| dood.re/for7liwq65uc | 104.26.4.50 | 301 Moved Permanently | 0 B |
IP104.26.4.50:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /for7liwq65uc HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 05 Jan 2023 22:17:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 05 Jan 2023 23:17:21 GMT
Location: https://dood.re/for7liwq65uc
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbH3ZnwV3Z%2F0kvuJqlVUj%2BxV8Vf0VdYtstntr3EqwZK%2FuwI0D4H4SygmBLBOacYRDE5GjNcNXR9T4%2FPv9qwFbqj6sQJZ81P8ct5YaAKJGB4KBOVDujEVxzk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784f95623e190b61-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash326898eb925368408f6f42ee173b9d89 b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8 96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21263
Expires: Fri, 06 Jan 2023 04:11:44 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashce8af3d72e7e9af609039abee59c8b87 8e1b16591fbc632df35f15e23da55ee86af31bc3 52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15419
Expires: Fri, 06 Jan 2023 02:34:20 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 05 Jan 2023 21:41:16 GMT
content-type: application/json
age: 2165
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashda484f5e9c6805745e063b236fb81473 ae454bf4a7ae0e96935afc81ee0f89c049097b15 068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2554
Expires: Thu, 05 Jan 2023 22:59:55 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6VCwB963BudZbBDUIrwz1s69w6NewHCtw61eaN7XPRm6ktjZV2ArcX/tuVbQFe0CuchKRLSIhy4=
x-amz-request-id: FY0R0Q52BEP80T6G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 05 Jan 2023 21:59:42 GMT
age: 1059
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/zrkYX0N7LYA | 142.250.74.131 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/zrkYX0N7LYA IP142.250.74.131:0
Hash7ae914158780207eb1c00c2f0eb76e24 904f056954a41695fe31eb9bd2ac75653922d00d 68c7c385b2e96850ee203bbff13470a4bd5fef473ab4ad5541fc93ab90b985a6
POST /s/gts1p5/zrkYX0N7LYA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1p5/zrkYX0N7LYA | 142.250.74.131 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/zrkYX0N7LYA IP142.250.74.131:0
Hash7ae914158780207eb1c00c2f0eb76e24 904f056954a41695fe31eb9bd2ac75653922d00d 68c7c385b2e96850ee203bbff13470a4bd5fef473ab4ad5541fc93ab90b985a6
POST /s/gts1p5/zrkYX0N7LYA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:17:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.25.14:0
File typeASCII text, with very long lines (65451) Hash638a4990025383a0f83ebf29bdb84a68 153e8818dc42f598e47fde8cf398f1447649a4d0 878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1180695
expires: Tue, 26 Dec 2023 22:17:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkk5ofFBU1GbGg3pUB4h6TbpXa8ulk4g63WTVFPgjEMda%2BTU8PDZPqYN2%2Fq2KuuXw%2BHr%2B8Tt4TVCTRmeeF%2B2UURAAOXaZMPzAOAfnhOix4xgR2AyZnyXVUCh1W0N%2FEwsqthA%2BRsU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 784f9565fba4b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55dd19350c82d6de49c80f072f18c1b1 ebc4d3a8a28f99526617aac7b11cfaa389e2d6f8 cdbf1eab05073a454324d08b1932304593a00a60cd22efb61154082c1deb9dc8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CDBF1EAB05073A454324D08B1932304593A00A60CD22EFB61154082C1DEB9DC8"
Last-Modified: Wed, 04 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7281
Expires: Fri, 06 Jan 2023 00:18:42 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55dd19350c82d6de49c80f072f18c1b1 ebc4d3a8a28f99526617aac7b11cfaa389e2d6f8 cdbf1eab05073a454324d08b1932304593a00a60cd22efb61154082c1deb9dc8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CDBF1EAB05073A454324D08B1932304593A00A60CD22EFB61154082C1DEB9DC8"
Last-Modified: Wed, 04 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7281
Expires: Fri, 06 Jan 2023 00:18:42 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55dd19350c82d6de49c80f072f18c1b1 ebc4d3a8a28f99526617aac7b11cfaa389e2d6f8 cdbf1eab05073a454324d08b1932304593a00a60cd22efb61154082c1deb9dc8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CDBF1EAB05073A454324D08B1932304593A00A60CD22EFB61154082C1DEB9DC8"
Last-Modified: Wed, 04 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7281
Expires: Fri, 06 Jan 2023 00:18:42 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashe4fdd703d4ebb3209cd70c0ffd234da1 2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1 ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55dd19350c82d6de49c80f072f18c1b1 ebc4d3a8a28f99526617aac7b11cfaa389e2d6f8 cdbf1eab05073a454324d08b1932304593a00a60cd22efb61154082c1deb9dc8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CDBF1EAB05073A454324D08B1932304593A00A60CD22EFB61154082C1DEB9DC8"
Last-Modified: Wed, 04 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7281
Expires: Fri, 06 Jan 2023 00:18:42 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| www.googletagmanager.com/gtag/js?id=UA-160322406-1 | 142.250.74.40 | 200 OK | 45 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-160322406-1 IP142.250.74.40:0
File typeASCII text, with very long lines (1759) Hashe3d4dc2efbf628880f5b72959ddea3fc a39294f2186f40a9d752d09ccd5a89b27431c602 efaed532ea3c45cee13b30b886f2866e880ba6724b4ccc6e7f92bd436a100a72
GET /gtag/js?id=UA-160322406-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 05 Jan 2023 22:17:21 GMT
expires: Thu, 05 Jan 2023 22:17:21 GMT
cache-control: private, max-age=900
last-modified: Thu, 05 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 344 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc07ef502ad27a75d6d66b1f05e910957 ce1a35be57ea726570815ed2c6c8ea443b076af6 7ed586b39bfb8f4866d76d101b4885e5b10bf62336de01485ea6024a575cf0e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7ED586B39BFB8F4866D76D101B4885E5B10BF62336DE01485EA6024A575CF0E9"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7299
Expires: Fri, 06 Jan 2023 00:19:00 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 344 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc07ef502ad27a75d6d66b1f05e910957 ce1a35be57ea726570815ed2c6c8ea443b076af6 7ed586b39bfb8f4866d76d101b4885e5b10bf62336de01485ea6024a575cf0e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7ED586B39BFB8F4866D76D101B4885E5B10BF62336DE01485EA6024A575CF0E9"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7299
Expires: Fri, 06 Jan 2023 00:19:00 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 344 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc07ef502ad27a75d6d66b1f05e910957 ce1a35be57ea726570815ed2c6c8ea443b076af6 7ed586b39bfb8f4866d76d101b4885e5b10bf62336de01485ea6024a575cf0e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7ED586B39BFB8F4866D76D101B4885E5B10BF62336DE01485EA6024A575CF0E9"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7299
Expires: Fri, 06 Jan 2023 00:19:00 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashe4fdd703d4ebb3209cd70c0ffd234da1 2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1 ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 344 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc07ef502ad27a75d6d66b1f05e910957 ce1a35be57ea726570815ed2c6c8ea443b076af6 7ed586b39bfb8f4866d76d101b4885e5b10bf62336de01485ea6024a575cf0e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7ED586B39BFB8F4866D76D101B4885E5B10BF62336DE01485EA6024A575CF0E9"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7299
Expires: Fri, 06 Jan 2023 00:19:00 GMT
Date: Thu, 05 Jan 2023 22:17:21 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 05 Jan 2023 22:08:11 GMT
age: 551
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash73a99621729e1bc9e236a1085b98a0cf 5e1f71493085f6be7788f59987c1f0850b77d4d7 219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 208
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:22 GMT
Last-Modified: Thu, 05 Jan 2023 22:13:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashce27fbe2c8cb51ac80bd132ea3858d70 a98130210fe217c93db4356db62d2fca6abb0b9f 8935d571382caf28608f6d9c2309e9485504ce941b16d21c992e1fd7b32a2823
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8935D571382CAF28608F6D9C2309E9485504CE941B16D21C992E1FD7B32A2823"
Last-Modified: Thu, 05 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12175
Expires: Fri, 06 Jan 2023 01:40:17 GMT
Date: Thu, 05 Jan 2023 22:17:22 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashce27fbe2c8cb51ac80bd132ea3858d70 a98130210fe217c93db4356db62d2fca6abb0b9f 8935d571382caf28608f6d9c2309e9485504ce941b16d21c992e1fd7b32a2823
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8935D571382CAF28608F6D9C2309E9485504CE941B16D21C992E1FD7B32A2823"
Last-Modified: Thu, 05 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12205
Expires: Fri, 06 Jan 2023 01:40:47 GMT
Date: Thu, 05 Jan 2023 22:17:22 GMT
Connection: keep-alive
|
|
| somethingprecursorfairfax.com/ed/b8/70/edb8703573695076feb99cb156693613.js | 173.233.139.164 | 200 OK | 11 kB |
URL HTTP/1.1somethingprecursorfairfax.com/ed/b8/70/edb8703573695076feb99cb156693613.js IP173.233.139.164:0
File typeASCII text, with very long lines (32122), with no line terminators Hash6acb7318dc3bd375b75d32740066d681 a8a0a073626575cb14240fc977ac1dde3a5cfbb5 c401c82ff30d0e254df129919a3f24b57e99210ea9083cacf3eb6806a8208140
GET /ed/b8/70/edb8703573695076feb99cb156693613.js HTTP/1.1
Host: somethingprecursorfairfax.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 05 Jan 2023 22:17:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abde92607f93591411bb7a552ca530ca
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| somethingprecursorfairfax.com/f0/6f/53/f06f53688194268edaf23d2b44a59e27.js | 173.233.139.164 | 200 OK | 21 kB |
URL HTTP/1.1somethingprecursorfairfax.com/f0/6f/53/f06f53688194268edaf23d2b44a59e27.js IP173.233.139.164:0
File typeHTML document, ASCII text, with very long lines (60146), with no line terminators Hash2d6088fb93eed86785e9ebc89830a430 cf10bb6bd8a4ccf37f2e991461c6992148cf3a17 ed0554183b323d3252c2ac57c7c24f328655d3012c04f3ca66070889e5849d64
GET /f0/6f/53/f06f53688194268edaf23d2b44a59e27.js HTTP/1.1
Host: somethingprecursorfairfax.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 05 Jan 2023 22:17:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d8ea41ea31611fe583cde77cd2d39c29
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| push.services.mozilla.com/ | 54.149.51.98 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.51.98:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ppr7EurJPV0XdAuK4uv54Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SgtxEsgIZyLaCVtlkk3aX0N7BaM=
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash24211537172fdc6ae5968252786d809c 9bcc784a6d86cc5b17328c940384d30591d7f62e b8466acb9529cecc01e8820d3254321cf5f17996a73a2c851b63adb68d85cd80
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B8466ACB9529CECC01E8820D3254321CF5F17996A73A2C851B63ADB68D85CD80"
Last-Modified: Tue, 03 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13362
Expires: Fri, 06 Jan 2023 02:00:04 GMT
Date: Thu, 05 Jan 2023 22:17:22 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash722fc9788fb5e425d9aa358f70ca1959 24aa6758fd3fc94333d6524d4033a6c100b863ef 992af35d5ac3401a6275d1b3f200d0d15ab957f8b273c6797d653aa93fff6460
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2609
Cache-Control: max-age=146320
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:22 GMT
Etag: "63b6dad1-117"
Expires: Sat, 07 Jan 2023 14:56:02 GMT
Last-Modified: Thu, 05 Jan 2023 14:12:33 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash722fc9788fb5e425d9aa358f70ca1959 24aa6758fd3fc94333d6524d4033a6c100b863ef 992af35d5ac3401a6275d1b3f200d0d15ab957f8b273c6797d653aa93fff6460
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3573
Cache-Control: max-age=147284
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:22 GMT
Etag: "63b6dad1-117"
Expires: Sat, 07 Jan 2023 15:12:06 GMT
Last-Modified: Thu, 05 Jan 2023 14:12:33 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashd10bbfb1c3c508be586f28deb189881f 6e884b982f1e2167d0f3ee2a1746e140a212533f e840dd6a2fbcbd84f79df107973a91e4ff21d247901750b51018fdae67f07c98
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142029
Date: Thu, 05 Jan 2023 22:17:22 GMT
Etag: "63b6d122-1d7"
Expires: Sat, 07 Jan 2023 13:44:31 GMT
Last-Modified: Thu, 05 Jan 2023 13:31:14 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j-APiKJQODxs1fV6w2TGRyz1q6eVKtzsaIrB2FBndolYqZ1t8LGitg==
Age: 797
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashd10bbfb1c3c508be586f28deb189881f 6e884b982f1e2167d0f3ee2a1746e140a212533f e840dd6a2fbcbd84f79df107973a91e4ff21d247901750b51018fdae67f07c98
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141682
Date: Thu, 05 Jan 2023 22:17:22 GMT
Etag: "63b6d122-1d7"
Expires: Sat, 07 Jan 2023 13:38:44 GMT
Last-Modified: Thu, 05 Jan 2023 13:31:14 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wgzA99cpfk9H_pMudofE7ORqk3C36qnqHl3MH47gtHruu8EySkf0Tw==
Age: 450
|
|
| simplewebanalysis.com/stats | 52.28.184.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.28.184.54:0
File typeASCII text, with no line terminators Hashb82c36b49ffeb2b94c9fcf2a95fd8232 799acfdb1e28b6b9de57d1769ff6175547243177 a7cd87ca05d53eabf000d9600ba5d3d12672fcafb55cc56c417911550666d30e
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.re
access-control-allow-credentials: true
set-cookie: uid_id2=f68f5917-4a05-4376-9d67-00d01101e925:1:1; expires=Sun, 02 Jan 2033 22:17:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| simplewebanalysis.com/stats | 52.28.184.54 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.28.184.54:0
File typeASCII text, with no line terminators Hash535758347f2b22d09383666bc36e70fc ff9e8a26e59b1a95fc21778bf763bcb3e693241c 8121b5578d5792bf03df1e3fd3c46b2797de34292d6cf4d06a542593f84d8c5f
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.re
access-control-allow-credentials: true
set-cookie: uid_id2=dd898803-14be-47af-b9fe-feb9575e4b43:1:1; expires=Sun, 02 Jan 2033 22:17:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash410c60e1519534346d2a68b00727f273 317ed1975eceabec7d8314f294ada3b5a4294c28 cb291bc3b5df364535bbe2ed132fe681b6d3649ce30ca3997b0f5c0d3ccb103b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB291BC3B5DF364535BBE2ED132FE681B6D3649CE30CA3997B0F5C0D3CCB103B"
Last-Modified: Thu, 05 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8992
Expires: Fri, 06 Jan 2023 00:47:14 GMT
Date: Thu, 05 Jan 2023 22:17:22 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasheafe4e9ad5906494f3283e593ed1ca1e 51f8335c65aac89620213aa5272b329a590c01b2 d7ae368cf43ab61b5dcc69a1b4b663a006f37d8847ead6b0fb4c47c7c9a67161
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7AE368CF43AB61B5DCC69A1B4B663A006F37D8847EAD6B0FB4C47C7C9A67161"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21070
Expires: Fri, 06 Jan 2023 04:08:32 GMT
Date: Thu, 05 Jan 2023 22:17:22 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash24211537172fdc6ae5968252786d809c 9bcc784a6d86cc5b17328c940384d30591d7f62e b8466acb9529cecc01e8820d3254321cf5f17996a73a2c851b63adb68d85cd80
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B8466ACB9529CECC01E8820D3254321CF5F17996A73A2C851B63ADB68D85CD80"
Last-Modified: Tue, 03 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13362
Expires: Fri, 06 Jan 2023 02:00:04 GMT
Date: Thu, 05 Jan 2023 22:17:22 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hashb147ec1650989d93a0c1bba8cd396998 ce27ba8ee2db8d63a0e19b4b99a6cafcd7766a43 c19f1ca3e1c2de42b9e5c8accea6e7fb7646b088d1e0ccec26edd4e41ebc978d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:17:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 00:04:31 GMT
Expires: Thu, 12 Jan 2023 00:04:30 GMT
Etag: "ce27ba8ee2db8d63a0e19b4b99a6cafcd7766a43"
Cache-Control: max-age=524227,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f956d393fb511-OSL
|
|
| geedoovu.net/tag.min.js | 139.45.197.239 | 200 OK | 24 kB |
IP139.45.197.239:0
File typeASCII text, with very long lines (65536), with no line terminators Hash9c2d6b1489d7384ea1531272c490ed1e daa14cf1f173e9c3cf9c99c788b18ce7bc7e2f96 6b26ddfd104337ca3705d7071110bcd9de793d32659ae80b8ee465a6fea35a60
GET /tag.min.js HTTP/1.1
Host: geedoovu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 05 Jan 2023 22:17:22 GMT
content-type: text/javascript; charset=utf-8
content-length: 23551
content-encoding: br
x-trace-id: 5687b27c0e930cc52c098d432f511f53
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 16 Dec 2022 15:55:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.167.186 | 200 OK | 27 kB |
IP104.17.167.186:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689) Hashd80f0f485dd85cb5abff9c30fbca6a9a a86de3024d5e367cea359bbb22f4622bf47fb24f 974c5105588ab8d7eb7ef0d20d45775af9b89859f098fde7dc69f65c0f9c9267
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:22 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 05 Feb 2023 22:17:22 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 347003
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f956d8a01b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasheafe4e9ad5906494f3283e593ed1ca1e 51f8335c65aac89620213aa5272b329a590c01b2 d7ae368cf43ab61b5dcc69a1b4b663a006f37d8847ead6b0fb4c47c7c9a67161
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7AE368CF43AB61B5DCC69A1B4B663A006F37D8847EAD6B0FB4C47C7C9A67161"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 06 Jan 2023 04:17:22 GMT
Date: Thu, 05 Jan 2023 22:17:22 GMT
Connection: keep-alive
|
|
| initiallycoffee.com/pixel/purst?dl=0&th=0&sc=0&rs=1562&rd=1562&fd=985&bv=22.10.v.9&tmpl=70 | 192.243.59.12 | 200 OK | 0 B |
URL HTTP/1.1initiallycoffee.com/pixel/purst?dl=0&th=0&sc=0&rs=1562&rd=1562&fd=985&bv=22.10.v.9&tmpl=70 IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1562&rd=1562&fd=985&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: initiallycoffee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 05 Jan 2023 22:17:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| geedoovu.net/apu.php?zoneid=3170067&oo=1 | 139.45.197.239 | 403 Forbidden | 7 B |
URL HTTP/2geedoovu.net/apu.php?zoneid=3170067&oo=1 IP139.45.197.239:0
File typeASCII text, with no line terminators Hash758ff964ee78d0c90f3a14d8d4af8ab3 f248d30ac9849b0ead400537632beb02c9c703d1 00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
GET /apu.php?zoneid=3170067&oo=1 HTTP/1.1
Host: geedoovu.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Thu, 05 Jan 2023 22:17:22 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-origin: https://dood.re
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.167.186 | 200 OK | 0 B |
IP104.17.167.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:23 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://dood.re
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f956edea70b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash40da59c1eadc395ccc6e98ce8d1e3db3 956cb7d836f8b6a2ba0dd457e62c569b711b6e5d bd40fe07d5aeab2bf2903df7dcc68fe6f28fd85a6da2192edd1004fc11888455
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD40FE07D5AEAB2BF2903DF7DCC68FE6F28FD85A6DA2192EDD1004FC11888455"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10765
Expires: Fri, 06 Jan 2023 01:16:48 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:0
File typeASCII text, with no line terminators Hashadde5febc7b5b6c2c759ec735cce83a0 77ec17be8a9970ff04663294d41c590d0d24fde4 ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:17:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://dood.re
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| banquetunarmedgrater.com/advertisers.js | 192.243.59.12 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP192.243.59.12:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 05 Jan 2023 22:17:23 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc9d1766593d6f9d22629cc493c3246a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash13c0bcd75e684559792b8a54e020fafd 33ab668028254f00b24fb0aaf13253328c696ee4 51df5875192742cd6ace146600739a1f7c1ee320b3db9b732a29b43490b36df3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51DF5875192742CD6ACE146600739A1F7C1EE320B3DB9B732A29B43490B36DF3"
Last-Modified: Tue, 03 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11927
Expires: Fri, 06 Jan 2023 01:36:10 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash3cda062d0fc6b553ec826b24f9ab304b bf0ab7a2fdc274783b9a7db124963fcda9506025 d50b6f06c9929c79b02d4dd24c0b792dff642a62d166355905b9782a3d9839cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D50B6F06C9929C79B02D4DD24C0B792DFF642A62D166355905B9782A3D9839CB"
Last-Modified: Thu, 05 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=677
Expires: Thu, 05 Jan 2023 22:28:40 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash2ee39bd26760b7a848a2662fd8bdd28b ad97c40f6823b800e668924a84f5c82d207b422c c76509e760380831529266c2c31939c5c567766f99a09e51d11335cb2afa8579
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 12:00:07 GMT
Expires: Thu, 12 Jan 2023 12:00:06 GMT
Etag: "ad97c40f6823b800e668924a84f5c82d207b422c"
Cache-Control: max-age=567162,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f95708cb1b511-OSL
|
|
| t79rtmgck0td.n4.adsco.re/ | 38.132.109.186 | 200 OK | 0 B |
URL HTTP/1.1t79rtmgck0td.n4.adsco.re/ IP38.132.109.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: t79rtmgck0td.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:17:23 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
|
|
| unpredictablehateagent.com/sbar.json?key=edb8703573695076feb99cb156693613&uuid=dd898803-14be-47af-b9fe-feb9575e4b43%3A1%3A1 | 173.233.139.164 | 200 OK | 4.2 kB |
URL HTTP/1.1unpredictablehateagent.com/sbar.json?key=edb8703573695076feb99cb156693613&uuid=dd898803-14be-47af-b9fe-feb9575e4b43%3A1%3A1 IP173.233.139.164:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (6137), with no line terminators Hashb9407d6deb79a4615aac2e626dd378f4 0da17b65b8e1cb6c8b18577f32db9fac96bb728c fa9e59b5edc9470ff10b467f5c5e8649255575732bf6bb2429ed8b8276f261aa
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sbar.json?key=edb8703573695076feb99cb156693613&uuid=dd898803-14be-47af-b9fe-feb9575e4b43%3A1%3A1 HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 05 Jan 2023 22:17:23 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dood.re
Access-Control-Allow-Origin: https://dood.re
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15754608; expires=Fri, 06 Jan 2023 22:17:23 GMT; secure; SameSite=None
uid_id2=dd898803-14be-47af-b9fe-feb9575e4b43:1:1; expires=Thu, 12 Jan 2023 22:17:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 06 Jan 2023 22:17:23 GMT; secure; SameSite=None
uncs=1; expires=Fri, 06 Jan 2023 22:17:23 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 06 Jan 2023 22:17:23 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 06 Jan 2023 22:17:23 GMT; secure; SameSite=None
slecedb8703573695076feb99cb156693613=[3905510]; expires=Thu, 05 Jan 2023 22:17:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ac19cf5dc5e80c10f365c6fe4beef3d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 411 B |
IP162.252.214.5:0
File typeASCII text, with very long lines (487), with no line terminators Hasheb7396d8a8254e896ec8f942059eceb1 a87213d528cc5acb629a5e2bb030ad900c6e1af7 ea2e691856390e96270b6d4a1f80a70970d4d3252285a5f690446928ae3e3022
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1928
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:17:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://dood.re
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash872ad13c3966689cbd481bebca0b21f8 2a052c414b68b9e71b00fa3903995e8bdd22a81c bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2592
Expires: Thu, 05 Jan 2023 23:00:35 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash872ad13c3966689cbd481bebca0b21f8 2a052c414b68b9e71b00fa3903995e8bdd22a81c bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2580
Expires: Thu, 05 Jan 2023 23:00:23 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash872ad13c3966689cbd481bebca0b21f8 2a052c414b68b9e71b00fa3903995e8bdd22a81c bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2580
Expires: Thu, 05 Jan 2023 23:00:23 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg | 34.120.237.76 | 200 OK | 4.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc43cd789c8a417cccb0fd1d0976b13f2 f7be1e65af4baa06da326d643a624fe46abe1ea2 863d781dc296cd5edb0f2630f4bb29533323917f455f512e7679e4afa0346323
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4577
x-amzn-requestid: 5e67ddf8-53fd-4cad-b6b9-8202560bf598
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSd60GXjoAMF41Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74378-042659c73cd71e1004a14faa;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:39:04 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1lbzfXbU7LtEjnlHa7ZypSnkSumraYEkaMdWkfa-OjnSgNVB0VMsXw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:50:58 GMT
age: 1585
etag: "f7be1e65af4baa06da326d643a624fe46abe1ea2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9b2480-67ce-4247-9d95-8e03d4ea893a.jpeg | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9b2480-67ce-4247-9d95-8e03d4ea893a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha651a6052d9f980978b9872daf24f447 ce2c94232835dbe5aee99dd436f68f94ce42a7cb 263835059464a3085a3152436ef45140e29c917c30f7f238c442bb54e022003a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9b2480-67ce-4247-9d95-8e03d4ea893a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4930
x-amzn-requestid: 75be345e-998b-474b-884e-d0e5d501f3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdrpHqzIAMF52Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74317-5bf56aaf6a6c96f10e75c5dd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:27 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1jKsMbem-EgE9IEqUINZESinhqOIEv9T5QkIkyF7iIcql1UBJiZTvw==
via: 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:50:58 GMT
age: 1585
etag: "ce2c94232835dbe5aee99dd436f68f94ce42a7cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5333b07c55ecc31c8aebfa5f80476ba9 7c1e058b189cf70dc46e35fc199a05e919d2b589 55932f33cea20066103fb067a5589bcaf548c21f99a1bf7a64fe95e05e39a7e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F761dfafe-b068-458c-8353-add070181fbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8484
x-amzn-requestid: 11abddf9-f08a-4ec1-bbed-9b13f75667ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSd6THUMIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74374-355789823d721ed704e08c87;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:39:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _i_Yf8aS-CRuK6eD997E2wSEqR0cpNCqy_Iiwa0zW2NJ1wckXdU4AQ==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:50:58 GMT
age: 1585
etag: "7c1e058b189cf70dc46e35fc199a05e919d2b589"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636212af-8da6-439f-bad7-7f0a664c0444.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636212af-8da6-439f-bad7-7f0a664c0444.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasheffeec9833abca0024c800a86049aeb2 bbe5831baff19f47ad6e149eb6bda644ada2df1a 86ec5c3a7a9643ec422b3bdf37962549a7de569e3881d1c1795035cda2889b40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636212af-8da6-439f-bad7-7f0a664c0444.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10059
x-amzn-requestid: c8e9b428-c3a6-43a1-b881-69807e2b6fe3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdr-G5poAMF4Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74319-26ab2ec02e7aa0406167faf9;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jznUCTVsyos2ZDn1y3Mzf8GK0AmD-LkqRTE4RHxw_ru0rfcZPWZo6A==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:53:41 GMT
age: 1422
etag: "bbe5831baff19f47ad6e149eb6bda644ada2df1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdc62c3ca8bc387a91c7d4711b5bc2409 7a984b459227e11984faa2539569a90875a58d29 e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W2UrX2IbKy5pDUZkncaKE7FeGGbHetQLbvqQ2jJsb-IhQdauHgrACA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 02:10:48 GMT
age: 72395
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8fefb12-ef44-4cf6-a07f-b555b2826c27.webp | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8fefb12-ef44-4cf6-a07f-b555b2826c27.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash731905cd4a3ee6cbd50c8398d04357cf 64b5ad8c64b5e6106e664944d0c9bcffa77d892c f593afe3868019b4a21f876db0b448263375747f6fef486defbd7ed5a5d70520
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8fefb12-ef44-4cf6-a07f-b555b2826c27.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12547
x-amzn-requestid: 3c303e95-9454-4660-a928-81acecbb7a3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdsbFGMIAMFXiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7431c-5366eaf919b33abf2ea1de4f;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MTZ6bmHogFufs1E87XVo9YRiS6XfeJ2x5aRZAaByJeyryycm071EFg==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:50:58 GMT
age: 1585
etag: "64b5ad8c64b5e6106e664944d0c9bcffa77d892c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4c69471ba5521185484444bedc4b933b dca792c4e719692eb6f27a34db88bb854b3084d6 b463506ed36a2861320ee7b57d34de05bdd8f2008b382d6c43c7a9a0ee87d43e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B463506ED36A2861320EE7B57D34DE05BDD8F2008B382D6C43C7A9A0EE87D43E"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7027
Expires: Fri, 06 Jan 2023 00:14:30 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| unpredictablehateagent.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudzS8%2FQNAQRBMQ0hZBAgmfd29v725JERGCkYVxrCTI9czO7Hnw7M5qZvf27MoiEkp5VFCu39mxAlFEKioEnGmQKx8FskRcUkdCokZ3PunEJ818f94U7735vtwvz4mHkp5tfKp3pVJ0OWx47jubMuO6su76Pdf3Gt51d1Nm7dZ1dzC9TP993wsb3rvuxyLe1stNz%2Fc83%2FPdFWlEogfLMxQyfxz5jchrtJoNP2xhYP7b29KBpQ54%2F5y8Bskn%2F9%2F67SlkPEaWfn9L2O1C5%2B99lJaKFtqgz48%2By7YzXWVIF2ViHCTZ0fw1tJ0Q8s0l6OxorgC6fzBVACYnxPnDB8uO5jTB%2BocXTJmCyMD4K6j6Ywg1hqRjxPo%2BJD8lQMyxfhtZ%2BnBdm4ruXKB0ik7I5X%2F%2Bhqwm5PKz15GlT24qOXDvalUWUmcWg6SGHIwhe2Pk5TGKXQeyOkZcfAHJCbK0huRn1zjvRt2uFyz5LSaWWh2aLLEoEUuJYFHYCUWLtYKZNVKOIZMxlBiCWgfl9EgHZeKgzB2k%2FMylYZR4XidhSRB0W3EcB0Ech902D3nQ6iYeynjKfYgiHyJWQ8RmD7nZw7YcwpQ%2Fw27VsNyBLQj6vEYlCCpLUFGCShJUBUHVrw%2B5sk1bP%2BTKlsyf5%2BY8B%2FVIF719eqiLnsjIfn5OrswMey5ybIszV3DW7XhB2AnaUeh12lOpUcz8sN2OgrYfwMoa0l6aydyVE3LlVYpcnr5YgNFjWHWMWL4NWr4FWo06TQ90a9TqetjNnnCtuS2MoGkj1im4rpEXl1HsOPvqnFyd8bj%2B9V8Q8QmZB2JTIzc1Ppe%2FEvTUg9EdXZGDO7qy5OntvJCp3KXTT71b0EI4334idipt%2BOotO3z0QTwFpuXje8IWazTjMutZ8t1NybkwK9rEgvy4ajcF2yjt1s3SZGW%2BtvHhymqaG2Gt1NkYVJ6aR4jlhLz855uzdXVfugppxjBljbRcMJX6GHG%2BB5svZlYTGLXoWe6gKuuRabLFUEkCJRY9ZTWsOLnxywvXni2%2FUYOJk5%2BeX2D79gF6xgEt7s%2BWtG9q9FUNqoaw5f9GRW5ObvwezAJMOSOmjHPAlFFfXVhr5ZkrwsRLhNcULIlY0qEej5JWxGjkiw4LqY%2FCTuIf1uy%2FAAAA%2F%2F8BAAD%2F%2F9biq9KGBAAA | 173.233.139.164 | 200 OK | 7 B |
URL HTTP/1.1unpredictablehateagent.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudzS8%2FQNAQRBMQ0hZBAgmfd29v725JERGCkYVxrCTI9czO7Hnw7M5qZvf27MoiEkp5VFCu39mxAlFEKioEnGmQKx8FskRcUkdCokZ3PunEJ818f94U7735vtwvz4mHkp5tfKp3pVJ0OWx47jubMuO6su76Pdf3Gt51d1Nm7dZ1dzC9TP993wsb3rvuxyLe1stNz%2Fc83%2FPdFWlEogfLMxQyfxz5jchrtJoNP2xhYP7b29KBpQ54%2F5y8Bskn%2F9%2F67SlkPEaWfn9L2O1C5%2B99lJaKFtqgz48%2By7YzXWVIF2ViHCTZ0fw1tJ0Q8s0l6OxorgC6fzBVACYnxPnDB8uO5jTB%2BocXTJmCyMD4K6j6Ywg1hqRjxPo%2BJD8lQMyxfhtZ%2BnBdm4ruXKB0ik7I5X%2F%2Bhqwm5PKz15GlT24qOXDvalUWUmcWg6SGHIwhe2Pk5TGKXQeyOkZcfAHJCbK0huRn1zjvRt2uFyz5LSaWWh2aLLEoEUuJYFHYCUWLtYKZNVKOIZMxlBiCWgfl9EgHZeKgzB2k%2FMylYZR4XidhSRB0W3EcB0Ech902D3nQ6iYeynjKfYgiHyJWQ8RmD7nZw7YcwpQ%2Fw27VsNyBLQj6vEYlCCpLUFGCShJUBUHVrw%2B5sk1bP%2BTKlsyf5%2BY8B%2FVIF719eqiLnsjIfn5OrswMey5ybIszV3DW7XhB2AnaUeh12lOpUcz8sN2OgrYfwMoa0l6aydyVE3LlVYpcnr5YgNFjWHWMWL4NWr4FWo06TQ90a9TqetjNnnCtuS2MoGkj1im4rpEXl1HsOPvqnFyd8bj%2B9V8Q8QmZB2JTIzc1Ppe%2FEvTUg9EdXZGDO7qy5OntvJCp3KXTT71b0EI4334idipt%2BOotO3z0QTwFpuXje8IWazTjMutZ8t1NybkwK9rEgvy4ajcF2yjt1s3SZGW%2BtvHhymqaG2Gt1NkYVJ6aR4jlhLz855uzdXVfugppxjBljbRcMJX6GHG%2BB5svZlYTGLXoWe6gKuuRabLFUEkCJRY9ZTWsOLnxywvXni2%2FUYOJk5%2BeX2D79gF6xgEt7s%2BWtG9q9FUNqoaw5f9GRW5ObvwezAJMOSOmjHPAlFFfXVhr5ZkrwsRLhNcULIlY0qEej5JWxGjkiw4LqY%2FCTuIf1uy%2FAAAA%2F%2F8BAAD%2F%2F9biq9KGBAAA IP173.233.139.164:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudzS8%2FQNAQRBMQ0hZBAgmfd29v725JERGCkYVxrCTI9czO7Hnw7M5qZvf27MoiEkp5VFCu39mxAlFEKioEnGmQKx8FskRcUkdCokZ3PunEJ818f94U7735vtwvz4mHkp5tfKp3pVJ0OWx47jubMuO6su76Pdf3Gt51d1Nm7dZ1dzC9TP993wsb3rvuxyLe1stNz%2Fc83%2FPdFWlEogfLMxQyfxz5jchrtJoNP2xhYP7b29KBpQ54%2F5y8Bskn%2F9%2F67SlkPEaWfn9L2O1C5%2B99lJaKFtqgz48%2By7YzXWVIF2ViHCTZ0fw1tJ0Q8s0l6OxorgC6fzBVACYnxPnDB8uO5jTB%2BocXTJmCyMD4K6j6Ywg1hqRjxPo%2BJD8lQMyxfhtZ%2BnBdm4ruXKB0ik7I5X%2F%2Bhqwm5PKz15GlT24qOXDvalUWUmcWg6SGHIwhe2Pk5TGKXQeyOkZcfAHJCbK0huRn1zjvRt2uFyz5LSaWWh2aLLEoEUuJYFHYCUWLtYKZNVKOIZMxlBiCWgfl9EgHZeKgzB2k%2FMylYZR4XidhSRB0W3EcB0Ech902D3nQ6iYeynjKfYgiHyJWQ8RmD7nZw7YcwpQ%2Fw27VsNyBLQj6vEYlCCpLUFGCShJUBUHVrw%2B5sk1bP%2BTKlsyf5%2BY8B%2FVIF719eqiLnsjIfn5OrswMey5ybIszV3DW7XhB2AnaUeh12lOpUcz8sN2OgrYfwMoa0l6aydyVE3LlVYpcnr5YgNFjWHWMWL4NWr4FWo06TQ90a9TqetjNnnCtuS2MoGkj1im4rpEXl1HsOPvqnFyd8bj%2B9V8Q8QmZB2JTIzc1Ppe%2FEvTUg9EdXZGDO7qy5OntvJCp3KXTT71b0EI4334idipt%2BOotO3z0QTwFpuXje8IWazTjMutZ8t1NybkwK9rEgvy4ajcF2yjt1s3SZGW%2BtvHhymqaG2Gt1NkYVJ6aR4jlhLz855uzdXVfugppxjBljbRcMJX6GHG%2BB5svZlYTGLXoWe6gKuuRabLFUEkCJRY9ZTWsOLnxywvXni2%2FUYOJk5%2BeX2D79gF6xgEt7s%2BWtG9q9FUNqoaw5f9GRW5ObvwezAJMOSOmjHPAlFFfXVhr5ZkrwsRLhNcULIlY0qEej5JWxGjkiw4LqY%2FCTuIf1uy%2FAAAA%2F%2F8BAAD%2F%2F9biq9KGBAAA HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Cookie: u_pl=15754608; uid_id2=dd898803-14be-47af-b9fe-feb9575e4b43:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecedb8703573695076feb99cb156693613=[3905510]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 05 Jan 2023 22:17:23 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6f2bccec8f777a667a7a8d0b723f355c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashafb87e38f537fc0b57d7863f8c0427e4 4970fc96aabe7aee4e729943fcd9eb54f6612fb0 335fd83470d6320957f878931632ffe29cf7e7770cfb3347d381f9356a0fef06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "335FD83470D6320957F878931632FFE29CF7E7770CFB3347D381F9356A0FEF06"
Last-Modified: Tue, 03 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12209
Expires: Fri, 06 Jan 2023 01:40:52 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html | 45.133.44.3 | 200 OK | 735 B |
URL HTTP/2cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html IP45.133.44.3:0 ASN#39572 DataWeb Global Group B.V.
Hashe420d92f715b281ebf9a15733e56e6c9 8d4c971635d65160c5e514a51de5f20ddae8e061 57e155d845e0db4302963338d4099ddb0b5edae1f75ff800235f16a3377179ae
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:23 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
etag: W/"629f709c-40e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 05 Jan 2023 23:17:23 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashca43dc405d4cba594ec2ca5f0e4c9cf3 38502dab5b99e8f0b30acb7deb4b64801b81fd49 f7d9c2a9da13232785b37c9c6cb0b8eb98f2c49c3fb70d038ed6a2bee01e9e85
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F7D9C2A9DA13232785B37C9C6CB0B8EB98F2C49C3FB70D038ED6A2BEE01E9E85"
Last-Modified: Wed, 04 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20637
Expires: Fri, 06 Jan 2023 04:01:20 GMT
Date: Thu, 05 Jan 2023 22:17:23 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 471 B |
IP172.64.155.188:0
Hash2ee39bd26760b7a848a2662fd8bdd28b ad97c40f6823b800e668924a84f5c82d207b422c c76509e760380831529266c2c31939c5c567766f99a09e51d11335cb2afa8579
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 12:00:07 GMT
Expires: Thu, 12 Jan 2023 12:00:06 GMT
Etag: "ad97c40f6823b800e668924a84f5c82d207b422c"
Cache-Control: max-age=567162,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f957328b7b511-OSL
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png | 172.64.166.9 | 200 OK | 2.0 kB |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png IP172.64.166.9:0
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data Hash2cecae5111d5ff932a996679215ad573 f4c63abb5dc373aba5bc144c3831d98516cc7cc9 31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc
GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:24 GMT
content-type: image/png
content-length: 2005
last-modified: Wed, 11 May 2022 09:01:03 GMT
etag: "627b7b4f-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4436750
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QU8XoCoqT5Kwe68Ky7EhQzeL87fq7bP4WBI%2BcIX%2BcAcE0VeS56mR53oBYAam3hlRMDPR%2BEqFlSsSOP1rNPWLGbw11DxPU9vD9D3Rt%2Fe6fwaj%2BgtRCkbtyPiv2bL8ig6ktgf9QReIXtDN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9574fd418e32-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashe5782ef491c4bb5e1dc5245aed1640b7 2a34a0380e837befa2d6f2ba794c58fca083302a 88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 1.0 kB |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:0
Hashee5e0ca0d158fa22550e2438626fcd4e 13236a4aeaa0cb7143ae5aa6a4ad6419f349260c 60416b1f4a08e960421d5b766c5e390f31d5f35f611e8552344ee9e2d620ddcf
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 05 Jan 2023 22:17:24 GMT
date: Thu, 05 Jan 2023 22:17:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1782561be2399c34cbc8ffb4b1974b35 9c2c71d9e99eebc50a5b182d3caeff03082ca42b 8424587be1de32390061ee4ee6c44f8c920e02818a0528020eb9bd7f32f06a5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8424587BE1DE32390061EE4EE6C44F8C920E02818A0528020EB9BD7F32F06A5A"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15220
Expires: Fri, 06 Jan 2023 02:31:04 GMT
Date: Thu, 05 Jan 2023 22:17:24 GMT
Connection: keep-alive
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash0dafc8bce91d81f31d40e3f53106af5e b9b2b2295ef197689a0e79de00f8293c6a6bf744 dcf85fe42f64f948d08cf24226e16f4f1745fc895a2a892984c6c5a344477a3c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:17:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 01:12:44 GMT
Expires: Wed, 11 Jan 2023 01:12:43 GMT
Etag: "b9b2b2295ef197689a0e79de00f8293c6a6bf744"
Cache-Control: max-age=441918,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784f95740f80b4e8-OSL
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashe5782ef491c4bb5e1dc5245aed1640b7 2a34a0380e837befa2d6f2ba794c58fca083302a 88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/analytics.js | 142.250.74.46 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.46:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 05 Jan 2023 21:43:41 GMT
expires: Thu, 05 Jan 2023 23:43:41 GMT
cache-control: public, max-age=7200
age: 2023
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/fb/97/42/fb97428f6ef25fc88d5521a858eff992/1672873597.png | 45.133.44.9 | 200 OK | 66 kB |
URL HTTP/2cdn.cloudimagesb.com/si/fb/97/42/fb97428f6ef25fc88d5521a858eff992/1672873597.png IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hashda0b2112fb141d33c6cd27fc172b518c a6ee03a7a7c2b91f35899a80e300b2121266f433 6c7f4cb92a16b9c9aab39d6c6e3182c0193348c27f24dabb27630e24a3306fbf
GET /si/fb/97/42/fb97428f6ef25fc88d5521a858eff992/1672873597.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:24 GMT
content-type: image/png
content-length: 66082
server: nginx/1.17.6
last-modified: Wed, 04 Jan 2023 23:06:45 GMT
etag: "63b60685-10222"
expires: Sat, 07 Jan 2023 22:17:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=1808393125&t=pageview&_s=1&dl=https%3A%2F%2Fdood.re%2Ffor7liwq65uc&ul=en-us&de=UTF-8&dt=File%20not%20found%20%7C%20DoodStream&sd=24-bit&sr=1280x1024&vp=1280x898&je=0&_u=YEBAAUABAAAAACAAI~&jid=651230467&gjid=1193168626&cid=1369572532.1672957034&tid=UA-160322406-1&_gid=1494725710.1672957034&_r=1>m=2ou120&z=1272072696 | 142.250.74.46 | 200 OK | 1 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=1808393125&t=pageview&_s=1&dl=https%3A%2F%2Fdood.re%2Ffor7liwq65uc&ul=en-us&de=UTF-8&dt=File%20not%20found%20%7C%20DoodStream&sd=24-bit&sr=1280x1024&vp=1280x898&je=0&_u=YEBAAUABAAAAACAAI~&jid=651230467&gjid=1193168626&cid=1369572532.1672957034&tid=UA-160322406-1&_gid=1494725710.1672957034&_r=1>m=2ou120&z=1272072696 IP142.250.74.46:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1808393125&t=pageview&_s=1&dl=https%3A%2F%2Fdood.re%2Ffor7liwq65uc&ul=en-us&de=UTF-8&dt=File%20not%20found%20%7C%20DoodStream&sd=24-bit&sr=1280x1024&vp=1280x898&je=0&_u=YEBAAUABAAAAACAAI~&jid=651230467&gjid=1193168626&cid=1369572532.1672957034&tid=UA-160322406-1&_gid=1494725710.1672957034&_r=1>m=2ou120&z=1272072696 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://dood.re
date: Thu, 05 Jan 2023 22:17:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| blockadsnot.com/akYxOM.asp?_=BQFiAAAAAAAACZUAAm5xWzh5ucsXIGulVKcDSKlEOG5vEW-_azrsaciOpG_65GKthbREgLWGnkvvrms8c6G0YaHekz5fLYkB9q17pSwwlhJ0j2X3ycrhw-a--iuqTXRKyL1d2_pXfsNwq9ev4BiHwnFfackTjCX4mos7WiIuIbhKAmf-Hj4ABfkRBKplpTovivQf9u1-Y2MIigcXtdm2y7Z2tTcjhg4VdMsd07cFnjrF0v7XVb8flLfqCothkO9FfYKZ5rEvEw-Hul-uH3cgr0ZojYWw4wbTRO9OALq40Eapu_7UE2H9Uu5WeOS8fdCj9oySsJpxtSLhd3SK3G4YS-aVWri03j-haKSmtIM7bPqccitG0yqphEhcUwawCaLrC7naXql_2SNyeFprw5ZlpcZI86JRSeH5huRp_CGNbgy8mSZb4MnK78XSfau0vQNAo6sYHUpOx4-tcbA9CyvBhl_9WHTybPoyzRZuATs&v=4&xrCtmhZv=4091021&minBid=&bNkTdQZH=0,0&WVpotsib=&TJXgodqw=&s=1280,1024,1,1280,1024,0 | 208.95.112.254 | 200 OK | 44 B |
URL HTTP/2blockadsnot.com/akYxOM.asp?_=BQFiAAAAAAAACZUAAm5xWzh5ucsXIGulVKcDSKlEOG5vEW-_azrsaciOpG_65GKthbREgLWGnkvvrms8c6G0YaHekz5fLYkB9q17pSwwlhJ0j2X3ycrhw-a--iuqTXRKyL1d2_pXfsNwq9ev4BiHwnFfackTjCX4mos7WiIuIbhKAmf-Hj4ABfkRBKplpTovivQf9u1-Y2MIigcXtdm2y7Z2tTcjhg4VdMsd07cFnjrF0v7XVb8flLfqCothkO9FfYKZ5rEvEw-Hul-uH3cgr0ZojYWw4wbTRO9OALq40Eapu_7UE2H9Uu5WeOS8fdCj9oySsJpxtSLhd3SK3G4YS-aVWri03j-haKSmtIM7bPqccitG0yqphEhcUwawCaLrC7naXql_2SNyeFprw5ZlpcZI86JRSeH5huRp_CGNbgy8mSZb4MnK78XSfau0vQNAo6sYHUpOx4-tcbA9CyvBhl_9WHTybPoyzRZuATs&v=4&xrCtmhZv=4091021&minBid=&bNkTdQZH=0,0&WVpotsib=&TJXgodqw=&s=1280,1024,1,1280,1024,0 IP208.95.112.254:0
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /akYxOM.asp?_=BQFiAAAAAAAACZUAAm5xWzh5ucsXIGulVKcDSKlEOG5vEW-_azrsaciOpG_65GKthbREgLWGnkvvrms8c6G0YaHekz5fLYkB9q17pSwwlhJ0j2X3ycrhw-a--iuqTXRKyL1d2_pXfsNwq9ev4BiHwnFfackTjCX4mos7WiIuIbhKAmf-Hj4ABfkRBKplpTovivQf9u1-Y2MIigcXtdm2y7Z2tTcjhg4VdMsd07cFnjrF0v7XVb8flLfqCothkO9FfYKZ5rEvEw-Hul-uH3cgr0ZojYWw4wbTRO9OALq40Eapu_7UE2H9Uu5WeOS8fdCj9oySsJpxtSLhd3SK3G4YS-aVWri03j-haKSmtIM7bPqccitG0yqphEhcUwawCaLrC7naXql_2SNyeFprw5ZlpcZI86JRSeH5huRp_CGNbgy8mSZb4MnK78XSfau0vQNAo6sYHUpOx4-tcbA9CyvBhl_9WHTybPoyzRZuATs&v=4&xrCtmhZv=4091021&minBid=&bNkTdQZH=0,0&WVpotsib=&TJXgodqw=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Thu, 05 Jan 2023 22:17:24 GMT
X-Firefox-Spdy: h2
|
|
| t79rtmgck0td.s4.adsco.re/ | 185.200.116.90 | 200 OK | 0 B |
URL HTTP/1.1t79rtmgck0td.s4.adsco.re/ IP185.200.116.90:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: t79rtmgck0td.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 05 Jan 2023 22:17:24 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash75cfc8b3d7a22c317465a354b950897b 272651a02a8fa17067d9e4e9ff4878d2c1af75af 40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash75cfc8b3d7a22c317465a354b950897b 272651a02a8fa17067d9e4e9ff4878d2c1af75af 40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.re
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 96210
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dood.re
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:34:15 GMT
expires: Thu, 04 Jan 2024 19:34:15 GMT
cache-control: public, max-age=31536000
age: 96189
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| unpredictablehateagent.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdzT9%2FQNAQRBMQ0hZBAgmfd29374MUESEYWRjHSoJcz9eeB%2B%2FurGZ2b8%2BuLCKhlEcF5fqdHSsQRaSiQsCZBrnyUSBLxCV1JCRqdOeTTvykmd%2FHm%2BK9N78v98tz4qGkZxuf6l2VJHQ5anjuO5sqE7qy7vo91%2Fca3nV3U2Wt8Lo7mF6m%2F77vRQ3vXfdjybf1ctPzPc%2F3fHdFGRnrwfIMhcofd%2F1G12uEzYYfhRiY%2F%2Fa2dGCpA9E%2FJ69Bicn%2Ft357CsXHyNLvb0m7Xej8vY%2FSMqGFNuiLo8%2By7UxXGdJFGRsHcXY0fw1tJ4R8cwk6O5orgO4fTBWAqQlx%2FvDBsqM5TbD%2B4QVTlkBmYOIVVP0xZDKGomNwfR9KnBKAC6zfRpY%2BXNemojsXKJ2iE3L5n7%2Bhqgm5%2FOx1ZOmTm4kauHd1UhZKZxaDuIYajKF6Y%2BTlMYpdB6o6Bi%2B%2BgBIEWVpDibNrQnS6nY4XLPkhk0thm8ZLrBvLpViybtSOZMjCYGaNUmOoeIxEDkGtg3J6lIMydlDmDlJx5tKoG3teO2ZxEHRCznkQcB51WiISQdiJPZR8yn2IIh%2BCJ0Nws4fc7GFbDWHKn2G3aljhwBYEfVGjkgSVJagoQaUIqoKg6teHIrFNWz8UiS2ZP8%2FNeQ7qkS56%2B%2FRQFz2Zkf38nFyZGfZc5tiWZ64UrNP2gqgdtLqR125NpXY586NWqxu0%2FABW1VD20kzmrpqQK69S5Or0xQKMHsMmx%2BDqbdDyLdBq1G56oFujsONhN3sitBa2MJKmDa5TCF0jLy6j2HH2k3Nydcbj%2Btd%2FQfITMg9wUyM3NT5XvxL0kgejO7oiB3d0ZcnT23mhUrVLp596t6CFdL79RO5U2ojVW3b46AM%2BBabl43vSFms0EyrrWfLdTSWENCvacEl%2BXLWbkm2UdutmabIyX9v4cGU1zY20VulsDKpOzSNwNSEv%2F%2FnmbF3dl65CmTFMWSMtF0yVPgbP92DzxcxqApMsepY7qMp6ZJpsMUwUQSIXPWU1rDy58csL154tv1GDyZOfnl9g%2B%2FYBesYBLe7PlrRvavSTGjQZwpb%2FGxW5ObnxezALsMQZscQ4BywxyVcX1lp15kZ%2BKDus0%2BZCMMmF324GncDzmkKE7a70uyjshP%2BwZv8FAAD%2F%2FwEAAP%2F%2FwuolNIYEAAA%3D | 173.233.139.164 | 200 OK | 7 B |
URL HTTP/1.1unpredictablehateagent.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdzT9%2FQNAQRBMQ0hZBAgmfd29374MUESEYWRjHSoJcz9eeB%2B%2FurGZ2b8%2BuLCKhlEcF5fqdHSsQRaSiQsCZBrnyUSBLxCV1JCRqdOeTTvykmd%2FHm%2BK9N78v98tz4qGkZxuf6l2VJHQ5anjuO5sqE7qy7vo91%2Fca3nV3U2Wt8Lo7mF6m%2F77vRQ3vXfdjybf1ctPzPc%2F3fHdFGRnrwfIMhcofd%2F1G12uEzYYfhRiY%2F%2Fa2dGCpA9E%2FJ69Bicn%2Ft357CsXHyNLvb0m7Xej8vY%2FSMqGFNuiLo8%2By7UxXGdJFGRsHcXY0fw1tJ4R8cwk6O5orgO4fTBWAqQlx%2FvDBsqM5TbD%2B4QVTlkBmYOIVVP0xZDKGomNwfR9KnBKAC6zfRpY%2BXNemojsXKJ2iE3L5n7%2Bhqgm5%2FOx1ZOmTm4kauHd1UhZKZxaDuIYajKF6Y%2BTlMYpdB6o6Bi%2B%2BgBIEWVpDibNrQnS6nY4XLPkhk0thm8ZLrBvLpViybtSOZMjCYGaNUmOoeIxEDkGtg3J6lIMydlDmDlJx5tKoG3teO2ZxEHRCznkQcB51WiISQdiJPZR8yn2IIh%2BCJ0Nws4fc7GFbDWHKn2G3aljhwBYEfVGjkgSVJagoQaUIqoKg6teHIrFNWz8UiS2ZP8%2FNeQ7qkS56%2B%2FRQFz2Zkf38nFyZGfZc5tiWZ64UrNP2gqgdtLqR125NpXY586NWqxu0%2FABW1VD20kzmrpqQK69S5Or0xQKMHsMmx%2BDqbdDyLdBq1G56oFujsONhN3sitBa2MJKmDa5TCF0jLy6j2HH2k3Nydcbj%2Btd%2FQfITMg9wUyM3NT5XvxL0kgejO7oiB3d0ZcnT23mhUrVLp596t6CFdL79RO5U2ojVW3b46AM%2BBabl43vSFms0EyrrWfLdTSWENCvacEl%2BXLWbkm2UdutmabIyX9v4cGU1zY20VulsDKpOzSNwNSEv%2F%2FnmbF3dl65CmTFMWSMtF0yVPgbP92DzxcxqApMsepY7qMp6ZJpsMUwUQSIXPWU1rDy58csL154tv1GDyZOfnl9g%2B%2FYBesYBLe7PlrRvavSTGjQZwpb%2FGxW5ObnxezALsMQZscQ4BywxyVcX1lp15kZ%2BKDus0%2BZCMMmF324GncDzmkKE7a70uyjshP%2BwZv8FAAD%2F%2FwEAAP%2F%2FwuolNIYEAAA%3D IP173.233.139.164:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcxR%2BdzT9%2FQNAQRBMQ0hZBAgmfd29374MUESEYWRjHSoJcz9eeB%2B%2FurGZ2b8%2BuLCKhlEcF5fqdHSsQRaSiQsCZBrnyUSBLxCV1JCRqdOeTTvykmd%2FHm%2BK9N78v98tz4qGkZxuf6l2VJHQ5anjuO5sqE7qy7vo91%2Fca3nV3U2Wt8Lo7mF6m%2F77vRQ3vXfdjybf1ctPzPc%2F3fHdFGRnrwfIMhcofd%2F1G12uEzYYfhRiY%2F%2Fa2dGCpA9E%2FJ69Bicn%2Ft357CsXHyNLvb0m7Xej8vY%2FSMqGFNuiLo8%2By7UxXGdJFGRsHcXY0fw1tJ4R8cwk6O5orgO4fTBWAqQlx%2FvDBsqM5TbD%2B4QVTlkBmYOIVVP0xZDKGomNwfR9KnBKAC6zfRpY%2BXNemojsXKJ2iE3L5n7%2Bhqgm5%2FOx1ZOmTm4kauHd1UhZKZxaDuIYajKF6Y%2BTlMYpdB6o6Bi%2B%2BgBIEWVpDibNrQnS6nY4XLPkhk0thm8ZLrBvLpViybtSOZMjCYGaNUmOoeIxEDkGtg3J6lIMydlDmDlJx5tKoG3teO2ZxEHRCznkQcB51WiISQdiJPZR8yn2IIh%2BCJ0Nws4fc7GFbDWHKn2G3aljhwBYEfVGjkgSVJagoQaUIqoKg6teHIrFNWz8UiS2ZP8%2FNeQ7qkS56%2B%2FRQFz2Zkf38nFyZGfZc5tiWZ64UrNP2gqgdtLqR125NpXY586NWqxu0%2FABW1VD20kzmrpqQK69S5Or0xQKMHsMmx%2BDqbdDyLdBq1G56oFujsONhN3sitBa2MJKmDa5TCF0jLy6j2HH2k3Nydcbj%2Btd%2FQfITMg9wUyM3NT5XvxL0kgejO7oiB3d0ZcnT23mhUrVLp596t6CFdL79RO5U2ojVW3b46AM%2BBabl43vSFms0EyrrWfLdTSWENCvacEl%2BXLWbkm2UdutmabIyX9v4cGU1zY20VulsDKpOzSNwNSEv%2F%2FnmbF3dl65CmTFMWSMtF0yVPgbP92DzxcxqApMsepY7qMp6ZJpsMUwUQSIXPWU1rDy58csL154tv1GDyZOfnl9g%2B%2FYBesYBLe7PlrRvavSTGjQZwpb%2FGxW5ObnxezALsMQZscQ4BywxyVcX1lp15kZ%2BKDus0%2BZCMMmF324GncDzmkKE7a70uyjshP%2BwZv8FAAD%2F%2FwEAAP%2F%2FwuolNIYEAAA%3D HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Cookie: u_pl=15754608; uid_id2=dd898803-14be-47af-b9fe-feb9575e4b43:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecedb8703573695076feb99cb156693613=[3905510]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 05 Jan 2023 22:17:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd9c4ac6ad91b9ad3fbd76ad92b4a1cf
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash75cfc8b3d7a22c317465a354b950897b 272651a02a8fa17067d9e4e9ff4878d2c1af75af 40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 05 Jan 2023 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| unpredictablehateagent.com/pixel/sbs?c=1 | 173.233.139.164 | 200 OK | 0 B |
URL HTTP/1.1unpredictablehateagent.com/pixel/sbs?c=1 IP173.233.139.164:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: unpredictablehateagent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Cookie: u_pl=15754608; uid_id2=dd898803-14be-47af-b9fe-feb9575e4b43:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecedb8703573695076feb99cb156693613=[3905510]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 05 Jan 2023 22:17:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4b414508369c3bb401840177aece9c1e 24cc8b2166cbd5e6f2cfb46449dbc4781913e0ac 2f7d408ef0d6eb45dcb6873daaae75b055cc9f7deff5309d0e41faaa601bdf7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F7D408EF0D6EB45DCB6873DAAAE75B055CC9F7DEFF5309D0E41FAAA601BDF7E"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6890
Expires: Fri, 06 Jan 2023 00:12:14 GMT
Date: Thu, 05 Jan 2023 22:17:24 GMT
Connection: keep-alive
|
|
| unseenreport.com/pxf.gif?uuid=dd898803-14be-47af-b9fe-feb9575e4b43&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=edb8703573695076feb99cb156693613&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=dd898803-14be-47af-b9fe-feb9575e4b43&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=edb8703573695076feb99cb156693613&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=dd898803-14be-47af-b9fe-feb9575e4b43&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=edb8703573695076feb99cb156693613&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 05 Jan 2023 22:17:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 077c7b2e892bad5b539ff1b63671bb4a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=dd898803-14be-47af-b9fe-feb9575e4b43&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f06f53688194268edaf23d2b44a59e27&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=dd898803-14be-47af-b9fe-feb9575e4b43&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f06f53688194268edaf23d2b44a59e27&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=dd898803-14be-47af-b9fe-feb9575e4b43&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f06f53688194268edaf23d2b44a59e27&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 05 Jan 2023 22:17:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 196bc0020ec308615466e4507ef5cd1e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js | 172.64.166.9 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js IP172.64.166.9:0
GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:23 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 09:01:04 GMT
etag: W/"627b7b50-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4436389
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jy9xVhCPxNEPcQ0MzWLi9gQ7qgDWeiKtJiuP1L3DT0gla0ZfgWjOFOFrl%2BiI3AT23J8IibEShc4qLKxQ%2BDYwbT8y8SpB63ZHg1NDF4PE2Iy2ySTZRnHu1bfJjPBusLBGsFm%2Fxxlb72ym"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9574dd2f8e32-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dood.re/for7liwq65uc | 104.26.4.50 | 404 Not Found | 0 B |
IP104.26.4.50:0
GET /for7liwq65uc HTTP/1.1
Host: dood.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Thu, 05 Jan 2023 22:17:21 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsJDseQKeMx8WvI2oSt7adubt11K0EOABlr%2Bj7lA8hw87TG%2FuRHR8%2FwaI8pQroFtgJm8i1C%2FaYPzfJaVlLrFBRjkP%2BCoJRI0Kx%2Fp95Qif5qcljbkeORImdI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784f95648da6fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| friendshipmale.com/sfp.js | 172.64.166.29 | 200 OK | 0 B |
URL HTTP/2friendshipmale.com/sfp.js IP172.64.166.29:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7bebf9dc2d8a97aeac61ebc442220846
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 05 Jan 2023 22:17:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpgZ7jrjKKI3voAiLH3kCe%2BT8B2fTVaa%2BGrPNEM3oMR8zaPt3bKGn9y8TxUTHngTbubY9r%2B25cxPiXJiYWQZf3roX4e7bwb1C9ZXKzqbVjbHgDRUS%2FcBlwGfyFIw2GwZMomh5UQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f956c4f3e71f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.doodcdn.com/theme_2/img/not_found.svg | 172.67.208.102 | 301 Moved Permanently | 0 B |
URL HTTP/2i.doodcdn.com/theme_2/img/not_found.svg IP172.67.208.102:0
GET /theme_2/img/not_found.svg HTTP/1.1
Host: i.doodcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 05 Jan 2023 22:17:21 GMT
location: https://i.doodcdn.co/theme_2/img/not_found.svg
cache-control: max-age=3600
expires: Thu, 05 Jan 2023 23:17:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pM1%2B1%2F%2B1Et944h71EsV%2FyzOXoyTvu7xQrwVVrAqbXZhpitKJ27Hr9nCro0q2WeQvciW5lj88IXvPrjyGd5PTGs2JdUlPiabzuwTKKuFGrrLoWoOPqxOwxoWjai%2F3Ol9S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f95667a3b0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/css/bootstrap.min.css | 104.26.7.74 | 200 OK | 0 B |
URL HTTP/2i.doodcdn.co/theme_2/css/bootstrap.min.css IP104.26.7.74:0
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.re/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:21 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
expires: Fri, 05 Jan 2024 08:23:42 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 43760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t3up3oLqgz4w4O%2B%2Fzi%2BswAOUsh3n5P7I%2FEumOiQ1sh0Rpl4RChq%2FhktSvfWKMqx%2BgtfQMVzsB%2Bp1IoTEYM6YB5DYojxCt1JCrZS7pIHy5dRPAhY41JqCWHSwFNRfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784f95670a60b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/css/style.css | 104.26.7.74 | 200 OK | 0 B |
URL HTTP/2i.doodcdn.co/theme_2/css/style.css IP104.26.7.74:0
GET /theme_2/css/style.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.re/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:21 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=249272
expires: Thu, 04 Jan 2024 19:09:44 GMT
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 64557
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGML0%2FO8LSKyU9hLiRIIc3mGsZcrG0Ps6aWbwkVTVM5JEFtQleXP6vvs6AjeRfxQr1Y1a5cHOx3tKn5LtG9y4EAN%2B996gw5QNfGuZ%2B%2BrZgf9wTXWBS3p%2B6Qkzlw%2B3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784f95671a76b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.blockadsnot.com/jsoneditor.min.js | 185.76.9.17 | 200 OK | 0 B |
URL HTTP/2www.blockadsnot.com/jsoneditor.min.js IP185.76.9.17:0 ASN#60068 Datacamp Limited
GET /jsoneditor.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:22 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Fri, 06 Jan 2023 20:36:15 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1673037375
server: CDN77-Turbo
x-77-nzt: AblMCQ0oo3n/swAIAA
x-77-nzt-ray: c0a4cc281de7369e724cb763d71e5420
x-cache: HIT
x-age: 524467
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| acacdn.com/script/compatibility.js | 104.21.85.95 | 200 OK | 0 B |
URL HTTP/2acacdn.com/script/compatibility.js IP104.21.85.95:0
GET /script/compatibility.js HTTP/1.1
Host: acacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:22 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdubVkeMPpUraus5T7-omKhqGkVaEeYWswl9Asv8JnfUmt85Ke4m5jVXIKqZ5L8f7Gxo4OtOXkWvigEMOoH9PQuJlA
x-goog-generation: 1655802523449377
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14461
x-goog-hash: crc32c=COVK0Q==, md5=lGu5GSoU5trQNansgXjwcw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Thu, 05 Jan 2023 23:10:08 GMT
cache-control: public, max-age=14400
age: 434
last-modified: Tue, 21 Jun 2022 09:08:43 GMT
etag: W/"946bb9192a14e6dad035a9ec8178f073"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3B1vxxjUbcJB942%2FASuel7Ffx%2FlD5Wudav07BOzNllMYKDvfBQYXIH%2F2RiCsA2aEapbMdFw1s1RmrGT7QORG9ohuSsGurvkrFIx6q48IT6HgYE4VQLowIIqKI%2FI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f956c4a83b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.doodcdn.co/theme_2/img/not_found.svg | 104.26.7.74 | 200 OK | 0 B |
URL HTTP/2i.doodcdn.co/theme_2/img/not_found.svg IP104.26.7.74:0
GET /theme_2/img/not_found.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dood.re/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:21 GMT
content-type: image/svg+xml
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Fri, 03 Feb 2023 09:00:48 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 60719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2fFJHcXx6O5pxIbBNLa4nXXwfaZPw%2BHl5Ven1AVUAKX4ToekxBiei39%2FiptfWoWhnRx0hlDrvizb2zf3jRGktteoJVd%2BbuntvncaGYxIZOkeRiRcz743MNSehtPPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f95670a63b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| onclickgenius.com/script/suurl.php?r=2964355&cbrandom=0.7983034560290331&cbiframe=0&cbWidth=1280&cbHeight=898&cbtitle=File%20not%20found%20%7C%20DoodStream&cbref=&cbdescription=&cbkeywords=&cbcdn=acacdn.com | 35.190.71.96 | 200 OK | 0 B |
URL HTTP/2onclickgenius.com/script/suurl.php?r=2964355&cbrandom=0.7983034560290331&cbiframe=0&cbWidth=1280&cbHeight=898&cbtitle=File%20not%20found%20%7C%20DoodStream&cbref=&cbdescription=&cbkeywords=&cbcdn=acacdn.com IP35.190.71.96:0
GET /script/suurl.php?r=2964355&cbrandom=0.7983034560290331&cbiframe=0&cbWidth=1280&cbHeight=898&cbtitle=File%20not%20found%20%7C%20DoodStream&cbref=&cbdescription=&cbkeywords=&cbcdn=acacdn.com HTTP/1.1
Host: onclickgenius.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Thu, 05 Jan 2023 22:17:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css | 172.64.166.9 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css IP172.64.166.9:0
GET /sb/ssp/in-page_push/os/android/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:23 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:02 GMT
etag: W/"627b7b4e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4436389
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBCtTgf8m4nSfpU0EDhhkkUL670UH%2Bcl4aOuWb69GKi5QZeOlchy92HxG6jC5bffz%2FH%2BFQrfJuyNhf87ukyp4doIZtrS5iGnzjXW82biTOhh7KWgFOfWS5shLUyH1ucmpD0qJc6zEKaT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9574dd2c8e32-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css | 172.64.166.9 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css IP172.64.166.9:0
GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.re
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 05 Jan 2023 22:17:23 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:01 GMT
etag: W/"627b7b4d-126c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4436389
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmLDkP43VGzF2kbIlfxWZ5usJx0rxWqgbzYylj7KGPtZWB5t4xDWivudnoUdJebfK5fq4PuqnP%2BP1g0kkIJIH4J%2Bi7nC9UJq%2FQOQRjHO9k9%2F7ydIhJ8C5NKyYvzX%2BHHDQYKFEkTuythe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f9574dd2e8e32-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.doodcdn.com/theme_2/css/bootstrap.min.css | 172.67.208.102 | 301 Moved Permanently | 0 B |
URL HTTP/2i.doodcdn.com/theme_2/css/bootstrap.min.css IP172.67.208.102:0
GET /theme_2/css/bootstrap.min.css HTTP/1.1
Host: i.doodcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 05 Jan 2023 22:17:21 GMT
location: https://i.doodcdn.co/theme_2/css/bootstrap.min.css
cache-control: max-age=3600
expires: Thu, 05 Jan 2023 23:17:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwQ6mdZ%2Ftzv6RJJFIX7flgL2tSaTpC0526Fi9nvPBzrB8pLTiYeZY3%2B81ZGh3LYbHpip3fdto98GrnziOrErTHVr9KAWXoluuuZB7YNRQnrimEUSbz3lc8kpoGZqWoXf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784f95667a3d0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|