuypass AS-983163327 Subject FingerprintBB:6D:E1:77:DE:80:15:9D:0B:90:58:D2:8F:D7:8F:9A:59:F5:B5:53 ValidityMon, 03 Mar 2025 23:53:40 GMT - Sat, 30 Aug 2025 21:59:00 GMT
File typeHTML document, ASCII text Hash088dba8e97eede53134c93219f7ebbae adb707654d1fe0af7d0d7a9f55660d22bd3625e4 6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff
GET /check.html HTTP/1.1
Host: isolatedovercomepasted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:23 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 19 May 2025 08:12:42 GMT
vary: Accept-Encoding
etag: W/"682ae7fa-39e"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/img/logo-s.png | 172.67.75.50 | 200 OK | 1.9 kB |
URL GET i.doodcdn.io/img/logo-s.png IP172.67.75.50:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeRIFF (little-endian) data, Web/P image Hashf0c6bed8c2b7297aab801aa1c449dd14 f44f3ee770d099eedc8ecc32fe5d5a2be9d6bd16 0c591bf4d1b3bd51127f30c9c1f4a727bdf146a60d1a8106bfd575f2bf68c9f3
GET /img/logo-s.png HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:24 GMT
content-type: image/webp
content-length: 1932
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cdc2dfbb4fd-OSL
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=6212
content-disposition: inline; filename="logo-s.webp"
etag: "61d3187c-1844"
expires: Sat, 28 Jun 2025 17:24:27 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
vary: Accept
cf-cache-status: HIT
age: 22813
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycjom5QNdsIDSNl%2BLuBUGrMncQQtKe1Emp5mqIcyOYbZOEPwWNmJ3so%2Brf8W6XBNcovAQDBanUEdcjlqOj2nLx7G%2FVS%2F92t5fdkoYQdykBCmbw2Hh%2F%2BRKEzBSZyrYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3699&min_rtt=1719&rtt_var=1520&sent=146&recv=21&lost=0&retrans=1&sent_bytes=149109&recv_bytes=3364&delivery_rate=290830&cwnd=96000&unsent_bytes=0&cid=d1ab40f45877a52d&ts=2093&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| betotodilea.com/split_track?action=first_match&zone=4857535&oaid=undefined&request_adex= | 139.45.197.104 | 204 No Content | 0 B |
URL POST betotodilea.com/split_track?action=first_match&zone=4857535&oaid=undefined&request_adex= IP139.45.197.104:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectbetotodilea.com Fingerprint52:DD:84:C3:DF:8B:D7:F5:39:6F:8F:B6:E3:0A:14:B3:B2:C8:75:06 ValidityWed, 09 Apr 2025 02:23:21 GMT - Tue, 08 Jul 2025 02:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /split_track?action=first_match&zone=4857535&oaid=undefined&request_adex= HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Cookie: OAID=0301d92c3b384c93f21f7eb0c456008e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
server: nginx
date: Fri, 30 May 2025 10:29:25 GMT
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, favicon
X-Firefox-Spdy: h2
|
|
| betotodilea.com/500/4857535?excludes=&oaid=0801d95c930b4b08fbc308a7098c893a&var=&ymid=&tgp=&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 | 139.45.197.104 | 200 OK | 0 B |
URL OPTIONS betotodilea.com/500/4857535?excludes=&oaid=0801d95c930b4b08fbc308a7098c893a&var=&ymid=&tgp=&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 IP139.45.197.104:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectbetotodilea.com Fingerprint52:DD:84:C3:DF:8B:D7:F5:39:6F:8F:B6:E3:0A:14:B3:B2:C8:75:06 ValidityWed, 09 Apr 2025 02:23:21 GMT - Tue, 08 Jul 2025 02:23:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4857535?excludes=&oaid=0801d95c930b4b08fbc308a7098c893a&var=&ymid=&tgp=&js_build=8&sw_version=v1.634.7&branchId=1000031&dmn=betotodilea.com&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=3&pl=https%3A%2F%2Fdoply.net%2Fd%2F8fcdiimj3wyv&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&tzofs=0&btz=UTC&bto=0&jsp=1 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://doply.net/
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 30 May 2025 10:29:28 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://doply.net
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-credentials: true
access-control-max-age: 600
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 | 142.250.74.10 | 200 OK | 27 kB |
URL GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700 IP142.250.74.10:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73 ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
File typeASCII text, with very long lines (1572) Hashda8ad2595d78edf21895319e7d02fe73 d707ec9d6f68fbcfc0e2ebe711b97ad7d67e9aa9 95bce9ed84dcd1e30d88c5e2b2368d24c4e6c60ca58210293d28b3394d1d629a
GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 May 2025 10:29:38 GMT
date: Fri, 30 May 2025 10:29:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| hebenefitssheasht.com/UjBiZ299DwEUUgNKID09YHpTJDhnATcvNhZpKj09NmEwDwwEZUQTBjYNW1dXYgVVQR87VF9WSSFEAxMaIQ1TQQY8Vg1aSSQNU0lcZh5RUUFmFhdaXnREEgYIbwFEFxsmXF9WWGYIVFdfawZWVF9q | 188.114.97.1 | 204 No Content | 0 B |
URL GET hebenefitssheasht.com/UjBiZ299DwEUUgNKID09YHpTJDhnATcvNhZpKj09NmEwDwwEZUQTBjYNW1dXYgVVQR87VF9WSSFEAxMaIQ1TQQY8Vg1aSSQNU0lcZh5RUUFmFhdaXnREEgYIbwFEFxsmXF9WWGYIVFdfawZWVF9q IP188.114.97.1:443
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjecthebenefitssheasht.com FingerprintED:8B:52:5D:3B:8F:DF:14:28:3A:16:CE:D9:C0:54:E8:35:84:04:03 ValidityTue, 22 Apr 2025 10:33:19 GMT - Mon, 21 Jul 2025 11:31:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UjBiZ299DwEUUgNKID09YHpTJDhnATcvNhZpKj09NmEwDwwEZUQTBjYNW1dXYgVVQR87VF9WSSFEAxMaIQ1TQQY8Vg1aSSQNU0lcZh5RUUFmFhdaXnREEgYIbwFEFxsmXF9WWGYIVFdfawZWVF9q HTTP/1.1
Host: hebenefitssheasht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 30 May 2025 10:29:24 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0xhMQ2wURMWxdB3kfVCEnhyD1scPGSgED5%2BJbcfo3kJ0csN5mR0V6R%2FRyZ41IpliX%2BDkh0Pe0hlQToo%2FSPlxnZtttM%2FKf0RguUBmWy0hss3YEg0%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 947d8cdc19305693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.doodcdn.io/theme_2/fonts/avertastd-regular-webfont.woff2 | 172.67.75.50 | 200 OK | 24 kB |
URL GET i.doodcdn.io/theme_2/fonts/avertastd-regular-webfont.woff2 IP172.67.75.50:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectdoodcdn.io FingerprintD7:74:16:AE:C7:53:36:51:22:9F:FC:25:D0:8F:92:65:94:13:9E:8B ValiditySat, 03 May 2025 19:51:57 GMT - Fri, 01 Aug 2025 20:51:51 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23812, version 1.524 Hasheb586e5a1b86dbf1c866e3ed80f9d18e 280ee78d19c017ab9335f769595e5157d3c4a343 714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
GET /theme_2/fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: i.doodcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 30 May 2025 10:29:22 GMT
content-type: font/woff2
content-length: 23812
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 947d8cd1f8c60b55-OSL
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Sat, 28 Jun 2025 11:22:25 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 67655
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9UTtczE7XGfgAZsNVj7qy1UnomnSmixGL4Ey5%2F52HQH4u5o77nRV0frDGzgVSVSGXlCBwiXHoP3iZ6hO%2B5BgdGKfTgcFNM4%2FYfVCPohyjLpThsPA4a53FRpr%2BJg7%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7550&min_rtt=7477&rtt_var=2949&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4189&recv_bytes=1999&delivery_rate=79500&cwnd=12000&unsent_bytes=0&cid=103bbd9b95669f5f&ts=97&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap | 142.250.74.10 | 200 OK | 18 kB |
URL GET fonts.googleapis.com/css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap IP142.250.74.10:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73 ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT
Hash16d769de72b66648b48ea896755da441 28e1c4468bc980bb8b9bfdab5bd256acb0b6dcf4 c3482415177813410f604787dd9f27ba54bea4f4eca78f83cc2afaebd7b56392
GET /css?family=Nunito:200,300,300i,400,600,600i,700,700i,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 30 May 2025 10:29:22 GMT
date: Fri, 30 May 2025 10:29:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.tsyndicate.com/sdk/v1/puengine.js | 45.133.44.70 | 200 OK | 90 kB |
URL GET cdn.tsyndicate.com/sdk/v1/puengine.js IP45.133.44.70:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://doply.net/e/8fcdiimj3wyv CertificateIssuerLet's Encrypt Subjectcdn.tsyndicate.com FingerprintC8:21:B5:22:CE:B2:90:D0:CE:CF:F7:57:FA:B4:14:52:BA:AF:3B:EF ValidityFri, 04 Apr 2025 07:32:05 GMT - Thu, 03 Jul 2025 07:32:04 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash87781e1d7683222115078304d2414b35 8bf54dd8a67d75a6f38ab240d47007c12c6e2fdc 37cf30c764c95d5900378ec4e56d09a6088a8b90ed7540c0b7cd3abebba37459
GET /sdk/v1/puengine.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doply.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:25 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 15 Jan 2025 14:08:26 GMT
etag: W/"6787c15a-15dda"
x-robots-tag: noindex, nofollow
content-encoding: gzip
cache-control: max-age=172800
expires: Sun, 01 Jun 2025 10:29:25 GMT
vary: Accept-Encoding
x-cdn-host-id: ah1742,ds9893
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 | 142.250.74.35 | 200 OK | 40 kB |
URL GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 IP142.250.74.35:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint58:93:D6:74:22:41:22:FC:10:8C:BD:51:81:F5:29:DE:00:91:9B:FD ValidityTue, 29 Apr 2025 19:29:18 GMT - Tue, 22 Jul 2025 19:29:17 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40128, version 1.0 Hash9a01b69183a9604ab3a439e388b30501 8ed1d59003d0dbe6360481017b44665153665fbe 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 10:03:46 GMT
expires: Fri, 29 May 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 87952
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ads.quality-traffic.com/ad.php | 104.21.2.173 | 200 OK | 1.2 kB |
URL GET ads.quality-traffic.com/ad.php IP104.21.2.173:443
Requested byhttps://doply.net/d/8fcdiimj3wyv CertificateIssuerGoogle Trust Services Subjectquality-traffic.com Fingerprint4E:64:8D:53:45:D9:6A:2E:C2:EB:5E:57:01:14:6D:20:70:6B:76:67 ValidityFri, 04 Apr 2025 03:24:44 GMT - Thu, 03 Jul 2025 04:21:13 GMT
File typeHTML document, Unicode text, UTF-8 text Hashcec31d6e3625c4de5dbceeb51c8bf5af b91f8838b761f92b4276ec97df50317864ca755b 92d2490e82808a70bc56860c41e4b40da3b4866d0e5ac316b82f2af6fdf5061c
GET /ad.php HTTP/1.1
Host: ads.quality-traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doply.net/
Origin: https://doply.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 30 May 2025 10:29:24 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-powered-by: PHP/7.4.33, PleskLin
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-content-type-options: nosniff
access-control-allow-origin: https://doply.net
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EoZhAVj0U7VeSycJcr6Jh3GXFXt7vxiQE3L6Y%2FOE%2Bm6TpIkj1Wyj9t6Byd2zOtBs%2B5cnfioj7qk82g84VBCoZvI8SY3TqhRA7ixU%2FzOO9p6bAf3ngw%3D%3D"}]}
cf-cache-status: DYNAMIC
vary: accept-encoding
content-encoding: br
cf-ray: 947d8cdd9ada569a-OSL
X-Firefox-Spdy: h2
|
|