GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/jquery.lazyload.js?ver=1.2.5
200 OK 1.2 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/jquery.lazyload.js?ver=1.2.5
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (658), with CRLF line terminators
Hash 3048cccc36019c01328c8c3844b8d1ac
5d656ca230adb8e1fcfbcf9008125524cdaa80f3
64f71853c605c8ff791d902c3ea3d22bf4a345390ca812015be2f233394a7ca0
GET /wp-content/themes/PsyPlay125/assets/js/jquery.lazyload.js?ver=1.2.5 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 1229
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4xYLUTC%2BkFXM59D1fIaKIk%2BsMkcd8BTz%2Fh2IE2U2HSt1J0%2FJHfssdSZbC7esovSu3zy7Rtv8t3tEUuyyLvOC6BsaDcuN7B6GOqCTNzJosRXpWho8L9SFmRXrJ6goYRJ9j2rlhU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba5b56af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3680&min_rtt=1271&rtt_var=2761&sent=47&recv=26&lost=0&retrans=0&sent_bytes=30285&recv_bytes=8504&delivery_rate=10025764&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=561&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.91.2
200 OK 753 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.91.2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type ASCII text, with very long lines (516)
Hash 830dae7fb9dfd5ac1879a83dd028083d
6be6afca684e3305000879ad71f264f0c6549bd1
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
GET /wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.91.2 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 753
last-modified: Tue, 16 Jul 2024 17:38:02 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpLlM8ZfTw5IIBx9nNERr5ZDy8yROp0eFafDCJD2xRCpFg9J2YAMpYpfUgC%2BTbuFJ2MIRmqUbRlo0K3ucOWHIZj2WoiXdZT6tdLj%2B%2BpnHD3XfekdYtnmWjyr5iJmQd0%2FZ3UzhHc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ca7856af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3680&min_rtt=1271&rtt_var=2761&sent=47&recv=26&lost=0&retrans=0&sent_bytes=30285&recv_bytes=8504&delivery_rate=10025764&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=561&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/jquery.idTabs.min.js?ver=1.2.5
200 OK 905 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/jquery.idTabs.min.js?ver=1.2.5
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (1984), with no line terminators
Hash aaa4775458d0c24e424a2f63cc3e4e58
d2f5ad9781b0de0edf8445fbb1fc23d4fe972add
cff6da8fe58fce47ff6cf611c2c7820f7dd124a9e30177449f08f9f45e53889a
GET /wp-content/themes/PsyPlay125/assets/js/jquery.idTabs.min.js?ver=1.2.5 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 905
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHLAU8E3ioq2%2FqNcGCOZv%2Ft%2BwD7IO1QvLmb9KicZfUokgaa%2FMR0VuCXirtO3h3TorabZ1HMMp5YEnS4WydQtJdlkE9OshrsyZVxpyFFhJktHPcC6HaQenU5bYg3pJG9IM7Z6dhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba6e56af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3680&min_rtt=1271&rtt_var=2761&sent=51&recv=26&lost=0&retrans=0&sent_bytes=33768&recv_bytes=8504&delivery_rate=10025764&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=563&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/plugins/wp-rocket/assets/js/wpr-beacon.min.js
200 OK 3.7 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/plugins/wp-rocket/assets/js/wpr-beacon.min.js
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type ASCII text, with very long lines (10878)
Hash 3ffef9d75612e6d5b383c393b3fb7d87
7cfdaa40c3440efd2751d9833a768ea6953f6351
87219a2f9be014310d195b371277e88a30d17ed287e81025bbeff604e8930bca
GET /wp-content/plugins/wp-rocket/assets/js/wpr-beacon.min.js HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 3709
last-modified: Fri, 14 Feb 2025 13:42:01 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dn1RaakglsUMoqosxahrfqFtVZvRnZ8nACuLoWOxQPKVpKFv8z%2F0HTLONa2n645QxPzvATQbovgQ1fEsb8E7cMA9AyZZzRXDFGfN2SXdTtxbAfNDeS3nwPDjo1VkVmI6UbwmysE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ca8256af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3179&min_rtt=1163&rtt_var=2447&sent=53&recv=28&lost=0&retrans=0&sent_bytes=35423&recv_bytes=8591&delivery_rate=1383147&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=574&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
200 OK 3.1 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (8892), with no line terminators
Hash fb15a10a641a318f91e7e912e4f9c184
bd41f67233facb96976ed7b8e7207d52c03d340e
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 3057
last-modified: Fri, 14 Feb 2025 13:42:01 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ktu7LS4RSTuxNAfKilIbee4EcnPR8U5LGPdfyjWwFM5fydCAc6jguJs89ha3oS22V7YFgbJB1MPyu8ft3ykmUbV2wE2K2E6%2BWxDzHaZR%2BrS%2BwpZ0h0XY1fs0Qt4YPkPT%2BCX56XM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ca8156af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3024&min_rtt=1163&rtt_var=2145&sent=57&recv=29&lost=0&retrans=0&sent_bytes=39936&recv_bytes=8635&delivery_rate=2326660&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=581&x=1", cfExtPri, cfHdrFlush;dur=0
GET poweredby.jads.co/js/jads.js
301 Moved Permanently 178 B URL GET HTTP/1.1 poweredby.jads.co/js/jads.js
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint24:45:97:41:80:9C:3B:CE:BB:C3:B5:53:C5:0D:8C:BB:21:C9:56:20
ValidityTue, 11 Feb 2025 00:00:00 GMT - Thu, 27 Nov 2025 23:59:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 27 Feb 2025 04:55:07 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
GET ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3
200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintD9:DA:31:61:C2:D7:49:CF:50:B6:1B:FE:BA:EC:9D:12:91:8D:10:AC
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT
File type JavaScript source, ASCII text, with very long lines (32180)
Hash 32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
GET /ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 18:17:28 GMT
expires: Fri, 20 Feb 2026 18:17:28 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 556659
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/bootstrap.min.js?ver=1.2.5
200 OK 9.6 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/bootstrap.min.js?ver=1.2.5
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators
Hash 1ae0e64754a542cbea996dec63c326fd
e2ddfe5a574c29f39b511aada1bd85e0ba60fa70
6447e59227786bcda7ad58ef045540cba328e5ec0e5ddbd88b4f57122feaf926
GET /wp-content/themes/PsyPlay125/assets/js/bootstrap.min.js?ver=1.2.5 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 9639
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Vo7z8jpfAU3Hhxj699OgUdtqjevmcKyDZLmpyJ30DYjo5S5RHONlU23QKZosdbSTScQ2BYAKbaETwe6IgV8aFCUU%2FxOo2%2BT0KJXZQ%2FSGL3ev%2BiqjRdU29X1lpCL9VxPyBeEgKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ca7d56af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2822&min_rtt=1163&rtt_var=2014&sent=61&recv=30&lost=0&retrans=0&sent_bytes=43797&recv_bytes=8678&delivery_rate=2745978&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=777&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/jquery.cookie.js?ver=1.2.5
200 OK 918 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/jquery.cookie.js?ver=1.2.5
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash db7c35961dc74850802e00a84631b604
3bb316553c5ffe21d6dfb8c25ff98367a8eb1b3d
1538875947992998d9f0b763923ac7b4abd00a234de581c06e13213524bcb483
GET /wp-content/themes/PsyPlay125/assets/js/jquery.cookie.js?ver=1.2.5 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 918
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPVMv6ufSUyQXV1A6O5pOANGlTAHEFbwBlBq1jxVS3RHhgbEvQ7TRuaLeH4Mm95vIqn51eDzynY8Omxk2RhOvgelbEXxGkaILJQH0USPkbQ%2Fje933d9gDnEThEIcXsUPZpTfSns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba6556af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2822&min_rtt=1163&rtt_var=2014&sent=70&recv=30&lost=0&retrans=0&sent_bytes=54375&recv_bytes=8678&delivery_rate=2745978&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=778&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
200 OK 4.9 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 4881
last-modified: Fri, 09 Jun 2023 16:19:24 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=csMvkHYPn6DSP5dkbX1wwHFRYC0YygcQ9osjLsU8V91EQLOtpjEk5j1at4dY7uIMAVf41XiBp%2BkVSoyIqaPUK2t7vBdHUdcM13I%2BKkw%2BylD6q9fvA009qCjfNmVfXJHdPV%2BvkEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba5856af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2700&min_rtt=1163&rtt_var=1754&sent=97&recv=31&lost=0&retrans=0&sent_bytes=85605&recv_bytes=8723&delivery_rate=5731444&cwnd=33600&unsent_bytes=0&cid=616b883fe0518211&ts=780&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/jquery.qtip.min.js?ver=1.2.5
200 OK 16 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/jquery.qtip.min.js?ver=1.2.5
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (32120), with CRLF line terminators
Hash d9abbc4600ecc7a4da77006cf1b0566c
39260635c385ab3b4cbb08f7bd8313c79c6e5cf5
6ef7db257190325c2efc5e203323ff62e0a7418adbc29092e2a179ee6ccb1f24
GET /wp-content/themes/PsyPlay125/assets/js/jquery.qtip.min.js?ver=1.2.5 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 16263
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SS2DjbeBYURFaRzc1S2wpaFEZqeJRG15ZG%2BZvnfjlLpcuFjt1IrTBdnzkrEMjomRalwUUJFCFV0JvkoGVlbEzUysjqV75uJPLpF6CYpOBns5bJMmuXCVYFnkyTnn7pcBXPc5Xdc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba6056af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2700&min_rtt=1163&rtt_var=1754&sent=99&recv=31&lost=0&retrans=0&sent_bytes=87975&recv_bytes=8723&delivery_rate=5731444&cwnd=33600&unsent_bytes=0&cid=616b883fe0518211&ts=781&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/plugins/wp-postviews/postviews-cache.js?ver=1.68
200 OK 742 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/plugins/wp-postviews/postviews-cache.js?ver=1.68
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (434), with no line terminators
Hash e43ad01b01ff2a3abbe77d1e4780c82b
ead86a7218449308ca526550d6150d79abf037a7
4e455cb10fd1830bbd9a9556878b1b47bbdd4243b9f2f9d227eda8e386f338c8
GET /wp-content/plugins/wp-postviews/postviews-cache.js?ver=1.68 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=503
last-modified: Mon, 01 Apr 2024 19:12:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWMPpEMLExN8KXVth5fO6kEbt3r098QYtDUQC0j8uvzv9CLTsMwOQfmIEaRaOdIhatI60NjtaLA7tVHfhLItEcDcmLZQ8kG8aFcrSU2x8s6W%2BySam%2Be8PprfqnmHMwK%2BR%2FfjaME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ca7a56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3680&min_rtt=1271&rtt_var=2761&sent=46&recv=26&lost=0&retrans=0&sent_bytes=29265&recv_bytes=8504&delivery_rate=10025764&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=559&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
200 OK 31 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (65447)
Hash 826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 30619
last-modified: Tue, 29 Aug 2023 03:44:24 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vGhIj7wjmPuVEUkUI89I0ZrtWoDWyOxxGqRp0EYaQE5fSGsxWpXbID%2BuRmi8Rvj4na%2FP5MUhV5YGUJI0yjhKKZhDxQ4%2BdhG7XIAJhwYGmjZO0gJHwxogWZ80qoa0MxwZuKkzO7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba5156af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2323&min_rtt=1163&rtt_var=1290&sent=117&recv=34&lost=0&retrans=0&sent_bytes=108684&recv_bytes=8861&delivery_rate=10930695&cwnd=48000&unsent_bytes=0&cid=616b883fe0518211&ts=805&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2
200 OK 16 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type ASCII text, with very long lines (59458)
Hash 8c9f31823282e4e056eb0aa7fac262a9
dc3b1a37381e079fda8db59c1a9469852cd18b80
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.7.2 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: text/css; charset=utf-8
content-length: 15614
last-modified: Fri, 08 Nov 2024 03:35:24 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSmzP%2Bv4IiziC4FPc%2BV5rpZGE7RqyqmzP5QVqthj2mE9ZTMTKV3aH34o6wLXDGSybs9kBU7Kn%2BYnThpP743t7%2BGG7xbJr1O9KAgdVFjycMtZAOsH6wJbLHoTUoAoq3Oj6jwNMtM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1aa4a56af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2323&min_rtt=1163&rtt_var=1290&sent=144&recv=34&lost=0&retrans=0&sent_bytes=140759&recv_bytes=8861&delivery_rate=10930695&cwnd=48000&unsent_bytes=0&cid=616b883fe0518211&ts=806&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.91.2
200 OK 416 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.91.2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
Hash c9dc6f1ef374d733a82d1682278e5b55
b5b6bc412bfca400a514554026d0841e4d0275d3
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
GET /wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.91.2 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: text/css; charset=utf-8
content-length: 416
last-modified: Tue, 16 Jul 2024 17:38:02 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsLcD2UZuk204TDecO4wtUhCcsCSyktyEr%2FncdhuqXkn%2F0dn9mQV5yKEb7JH9DqnQPnja%2FcWd%2FKwX1lyZ0%2FixPWGK3WJ40wrUb3TtxK1xTsjtx%2FOz2uSWq75FZJ4FEhDHFaKVbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1aa4b56af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2323&min_rtt=1163&rtt_var=1290&sent=158&recv=34&lost=0&retrans=0&sent_bytes=156684&recv_bytes=8861&delivery_rate=10930695&cwnd=48000&unsent_bytes=0&cid=616b883fe0518211&ts=809&x=1", cfExtPri, cfHdrFlush;dur=1
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/theme.script.min.js?ver=1.2.5
200 OK 1.2 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/js/theme.script.min.js?ver=1.2.5
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type JavaScript source, ASCII text, with very long lines (598), with CRLF line terminators
Hash e10fd38d8b0bddf8a80a8f713b8ebeec
de992827c682a19a2212dc874d4e45c5977f83ee
7d73e6d0dce81c5e00835c58f50098f46068b3eacd44c21cf6a7076cc4023a32
GET /wp-content/themes/PsyPlay125/assets/js/theme.script.min.js?ver=1.2.5 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 1156
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=necrF61be%2BGDCWP%2FP%2Bim8ffwTCDVWAUrk6q%2B7zPL3D%2F4xOByJkxRmajD9%2FvV%2BQ82iyIC6wrFn7qDEs86exwJOsexQmrF6ktWCdkoM0bTV0ZDbpidbbBu%2BoVuy4vn64cxIO%2F%2BjgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba7256af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2259&min_rtt=1163&rtt_var=830&sent=160&recv=36&lost=0&retrans=0&sent_bytes=158604&recv_bytes=8953&delivery_rate=894268&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=817&x=1", cfExtPri, cfHdrFlush;dur=0
GET poweredby.jads.co/js/jads2.js
200 OK 1.7 kB URL GET HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint24:45:97:41:80:9C:3B:CE:BB:C3:B5:53:C5:0D:8C:BB:21:C9:56:20
ValidityTue, 11 Feb 2025 00:00:00 GMT - Thu, 27 Nov 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (3758), with no line terminators
Hash bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pinkheartmovies.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:08 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 22 Mar 2024 21:09:33 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"65fdf38d-eae"
Content-Encoding: gzip
GET fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
200 OK 58 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintD9:DA:31:61:C2:D7:49:CF:50:B6:1B:FE:BA:EC:9D:12:91:8D:10:AC
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT
File type gzip compressed data, max compression
Hash e37c050325e76e296bbde5882ee0db15
215049a23b8d201fd10a96933e2d65d02663d71a
8a9055c82f56b196f1a7fb242819b2be1199f871cac91a1fbd6cb38fd5ae4595
GET /css?family=Oswald|Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Feb 2025 04:55:08 GMT
date: Thu, 27 Feb 2025 04:55:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pinkheartmovies.xyz/wp-content/uploads/2023/07/Logo-Light-2.png
200 OK 9.2 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/uploads/2023/07/Logo-Light-2.png
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash 4fccc52fc4bced9aaba3b647c4aada17
bf85783de15a39b8c367d2532dc6a29307821da7
b1ff0326e1e4ea768fd561039624e91e8e0ddca3e3663e4dd0c672fe1969b997
GET /wp-content/uploads/2023/07/Logo-Light-2.png HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: image/webp
content-length: 9224
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=18929
content-disposition: inline; filename="Logo-Light-2.webp"
last-modified: Mon, 01 Apr 2024 19:12:16 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dJ35ViYizz9u9xusfVTlB%2FoEdvrEbQ2mHw50HbJbCqtAPyqDL%2F1t3Hpjn0iXWD5OGU47MmUjc0M67EsQCruPzhihzqQdv5AQGW82lWtlG40GfqQmPYBanFMMfrn4JanZwDU6CQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b55ce256af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2047&min_rtt=1163&rtt_var=841&sent=176&recv=41&lost=0&retrans=0&sent_bytes=172937&recv_bytes=10224&delivery_rate=6982867&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=1139&x=1", cfExtPri, cfHdrFlush;dur=0
GET fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
200 OK 12 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 12276, version 1.0
Hash 964d69dfad99321462c6e739d5f71072
ab289c874c8a211c17b539f1161aec43e853c4a5
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pinkheartmovies.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 13:44:35 GMT
expires: Fri, 20 Feb 2026 13:44:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
content-type: font/woff2
age: 573033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2
200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 37828, version 1.0
Hash e0b05ccbd5b6004a449ac84b466c29ac
bcc0e513caae5f6f4164b58eaaa46eaa49622322
1f1ae80aa76018cc05e840a37f41cf860211bbe368971f54957bf8ebb3c863d6
GET /s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pinkheartmovies.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Feb 2025 13:49:00 GMT
expires: Fri, 20 Feb 2026 13:49:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Nov 2024 17:30:36 GMT
content-type: font/woff2
age: 572768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/img/mask-title.png
200 OK 74 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/img/mask-title.png
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash 1637b1710ec12d2553c5adbfac9b3448
22c4c57599ab829350bcbf0d80cc3ca2863a78b0
fe5af6d01cb9a50c52d686c0a8cd572209c783cfa26877c554368eafa9d30149
GET /wp-content/themes/PsyPlay125/assets/css/img/mask-title.png HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/theme.main.css?ver=1.2.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: image/webp
content-length: 74
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=972
content-disposition: inline; filename="mask-title.webp"
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J95GzWjN7fuIEgiw6OudCHlnPzmdd%2BrEcgONpx0R8zD6CWu9X4DUnPdpgmfd0DBQpeP41H3sX5qdDRd5U3vQYqBxya1tD2hZ%2FUPuoXrylSacwlJronE9tjIu5jz6fbCekxPvw7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b5fd3e56af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1957&min_rtt=1163&rtt_var=810&sent=185&recv=42&lost=0&retrans=0&sent_bytes=183157&recv_bytes=10270&delivery_rate=80884&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=1241&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/plugins/wp-postratings/images/stars_flat(png)/rating_over.png
200 OK 258 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/plugins/wp-postratings/images/stars_flat(png)/rating_over.png
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash 717dc5659fa26f10f9df81890b776d4f
03227848773f25b568236dce4737bf6ec02d8249
9b256f123821f6672a33edda886d6ddebc0dced3d5beae6b5235b0b0bc028e71
GET /wp-content/plugins/wp-postratings/images/stars_flat(png)/rating_over.png HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: image/webp
content-length: 258
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=358
content-disposition: inline; filename="rating_over.webp"
last-modified: Tue, 16 Jul 2024 17:38:02 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3DaiRe95rkCHCP2MGRxEg08dsIwoW78n6nMYaNk7X0UL37YfR29%2BKXkHtVAUQcuZaqhP1bt2WBo%2BkGQctm5hNZ0A9RZHB1DwPmiGQX5ls0ukmzLd9j%2Fh5daSx7e%2Fl0GlFUqpNHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b6fdf056af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2255&min_rtt=1163&rtt_var=1201&sent=189&recv=46&lost=0&retrans=0&sent_bytes=184080&recv_bytes=11792&delivery_rate=34642&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=1394&x=1", cfExtPri, cfHdrFlush;dur=0
GET poweredby.jads.co/adshow.php?adzone=1020783
200 OK 1.8 kB URL GET HTTP/1.1 poweredby.jads.co/adshow.php?adzone=1020783
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint24:45:97:41:80:9C:3B:CE:BB:C3:B5:53:C5:0D:8C:BB:21:C9:56:20
ValidityTue, 11 Feb 2025 00:00:00 GMT - Thu, 27 Nov 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (501), with CRLF, LF line terminators
Hash 6f5a5f6b6308a1ab544a76cdedbfa5b6
ec410c23672891301453c3ac2014c30f602fd22f
3c594b493bc24f559823a541c9bfe8fbd8c56ef0231ea283a2b376071199ae64
GET /adshow.php?adzone=1020783 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f2babb69446037655cb7f25fbec84b82; expires=Fri, 27-Feb-2026 04:55:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps78=1; expires=Fri, 28-Feb-2025 04:55:08 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjE3ODE5NTc7aToxNzQwODkxMzA4O30%3D; expires=Sun, 02-Mar-2025 04:55:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sun, 02-Mar-2025 04:55:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
GET endowmentoverhangutmost.com/lv/esnk/1997480/code.js
200 OK 64 kB URL GET HTTP/2 endowmentoverhangutmost.com/lv/esnk/1997480/code.js
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA6:69:1C:17:89:EB:E3:18:A2:AB:44:48:75:FC:12:8C:1A:BF:B7:97
ValidityFri, 20 Sep 2024 14:26:10 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type gzip compressed data, max speed, from Unix
Hash 1fa3300db4c185a4c45da324ba9e7f19
b70da91c848dc6624130a0d97d6c087136fe40d1
8a775c0331689cbc4316bee89d5ce0da7e7cd8b3837a9dcbce35d7b111eaacf3
GET /lv/esnk/1997480/code.js HTTP/1.1
Host: endowmentoverhangutmost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Feb 2025 07:55:42 GMT
vary: Accept-Encoding
etag: W/"67bec8fe-29fcd"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
GET poweredby.jads.co/16x16/info-icon-16x16-05.png
200 OK 1.3 kB URL GET HTTP/1.1 poweredby.jads.co/16x16/info-icon-16x16-05.png
IP
Requested by https://poweredby.jads.co/adshow.php?adzone=1020783
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint24:45:97:41:80:9C:3B:CE:BB:C3:B5:53:C5:0D:8C:BB:21:C9:56:20
ValidityTue, 11 Feb 2025 00:00:00 GMT - Thu, 27 Nov 2025 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash 56de59b8e45caf845f6e6ec2e63c1d3c
b0da59d9279ac89588d8793c14258b7442ff4472
e79b9cc089a4235e67a18b353c909a9145c19e67149bba22243d8962487fadda
GET /16x16/info-icon-16x16-05.png HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/adshow.php?adzone=1020783
Cookie: surferid=f2babb69446037655cb7f25fbec84b82; imps78=1; juicy_data_1=YToxOntpOjE3ODE5NTc7aToxNzQwODkxMzA4O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:08 GMT
Content-Type: image/png
Content-Length: 1279
Last-Modified: Wed, 06 Nov 2024 18:24:37 GMT
Connection: close
ETag: "672bb465-4ff"
Accept-Ranges: bytes
GET cdn.bncloudfl.com/bn/4e2/fa8/999/4e2fa89994c7f47e60c5d850d034e55461e07817.gif
200 OK 7.5 kB URL GET HTTP/2 cdn.bncloudfl.com/bn/4e2/fa8/999/4e2fa89994c7f47e60c5d850d034e55461e07817.gif
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectcdn.bncloudfl.com
Fingerprint60:DC:FD:24:FF:7B:57:37:9C:5F:8F:EF:84:DB:AD:EF:2C:66:AB:6B
ValidityMon, 17 Feb 2025 14:49:24 GMT - Sun, 18 May 2025 15:49:21 GMT
File type RIFF (little-endian) data, Web/P image
Hash e327a91250742948c7984e7b7e4870c9
d21a320e5f836c29e9a658640150e237b5e696b9
f2da17ebc0a6aa2727bc65cc4cd2569dd1064922a6dff6a461b0c93bd775ba42
GET /bn/4e2/fa8/999/4e2fa89994c7f47e60c5d850d034e55461e07817.gif HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: image/webp
content-length: 7502
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=7841
content-disposition: inline; filename="4e2fa89994c7f47e60c5d850d034e55461e07817.webp"
vary: Accept
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
etag: 7ead2d705c780543fce74fa28cfb0484
expires: Fri, 28 Feb 2025 23:45:04 GMT
last-modified: Fri, 13 Sep 2024 14:14:20 GMT
x-cdn-host-id: ds5951,ds7445,ds5833
x-openstack-request-id: txf8398fc8629e43a3a3ad1-0066ec3666
x-proxy-cache: HIT
x-timestamp: 1726236859.31572
x-trans-id: txf8398fc8629e43a3a3ad1-0066ec3666
cf-cache-status: HIT
age: 18604
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 918594b909b656bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.bncloudfl.com/bn/4e2/fa8/999/4e2fa89994c7f47e60c5d850d034e55461e07817.gif
200 OK 7.5 kB URL GET HTTP/2 cdn.bncloudfl.com/bn/4e2/fa8/999/4e2fa89994c7f47e60c5d850d034e55461e07817.gif
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectcdn.bncloudfl.com
Fingerprint60:DC:FD:24:FF:7B:57:37:9C:5F:8F:EF:84:DB:AD:EF:2C:66:AB:6B
ValidityMon, 17 Feb 2025 14:49:24 GMT - Sun, 18 May 2025 15:49:21 GMT
File type RIFF (little-endian) data, Web/P image
Hash e327a91250742948c7984e7b7e4870c9
d21a320e5f836c29e9a658640150e237b5e696b9
f2da17ebc0a6aa2727bc65cc4cd2569dd1064922a6dff6a461b0c93bd775ba42
GET /bn/4e2/fa8/999/4e2fa89994c7f47e60c5d850d034e55461e07817.gif HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: image/webp
content-length: 7502
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=7841
content-disposition: inline; filename="4e2fa89994c7f47e60c5d850d034e55461e07817.webp"
vary: Accept
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
etag: 7ead2d705c780543fce74fa28cfb0484
expires: Fri, 28 Feb 2025 23:45:04 GMT
last-modified: Fri, 13 Sep 2024 14:14:20 GMT
x-cdn-host-id: ds5951,ds7445,ds5833
x-openstack-request-id: txf8398fc8629e43a3a3ad1-0066ec3666
x-proxy-cache: HIT
x-timestamp: 1726236859.31572
x-trans-id: txf8398fc8629e43a3a3ad1-0066ec3666
cf-cache-status: HIT
age: 18604
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 918594b909b856bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.jads.co/network/user1037/78-1727881129-0322553001727881129.gif
200 OK 67 kB URL GET HTTP/2 i.jads.co/network/user1037/78-1727881129-0322553001727881129.gif
IP
ASN #60068 Datacamp Limited
Requested by https://poweredby.jads.co/adshow.php?adzone=1020783
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint24:45:97:41:80:9C:3B:CE:BB:C3:B5:53:C5:0D:8C:BB:21:C9:56:20
ValidityTue, 11 Feb 2025 00:00:00 GMT - Thu, 27 Nov 2025 23:59:59 GMT
File type GIF image data, version 89a, 728 x 90
Hash f44122ca6047b02607d1185ffdb5a28a
21665730af618c70674c19cf8644f901c286930a
ee479d62c227ff0f55f07d30c866fa678c135ed0e50cd47319d0210367064d73
GET /network/user1037/78-1727881129-0322553001727881129.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=f2babb69446037655cb7f25fbec84b82; imps78=1; juicy_data_1=YToxOntpOjE3ODE5NTc7aToxNzQwODkxMzA4O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/gif
content-length: 67383
last-modified: Wed, 02 Oct 2024 14:58:49 GMT
etag: "66fd5fa9-10737"
x-77-nzt: EwwBX63NDQHXOsEjAAwBuUwKAQH34xIAAAwBJRPCNAG3/XQQAA
x-77-nzt-ray: 2a494a150115f3c252f0bf6782cf5000
x-77-cache: HIT
x-77-age: 2343226
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET endowmentoverhangutmost.com/chicken.gif?z=1997480&pid=__clb-1997480_2&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=tdJZ6hOQ2PJCbXD-vaQ0js7MhcPHoLZGg0mArYghM2S4HEBJDgAW1W_7lZZEhC3baLLVsrIkJLW5CBkb8PA8E8kuTagIRBxTTBWCWqLd21ui2tolRDiGONVPNhZ2U0c-cA38jNlSd7G3DSjOV5mehH3wtmhlwNwdWAT3AVMSKzKG1iH1FVyembPM4mW8yW13CzFuxEsXwcTJCr6dT6Havj0Rd2bo1EhmN8jDfmA-pGpRiJEs11dMNqttIXWHuf5eoPcKFmCBv8qTH-cTxSkQHUGEmj5iAe-ANlBvc_s3_qa3B1EqInon2j193YKblQ1Cijupfya6P1dvnEEPfukG-0FpkafBIt4xbcVoMifd0VncTP7eeVrln_fEZ0w2O0n_BYSG97SCNWhUCNG3EM5NQcSnALBd0zBa45Y106ooJXCOgDQ2TV3d6L-fGyKOyxko99nRDpAvzEoOBSX-60oCr_tH-EKnhjccTe4zacj7xnzgqjYJNWULM4YqxDr32u_xc5NYBsPk0T18wFWqJthIsm0qpk6g1uCYeUioUZVSCVABs-CNZPwft77tqb77j9zo2UoDfZwsPTzvatOfcR9PkrbvBfNupC8tjle0zMPCxMIFwUPzjTHul3XrS8dfqEV9R1g6Qy_rbrqmwdeVKDFLHGXQZNOHgcb6NXr1i5szncz6tcCzjV1FhaSGS6TM8VGo87rN-nQJEZmoR_xzeHmD1URUVvBk9zkmSC-Y9H4HkYB9GwiMnx6CpqL20DGdwqhA7A7NesjfPNkM-c3zhsYSRlVtlN5B7RnsI97USjk2a1WKGHSZoPI-TqO4mrAaIH2_-rws_HpjavSplgX3Bl6F2mow60cXTlEPb8qLm3UmZkLMncddftC91oLW0QhVcCN60pte47Lb-MqF3Amd3AwLa1xnye0HLRaionx1aGcb4BizzGI8ibwItHEOFUTTifqimcqj-PKYLXlGQ64Qa_JKenzgsPBoqx0rpz-Efx-SNhMy00Wm765Ynnsx4JANkm88HxeDuyqNaTdrdskPgK4oCnx9eM0dl_CLgmBDsdq5oQO0th5p793PMxoDfJFXTOJdbu_jtwjSeQgB1RmRrIUWm61FjmedDchZntNEInW1x9T9-vG_mjADB90tjMpJqaz8GUQx09ko5XWGVNExKuDrdPIRuddgQv-mn8IVQ84LgDUJRowny26wl7FdLAg-iJFUpyQlRSNspMnLRZECd2H-zhDYK92IFtIcED5YPlplR7f9S5OOBSN6QPrzhKXA0m0FqezWiF6aQTueHuuW8qsdxh6uFXRRC2e6gIC6aMRd5M2wgMl97A==&freq=0&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=88&bp=2
200 OK 43 B URL GET HTTP/2 endowmentoverhangutmost.com/chicken.gif?z=1997480&pid=__clb-1997480_2&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=tdJZ6hOQ2PJCbXD-vaQ0js7MhcPHoLZGg0mArYghM2S4HEBJDgAW1W_7lZZEhC3baLLVsrIkJLW5CBkb8PA8E8kuTagIRBxTTBWCWqLd21ui2tolRDiGONVPNhZ2U0c-cA38jNlSd7G3DSjOV5mehH3wtmhlwNwdWAT3AVMSKzKG1iH1FVyembPM4mW8yW13CzFuxEsXwcTJCr6dT6Havj0Rd2bo1EhmN8jDfmA-pGpRiJEs11dMNqttIXWHuf5eoPcKFmCBv8qTH-cTxSkQHUGEmj5iAe-ANlBvc_s3_qa3B1EqInon2j193YKblQ1Cijupfya6P1dvnEEPfukG-0FpkafBIt4xbcVoMifd0VncTP7eeVrln_fEZ0w2O0n_BYSG97SCNWhUCNG3EM5NQcSnALBd0zBa45Y106ooJXCOgDQ2TV3d6L-fGyKOyxko99nRDpAvzEoOBSX-60oCr_tH-EKnhjccTe4zacj7xnzgqjYJNWULM4YqxDr32u_xc5NYBsPk0T18wFWqJthIsm0qpk6g1uCYeUioUZVSCVABs-CNZPwft77tqb77j9zo2UoDfZwsPTzvatOfcR9PkrbvBfNupC8tjle0zMPCxMIFwUPzjTHul3XrS8dfqEV9R1g6Qy_rbrqmwdeVKDFLHGXQZNOHgcb6NXr1i5szncz6tcCzjV1FhaSGS6TM8VGo87rN-nQJEZmoR_xzeHmD1URUVvBk9zkmSC-Y9H4HkYB9GwiMnx6CpqL20DGdwqhA7A7NesjfPNkM-c3zhsYSRlVtlN5B7RnsI97USjk2a1WKGHSZoPI-TqO4mrAaIH2_-rws_HpjavSplgX3Bl6F2mow60cXTlEPb8qLm3UmZkLMncddftC91oLW0QhVcCN60pte47Lb-MqF3Amd3AwLa1xnye0HLRaionx1aGcb4BizzGI8ibwItHEOFUTTifqimcqj-PKYLXlGQ64Qa_JKenzgsPBoqx0rpz-Efx-SNhMy00Wm765Ynnsx4JANkm88HxeDuyqNaTdrdskPgK4oCnx9eM0dl_CLgmBDsdq5oQO0th5p793PMxoDfJFXTOJdbu_jtwjSeQgB1RmRrIUWm61FjmedDchZntNEInW1x9T9-vG_mjADB90tjMpJqaz8GUQx09ko5XWGVNExKuDrdPIRuddgQv-mn8IVQ84LgDUJRowny26wl7FdLAg-iJFUpyQlRSNspMnLRZECd2H-zhDYK92IFtIcED5YPlplR7f9S5OOBSN6QPrzhKXA0m0FqezWiF6aQTueHuuW8qsdxh6uFXRRC2e6gIC6aMRd5M2wgMl97A==&freq=0&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=88&bp=2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA6:69:1C:17:89:EB:E3:18:A2:AB:44:48:75:FC:12:8C:1A:BF:B7:97
ValidityFri, 20 Sep 2024 14:26:10 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1997480&pid=__clb-1997480_2&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=tdJZ6hOQ2PJCbXD-vaQ0js7MhcPHoLZGg0mArYghM2S4HEBJDgAW1W_7lZZEhC3baLLVsrIkJLW5CBkb8PA8E8kuTagIRBxTTBWCWqLd21ui2tolRDiGONVPNhZ2U0c-cA38jNlSd7G3DSjOV5mehH3wtmhlwNwdWAT3AVMSKzKG1iH1FVyembPM4mW8yW13CzFuxEsXwcTJCr6dT6Havj0Rd2bo1EhmN8jDfmA-pGpRiJEs11dMNqttIXWHuf5eoPcKFmCBv8qTH-cTxSkQHUGEmj5iAe-ANlBvc_s3_qa3B1EqInon2j193YKblQ1Cijupfya6P1dvnEEPfukG-0FpkafBIt4xbcVoMifd0VncTP7eeVrln_fEZ0w2O0n_BYSG97SCNWhUCNG3EM5NQcSnALBd0zBa45Y106ooJXCOgDQ2TV3d6L-fGyKOyxko99nRDpAvzEoOBSX-60oCr_tH-EKnhjccTe4zacj7xnzgqjYJNWULM4YqxDr32u_xc5NYBsPk0T18wFWqJthIsm0qpk6g1uCYeUioUZVSCVABs-CNZPwft77tqb77j9zo2UoDfZwsPTzvatOfcR9PkrbvBfNupC8tjle0zMPCxMIFwUPzjTHul3XrS8dfqEV9R1g6Qy_rbrqmwdeVKDFLHGXQZNOHgcb6NXr1i5szncz6tcCzjV1FhaSGS6TM8VGo87rN-nQJEZmoR_xzeHmD1URUVvBk9zkmSC-Y9H4HkYB9GwiMnx6CpqL20DGdwqhA7A7NesjfPNkM-c3zhsYSRlVtlN5B7RnsI97USjk2a1WKGHSZoPI-TqO4mrAaIH2_-rws_HpjavSplgX3Bl6F2mow60cXTlEPb8qLm3UmZkLMncddftC91oLW0QhVcCN60pte47Lb-MqF3Amd3AwLa1xnye0HLRaionx1aGcb4BizzGI8ibwItHEOFUTTifqimcqj-PKYLXlGQ64Qa_JKenzgsPBoqx0rpz-Efx-SNhMy00Wm765Ynnsx4JANkm88HxeDuyqNaTdrdskPgK4oCnx9eM0dl_CLgmBDsdq5oQO0th5p793PMxoDfJFXTOJdbu_jtwjSeQgB1RmRrIUWm61FjmedDchZntNEInW1x9T9-vG_mjADB90tjMpJqaz8GUQx09ko5XWGVNExKuDrdPIRuddgQv-mn8IVQ84LgDUJRowny26wl7FdLAg-iJFUpyQlRSNspMnLRZECd2H-zhDYK92IFtIcED5YPlplR7f9S5OOBSN6QPrzhKXA0m0FqezWiF6aQTueHuuW8qsdxh6uFXRRC2e6gIC6aMRd5M2wgMl97A==&freq=0&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=88&bp=2 HTTP/1.1
Host: endowmentoverhangutmost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cart=1; cart_p=2; CHCK=1; UID=25022623554db5e257089a48af928a99c672
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: BCAI=ADA76gAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
BMI=AEH8KgAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
BCRI=ADLkigAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET endowmentoverhangutmost.com/chicken.gif?z=1997480&pid=__clb-1997480_1&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=kUeFOfcK26TtS4YkKmDX-EZ-gnWsVolDbBzPoXkyqQsKQFhyyqiMjyomHA6sG-EtS_frqozhUxyWYXTCjlgb1HATj-vUsrbJ4VFGeySv7s_PEBikZ0tFd2rZM_HeIk-8YcLUR5iD9tuFWFMtkkP6ikBwlyknDXe8N3f9hQQXZp4xt8ZaS70mdrezYxprqaGTKKQIJoJZg7zHGkd7pBFHM6XCRJlAfkErPWxbg1oloLNqZLt-9xbvMJyi7Aaq89tBxps5K_NE7bM6J7WTZ6ZPt71mJf6Waek8o460Fxkm9TfeHiqCcEj1RK-k2k0FMvjnHMnw0wKsBXrZx7riZtN6ryPDidHnVpk20Z_Y975CIBczZhperO9JqxxsIZSTiklhmSuB6Vd-G34valrhhoaQyszgJhsL8_NuMUtr6zIcfrMVBaA-INUaM21UBPS2zcioBQnCW53YwCiH-JHziSmfEjhfUhOevvqlJ-6ULIWJiQ7Lonf2Xvu9-wYbk3pL-dP4qmbJm1fC1-W0gROWpA0wf-g26BOCkKfuIiki37QhpGiRO5SgNi68OK8T5oYsKdIDUSRFGTnCA2oBJhXCi9IAoGaAOFAbfRA13v2v3eJNnWYoC5spK6ocLnOX58_z7IPOlriM_rNyeZLpXuCyiiq_LWHDbjJi0oM5sO00hr2JGw5Wd54X505Lydzll7tDYqM6dIJ6nfabRmBVB_OuT3o-wx8c7IooDlMK8JZsn2oPQtu8Sfgmv_XW0gC0YAGRwVpcpA1SSZkbvhQPsm4_FhDac4QDenGTOAy7XyVwUm4AUk53G0VVlxHChJUT3C1UTSy0hOJnzJVw7C50EGLPumEAc-SOw73chHq8hEIGNc-5HN7GmCXzBLGPPHqJdhclntGxGRix5rKgfgLbvtQbFRvMr2e25pk6hdfg9NYDvjdlD-92-jg454obGikRynLX-WzvFaNTilvdeUbo-iHM7sMT5Ekc2FrsCS4IWvVAR7-B75EJEPRv-iCB1fpomwERRcfzrGDX30pU2nA_DtE1wG_ULxQSRY8odOJ4MgpheQm2PsbMTOdXSF76w-H3N7h4o7w49nl7cQQfnTpA8ZYoJKK99cY8VIUtarWzeL61AECBLKGQmFYUm7qlcqoGyMTgczAl0rT5MaCsTI-35dwhq6cPXXP-7tzLitwRo5jwybJxYQGIqNGzwZnYF2asKSU7W0MWYi1CJZdqZcr-t9l0clQ7GzuHiG92W_kpPH5M1QdrdBdGGOHnIXa89a_IJiIo96FTdqzOGqqFuX18i_zwh2NKi_1AwhUxwN1qBkgsOGpuIQ9tcOvPOw==&freq=0&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=130&bp=2
200 OK 43 B URL GET HTTP/2 endowmentoverhangutmost.com/chicken.gif?z=1997480&pid=__clb-1997480_1&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=kUeFOfcK26TtS4YkKmDX-EZ-gnWsVolDbBzPoXkyqQsKQFhyyqiMjyomHA6sG-EtS_frqozhUxyWYXTCjlgb1HATj-vUsrbJ4VFGeySv7s_PEBikZ0tFd2rZM_HeIk-8YcLUR5iD9tuFWFMtkkP6ikBwlyknDXe8N3f9hQQXZp4xt8ZaS70mdrezYxprqaGTKKQIJoJZg7zHGkd7pBFHM6XCRJlAfkErPWxbg1oloLNqZLt-9xbvMJyi7Aaq89tBxps5K_NE7bM6J7WTZ6ZPt71mJf6Waek8o460Fxkm9TfeHiqCcEj1RK-k2k0FMvjnHMnw0wKsBXrZx7riZtN6ryPDidHnVpk20Z_Y975CIBczZhperO9JqxxsIZSTiklhmSuB6Vd-G34valrhhoaQyszgJhsL8_NuMUtr6zIcfrMVBaA-INUaM21UBPS2zcioBQnCW53YwCiH-JHziSmfEjhfUhOevvqlJ-6ULIWJiQ7Lonf2Xvu9-wYbk3pL-dP4qmbJm1fC1-W0gROWpA0wf-g26BOCkKfuIiki37QhpGiRO5SgNi68OK8T5oYsKdIDUSRFGTnCA2oBJhXCi9IAoGaAOFAbfRA13v2v3eJNnWYoC5spK6ocLnOX58_z7IPOlriM_rNyeZLpXuCyiiq_LWHDbjJi0oM5sO00hr2JGw5Wd54X505Lydzll7tDYqM6dIJ6nfabRmBVB_OuT3o-wx8c7IooDlMK8JZsn2oPQtu8Sfgmv_XW0gC0YAGRwVpcpA1SSZkbvhQPsm4_FhDac4QDenGTOAy7XyVwUm4AUk53G0VVlxHChJUT3C1UTSy0hOJnzJVw7C50EGLPumEAc-SOw73chHq8hEIGNc-5HN7GmCXzBLGPPHqJdhclntGxGRix5rKgfgLbvtQbFRvMr2e25pk6hdfg9NYDvjdlD-92-jg454obGikRynLX-WzvFaNTilvdeUbo-iHM7sMT5Ekc2FrsCS4IWvVAR7-B75EJEPRv-iCB1fpomwERRcfzrGDX30pU2nA_DtE1wG_ULxQSRY8odOJ4MgpheQm2PsbMTOdXSF76w-H3N7h4o7w49nl7cQQfnTpA8ZYoJKK99cY8VIUtarWzeL61AECBLKGQmFYUm7qlcqoGyMTgczAl0rT5MaCsTI-35dwhq6cPXXP-7tzLitwRo5jwybJxYQGIqNGzwZnYF2asKSU7W0MWYi1CJZdqZcr-t9l0clQ7GzuHiG92W_kpPH5M1QdrdBdGGOHnIXa89a_IJiIo96FTdqzOGqqFuX18i_zwh2NKi_1AwhUxwN1qBkgsOGpuIQ9tcOvPOw==&freq=0&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=130&bp=2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA6:69:1C:17:89:EB:E3:18:A2:AB:44:48:75:FC:12:8C:1A:BF:B7:97
ValidityFri, 20 Sep 2024 14:26:10 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1997480&pid=__clb-1997480_1&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=kUeFOfcK26TtS4YkKmDX-EZ-gnWsVolDbBzPoXkyqQsKQFhyyqiMjyomHA6sG-EtS_frqozhUxyWYXTCjlgb1HATj-vUsrbJ4VFGeySv7s_PEBikZ0tFd2rZM_HeIk-8YcLUR5iD9tuFWFMtkkP6ikBwlyknDXe8N3f9hQQXZp4xt8ZaS70mdrezYxprqaGTKKQIJoJZg7zHGkd7pBFHM6XCRJlAfkErPWxbg1oloLNqZLt-9xbvMJyi7Aaq89tBxps5K_NE7bM6J7WTZ6ZPt71mJf6Waek8o460Fxkm9TfeHiqCcEj1RK-k2k0FMvjnHMnw0wKsBXrZx7riZtN6ryPDidHnVpk20Z_Y975CIBczZhperO9JqxxsIZSTiklhmSuB6Vd-G34valrhhoaQyszgJhsL8_NuMUtr6zIcfrMVBaA-INUaM21UBPS2zcioBQnCW53YwCiH-JHziSmfEjhfUhOevvqlJ-6ULIWJiQ7Lonf2Xvu9-wYbk3pL-dP4qmbJm1fC1-W0gROWpA0wf-g26BOCkKfuIiki37QhpGiRO5SgNi68OK8T5oYsKdIDUSRFGTnCA2oBJhXCi9IAoGaAOFAbfRA13v2v3eJNnWYoC5spK6ocLnOX58_z7IPOlriM_rNyeZLpXuCyiiq_LWHDbjJi0oM5sO00hr2JGw5Wd54X505Lydzll7tDYqM6dIJ6nfabRmBVB_OuT3o-wx8c7IooDlMK8JZsn2oPQtu8Sfgmv_XW0gC0YAGRwVpcpA1SSZkbvhQPsm4_FhDac4QDenGTOAy7XyVwUm4AUk53G0VVlxHChJUT3C1UTSy0hOJnzJVw7C50EGLPumEAc-SOw73chHq8hEIGNc-5HN7GmCXzBLGPPHqJdhclntGxGRix5rKgfgLbvtQbFRvMr2e25pk6hdfg9NYDvjdlD-92-jg454obGikRynLX-WzvFaNTilvdeUbo-iHM7sMT5Ekc2FrsCS4IWvVAR7-B75EJEPRv-iCB1fpomwERRcfzrGDX30pU2nA_DtE1wG_ULxQSRY8odOJ4MgpheQm2PsbMTOdXSF76w-H3N7h4o7w49nl7cQQfnTpA8ZYoJKK99cY8VIUtarWzeL61AECBLKGQmFYUm7qlcqoGyMTgczAl0rT5MaCsTI-35dwhq6cPXXP-7tzLitwRo5jwybJxYQGIqNGzwZnYF2asKSU7W0MWYi1CJZdqZcr-t9l0clQ7GzuHiG92W_kpPH5M1QdrdBdGGOHnIXa89a_IJiIo96FTdqzOGqqFuX18i_zwh2NKi_1AwhUxwN1qBkgsOGpuIQ9tcOvPOw==&freq=0&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=130&bp=2 HTTP/1.1
Host: endowmentoverhangutmost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cart=1; cart_p=2; CHCK=1; UID=25022623554db5e257089a48af928a99c672
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: BCAI=ADA76gAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
BMI=AEH8KgAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
BCRI=ADLkigAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET pinkheartmovies.xyz/wp-content/uploads/2023/09/hard_cpl-LIVE-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80__DONE8.webp
200 OK 13 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/uploads/2023/09/hard_cpl-LIVE-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80__DONE8.webp
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 242x322, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 1118d3d96ff9b888041b888323faf30e
8343eb431905538b9802f2a18f5ef2bd05d2bcf2
a9b9eb0e4f43b6ee5afdce74cee974024b474f151c2a8cbd0ddf0a0577ff0308
GET /wp-content/uploads/2023/09/hard_cpl-LIVE-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80__DONE8.webp HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; bnState_1997480={"impressions":2,"delayStarted":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/webp
content-length: 13414
last-modified: Mon, 01 Apr 2024 19:12:24 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDX1dhGbVg14UDnpUqWCYsVC0olrzzqSAb%2BEGjMQLuUVAyv4E8ShbVbKzjT7cMSS9kWUA5rMyIj9eYN9f7YOfjDYqvp0c2LQPN10fLkC7yyQhNdS2ocKccoSJqxH3ICWfKBGBJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594ba7f9d56af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4537&min_rtt=1163&rtt_var=5334&sent=209&recv=55&lost=0&retrans=0&sent_bytes=200243&recv_bytes=14618&delivery_rate=5763&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=1969&x=1", cfExtPri, cfHdrFlush;dur=0
GET endowmentoverhangutmost.com/check.html
200 OK 2.8 kB URL GET HTTP/2 endowmentoverhangutmost.com/check.html
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA6:69:1C:17:89:EB:E3:18:A2:AB:44:48:75:FC:12:8C:1A:BF:B7:97
ValidityFri, 20 Sep 2024 14:26:10 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type HTML document, ASCII text, with very long lines (6968)
Hash 329ff62f9e49c0eecaf71146e1bd72b3
ebff43a9afed32696ec0820025c43df514007305
0a6c1e2bf883a10a520dd8d9c7e34507794ce10ec138937bb575eda0423e3743
GET /check.html HTTP/1.1
Host: endowmentoverhangutmost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 20 Feb 2025 11:07:42 GMT
vary: Accept-Encoding
etag: W/"67b70cfe-39e"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
GET endowmentoverhangutmost.com/whob.gif?z=1997480&pid=__clb-1997480_1&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=kUeFOfcK26TtS4YkKmDX-EZ-gnWsVolDbBzPoXkyqQsKQFhyyqiMjyomHA6sG-EtS_frqozhUxyWYXTCjlgb1HATj-vUsrbJ4VFGeySv7s_PEBikZ0tFd2rZM_HeIk-8YcLUR5iD9tuFWFMtkkP6ikBwlyknDXe8N3f9hQQXZp4xt8ZaS70mdrezYxprqaGTKKQIJoJZg7zHGkd7pBFHM6XCRJlAfkErPWxbg1oloLNqZLt-9xbvMJyi7Aaq89tBxps5K_NE7bM6J7WTZ6ZPt71mJf6Waek8o460Fxkm9TfeHiqCcEj1RK-k2k0FMvjnHMnw0wKsBXrZx7riZtN6ryPDidHnVpk20Z_Y975CIBczZhperO9JqxxsIZSTiklhmSuB6Vd-G34valrhhoaQyszgJhsL8_NuMUtr6zIcfrMVBaA-INUaM21UBPS2zcioBQnCW53YwCiH-JHziSmfEjhfUhOevvqlJ-6ULIWJiQ7Lonf2Xvu9-wYbk3pL-dP4qmbJm1fC1-W0gROWpA0wf-g26BOCkKfuIiki37QhpGiRO5SgNi68OK8T5oYsKdIDUSRFGTnCA2oBJhXCi9IAoGaAOFAbfRA13v2v3eJNnWYoC5spK6ocLnOX58_z7IPOlriM_rNyeZLpXuCyiiq_LWHDbjJi0oM5sO00hr2JGw5Wd54X505Lydzll7tDYqM6dIJ6nfabRmBVB_OuT3o-wx8c7IooDlMK8JZsn2oPQtu8Sfgmv_XW0gC0YAGRwVpcpA1SSZkbvhQPsm4_FhDac4QDenGTOAy7XyVwUm4AUk53G0VVlxHChJUT3C1UTSy0hOJnzJVw7C50EGLPumEAc-SOw73chHq8hEIGNc-5HN7GmCXzBLGPPHqJdhclntGxGRix5rKgfgLbvtQbFRvMr2e25pk6hdfg9NYDvjdlD-92-jg454obGikRynLX-WzvFaNTilvdeUbo-iHM7sMT5Ekc2FrsCS4IWvVAR7-B75EJEPRv-iCB1fpomwERRcfzrGDX30pU2nA_DtE1wG_ULxQSRY8odOJ4MgpheQm2PsbMTOdXSF76w-H3N7h4o7w49nl7cQQfnTpA8ZYoJKK99cY8VIUtarWzeL61AECBLKGQmFYUm7qlcqoGyMTgczAl0rT5MaCsTI-35dwhq6cPXXP-7tzLitwRo5jwybJxYQGIqNGzwZnYF2asKSU7W0MWYi1CJZdqZcr-t9l0clQ7GzuHiG92W_kpPH5M1QdrdBdGGOHnIXa89a_IJiIo96FTdqzOGqqFuX18i_zwh2NKi_1AwhUxwN1qBkgsOGpuIQ9tcOvPOw==&freq=0&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=130&bp=2
200 OK 43 B URL GET HTTP/2 endowmentoverhangutmost.com/whob.gif?z=1997480&pid=__clb-1997480_1&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=kUeFOfcK26TtS4YkKmDX-EZ-gnWsVolDbBzPoXkyqQsKQFhyyqiMjyomHA6sG-EtS_frqozhUxyWYXTCjlgb1HATj-vUsrbJ4VFGeySv7s_PEBikZ0tFd2rZM_HeIk-8YcLUR5iD9tuFWFMtkkP6ikBwlyknDXe8N3f9hQQXZp4xt8ZaS70mdrezYxprqaGTKKQIJoJZg7zHGkd7pBFHM6XCRJlAfkErPWxbg1oloLNqZLt-9xbvMJyi7Aaq89tBxps5K_NE7bM6J7WTZ6ZPt71mJf6Waek8o460Fxkm9TfeHiqCcEj1RK-k2k0FMvjnHMnw0wKsBXrZx7riZtN6ryPDidHnVpk20Z_Y975CIBczZhperO9JqxxsIZSTiklhmSuB6Vd-G34valrhhoaQyszgJhsL8_NuMUtr6zIcfrMVBaA-INUaM21UBPS2zcioBQnCW53YwCiH-JHziSmfEjhfUhOevvqlJ-6ULIWJiQ7Lonf2Xvu9-wYbk3pL-dP4qmbJm1fC1-W0gROWpA0wf-g26BOCkKfuIiki37QhpGiRO5SgNi68OK8T5oYsKdIDUSRFGTnCA2oBJhXCi9IAoGaAOFAbfRA13v2v3eJNnWYoC5spK6ocLnOX58_z7IPOlriM_rNyeZLpXuCyiiq_LWHDbjJi0oM5sO00hr2JGw5Wd54X505Lydzll7tDYqM6dIJ6nfabRmBVB_OuT3o-wx8c7IooDlMK8JZsn2oPQtu8Sfgmv_XW0gC0YAGRwVpcpA1SSZkbvhQPsm4_FhDac4QDenGTOAy7XyVwUm4AUk53G0VVlxHChJUT3C1UTSy0hOJnzJVw7C50EGLPumEAc-SOw73chHq8hEIGNc-5HN7GmCXzBLGPPHqJdhclntGxGRix5rKgfgLbvtQbFRvMr2e25pk6hdfg9NYDvjdlD-92-jg454obGikRynLX-WzvFaNTilvdeUbo-iHM7sMT5Ekc2FrsCS4IWvVAR7-B75EJEPRv-iCB1fpomwERRcfzrGDX30pU2nA_DtE1wG_ULxQSRY8odOJ4MgpheQm2PsbMTOdXSF76w-H3N7h4o7w49nl7cQQfnTpA8ZYoJKK99cY8VIUtarWzeL61AECBLKGQmFYUm7qlcqoGyMTgczAl0rT5MaCsTI-35dwhq6cPXXP-7tzLitwRo5jwybJxYQGIqNGzwZnYF2asKSU7W0MWYi1CJZdqZcr-t9l0clQ7GzuHiG92W_kpPH5M1QdrdBdGGOHnIXa89a_IJiIo96FTdqzOGqqFuX18i_zwh2NKi_1AwhUxwN1qBkgsOGpuIQ9tcOvPOw==&freq=0&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=130&bp=2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA6:69:1C:17:89:EB:E3:18:A2:AB:44:48:75:FC:12:8C:1A:BF:B7:97
ValidityFri, 20 Sep 2024 14:26:10 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1997480&pid=__clb-1997480_1&pb=0dc8bb0f55c6995c7b1af87740cca9d71740639308&pbc=7NQC6JxLqYhMDMBn&pbu=qWkXtZSvbzFMDMBn&psp=kUeFOfcK26TtS4YkKmDX-EZ-gnWsVolDbBzPoXkyqQsKQFhyyqiMjyomHA6sG-EtS_frqozhUxyWYXTCjlgb1HATj-vUsrbJ4VFGeySv7s_PEBikZ0tFd2rZM_HeIk-8YcLUR5iD9tuFWFMtkkP6ikBwlyknDXe8N3f9hQQXZp4xt8ZaS70mdrezYxprqaGTKKQIJoJZg7zHGkd7pBFHM6XCRJlAfkErPWxbg1oloLNqZLt-9xbvMJyi7Aaq89tBxps5K_NE7bM6J7WTZ6ZPt71mJf6Waek8o460Fxkm9TfeHiqCcEj1RK-k2k0FMvjnHMnw0wKsBXrZx7riZtN6ryPDidHnVpk20Z_Y975CIBczZhperO9JqxxsIZSTiklhmSuB6Vd-G34valrhhoaQyszgJhsL8_NuMUtr6zIcfrMVBaA-INUaM21UBPS2zcioBQnCW53YwCiH-JHziSmfEjhfUhOevvqlJ-6ULIWJiQ7Lonf2Xvu9-wYbk3pL-dP4qmbJm1fC1-W0gROWpA0wf-g26BOCkKfuIiki37QhpGiRO5SgNi68OK8T5oYsKdIDUSRFGTnCA2oBJhXCi9IAoGaAOFAbfRA13v2v3eJNnWYoC5spK6ocLnOX58_z7IPOlriM_rNyeZLpXuCyiiq_LWHDbjJi0oM5sO00hr2JGw5Wd54X505Lydzll7tDYqM6dIJ6nfabRmBVB_OuT3o-wx8c7IooDlMK8JZsn2oPQtu8Sfgmv_XW0gC0YAGRwVpcpA1SSZkbvhQPsm4_FhDac4QDenGTOAy7XyVwUm4AUk53G0VVlxHChJUT3C1UTSy0hOJnzJVw7C50EGLPumEAc-SOw73chHq8hEIGNc-5HN7GmCXzBLGPPHqJdhclntGxGRix5rKgfgLbvtQbFRvMr2e25pk6hdfg9NYDvjdlD-92-jg454obGikRynLX-WzvFaNTilvdeUbo-iHM7sMT5Ekc2FrsCS4IWvVAR7-B75EJEPRv-iCB1fpomwERRcfzrGDX30pU2nA_DtE1wG_ULxQSRY8odOJ4MgpheQm2PsbMTOdXSF76w-H3N7h4o7w49nl7cQQfnTpA8ZYoJKK99cY8VIUtarWzeL61AECBLKGQmFYUm7qlcqoGyMTgczAl0rT5MaCsTI-35dwhq6cPXXP-7tzLitwRo5jwybJxYQGIqNGzwZnYF2asKSU7W0MWYi1CJZdqZcr-t9l0clQ7GzuHiG92W_kpPH5M1QdrdBdGGOHnIXa89a_IJiIo96FTdqzOGqqFuX18i_zwh2NKi_1AwhUxwN1qBkgsOGpuIQ9tcOvPOw==&freq=0&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=1&tp=0&vp=0&im=1&noch=1&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&pload=130&bp=2 HTTP/1.1
Host: endowmentoverhangutmost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cart=1; cart_p=2; CHCK=1; UID=25022623554db5e257089a48af928a99c672; BCAI=ADA76gAAAAAAAAAB; BMI=AEH8KgAAAAAAAAAB; BCRI=ADLkigAAAAAAAAAB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
set-cookie: BCAV=ADA76gAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
BMV=AEH8KgAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
BCRV=ADLkigAAAAAAAAAB; Path=/; Expires=Fri, 28 Feb 2025 04:55:09 GMT; Secure; SameSite=None
CRICAP=ADLkigAAAAAAAAAB; Path=/; Expires=Sat, 29 Mar 2025 04:55:09 GMT; Secure; SameSite=None
CRIBLOCK=ADLkigAAAABnv%2BNA; Path=/; Expires=Sat, 29 Mar 2025 04:55:09 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/js/live.search.js?ver=DOO_VERSION
404 Not Found 12 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/js/live.search.js?ver=DOO_VERSION
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (8856), with CRLF, LF line terminators
Hash 1c885864eddd327eba28716caf024d63
150d1a6997592561370dca6b713776fd323ca507
62e411642e258666984a632a9aa53cecef71571dc883dca9c867199af95f6dc1
GET /wp-content/themes/PsyPlay125/js/live.search.js?ver=DOO_VERSION HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://pinkheartmovies.xyz/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKedLGg2FF%2FCMxPskgyWsh85IEipluMtt3eq%2FsxuOjNj4bOgiqe4B%2FpYL%2B53bhdgvT52Wvqj8mDlEZtK9gVBeKtT%2FwKePhRjCrihL00PFUY0VsvEYfX5uow67Dj3J4bln0sExDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b70dfc56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2295&min_rtt=1163&rtt_var=852&sent=192&recv=48&lost=0&retrans=0&sent_bytes=186930&recv_bytes=11884&delivery_rate=656118&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=1754&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/img/flags.png
200 OK 70 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/img/flags.png
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash 6ecede345bd081938b85237efdcb6c50
c00790b75b799e330f12d29127a04242f89f0991
27831f446b4c65115ecfcbf2d8fa19c939cf130c8b7b565b9f9217e3dcbb5270
GET /wp-content/themes/PsyPlay125/assets/css/img/flags.png HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/theme.main.css?ver=1.2.5
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; bnState_1997480={"impressions":2,"delayStarted":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/webp
content-length: 70374
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=79112
content-disposition: inline; filename="flags.webp"
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qhoe%2FzDAd3rkWWkBw%2FbG1WZWm5vEGsWwToNaNoMmYDA4zhOkcOH5mtOsLxNAFQVyQEHeUEp4FSGWMlQHxAXAQxH1MTXgHOmpSTHYIcmPZPkVZLz6oPwYWGjicI3phhJYID9TbN0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594ba3f8456af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2269&min_rtt=1163&rtt_var=1597&sent=492&recv=65&lost=0&retrans=0&sent_bytes=529030&recv_bytes=15072&delivery_rate=7526521&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=2184&x=1", cfExtPri, cfHdrFlush;dur=0
POST pinkheartmovies.xyz/wp-admin/admin-ajax.php
403 Forbidden 597 B URL POST HTTP/3 pinkheartmovies.xyz/wp-admin/admin-ajax.php
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type ASCII text, with no line terminators
Hash 6bb61e3b7bce0931da574d19d1d82c88
7984b0a0e139cabadb5afc7756d473fb34d23819
1bad6b8cf97131fceab8543e81f7757195fbb1d36b376ee994ad1cf17699c464
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
Content-Length: 64
Origin: https://pinkheartmovies.xyz
DNT: 1
Connection: keep-alive
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://pinkheartmovies.xyz
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=16KlIGt0GeAwm%2BY5Wt1%2B2KB64ICqipaNbfJjwb5j7XAVwtbAm2g3jUSVkdWZxAr%2FR3s7dizUn9MMORMjuD%2BK4Igh8cZnWFEnkLSdSSATuSDfotIJb1NbUPEetdxFQxVn%2BD5OEVU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b6fdf256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2189&min_rtt=1163&rtt_var=851&sent=208&recv=54&lost=0&retrans=0&sent_bytes=199409&recv_bytes=14572&delivery_rate=5921928&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=1921&x=1", cfExtPri, cfHdrFlush;dur=0
GET endowmentoverhangutmost.com/lv/esnk/1997480/code.js
200 OK 92 kB URL GET HTTP/2 endowmentoverhangutmost.com/lv/esnk/1997480/code.js
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA6:69:1C:17:89:EB:E3:18:A2:AB:44:48:75:FC:12:8C:1A:BF:B7:97
ValidityFri, 20 Sep 2024 14:26:10 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type gzip compressed data, max speed, from Unix
Hash f059624b12714c0a5d2435095aba3895
3b7616a638f3107925c9f8f018a1e6e3030b9bf3
7666c0f1c6ae76b22527d4e6b7f42ee5916a4cd11989fa61becdfa3f3a668c30
GET /lv/esnk/1997480/code.js HTTP/1.1
Host: endowmentoverhangutmost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Feb 2025 08:31:53 GMT
vary: Accept-Encoding
etag: W/"67bed179-2a15b"
x-js-ab2: var771
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/video.js/7.21.5/video.min.js
200 OK 137 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/video.js/7.21.5/video.min.js
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (48459)
Size 137 kB (137405 bytes)
Hash d7fdaaab43bc993b85290c713fd2d289
46bf3d27b2cf38b0e999d3b0a7613011181c87f9
c9535ea3a4e0af22e960ac1e32d363a71029f31aa96b29fc894e111fee49329e
GET /ajax/libs/video.js/7.21.5/video.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 137405
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64bb5c88-218bd"
last-modified: Sat, 22 Jul 2023 04:35:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1916314
expires: Tue, 17 Feb 2026 04:55:09 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MRlSvBDnk5DJmDWtm37tdn18lu%2BgxJHtqlbMJxUjAvQeMkaHuhcaQRzWqM4iFldwanzQ8puqAw%2BZz4F7VCDBOtWNQfG14kf6KuFTadMEP3yrZpZ4TYIxw36QvntCiVi%2BeS6O%2FVt1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 918594bce98356c0-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdnjs.cloudflare.com/ajax/libs/videojs-hotkeys/0.2.28/videojs.hotkeys.min.js
200 OK 1.6 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/videojs-hotkeys/0.2.28/videojs.hotkeys.min.js
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT
File type JavaScript source, ASCII text, with very long lines (4505)
Hash f2ecb2bd8a424c8e8cf507ce8bd933c2
3cbc08ca052ea25c3b0834b9291a3ca1e9122e26
4c0745052abbb26087a707bb0a043b43c393674055ba2d4452ac89e6923eb099
GET /ajax/libs/videojs-hotkeys/0.2.28/videojs.hotkeys.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 1571
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630ad3e5-623"
last-modified: Sun, 28 Aug 2022 02:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 200131
expires: Tue, 17 Feb 2026 04:55:09 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrUUCq6yAjK0O9zUQoaIv8lKLWzlGIXQ2GVsZYymvw3bzboJMkkovZl7BYrMv%2FOpoaOInwl2wBGBBNVjQBvFmxVHNDyvM3bDSVlXzKF1Ok8YFAiOC5NrUh5D852QxFLMXeAV4%2FGf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 918594bce98656c0-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET endowmentoverhangutmost.com/get/1997480?zoneid=1997480&jp=_clbwkzsbjdacntbbqatrgp&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&bp=2&pid=__clb-1997480_2&uf=0&freq=0
200 OK 1.2 MB URL GET HTTP/2 endowmentoverhangutmost.com/get/1997480?zoneid=1997480&jp=_clbwkzsbjdacntbbqatrgp&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&bp=2&pid=__clb-1997480_2&uf=0&freq=0
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA6:69:1C:17:89:EB:E3:18:A2:AB:44:48:75:FC:12:8C:1A:BF:B7:97
ValidityFri, 20 Sep 2024 14:26:10 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type gzip compressed data, from Unix
Size 1.2 MB (1236438 bytes)
Hash 7366743b011e0ef0950be57a4204f59c
193bd25e11436305cd0d9223df0aa3d1a26f2545
8480e3d85561f4bf75bf3599d80762a70ec0189a937e6f8c07de0697fdcd220f
GET /get/1997480?zoneid=1997480&jp=_clbwkzsbjdacntbbqatrgp&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=IjOOZbCaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=395549042544128&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&bp=2&pid=__clb-1997480_2&uf=0&freq=0 HTTP/1.1
Host: endowmentoverhangutmost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Thu, 02 Apr 2026 04:55:08 GMT; Secure; SameSite=None
UID=25022623554db5e257089a48af928a99c672; Path=/; Expires=Thu, 02 Apr 2026 04:55:08 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET static.doodcdn.co/js/embed3.js
200 OK 113 kB URL GET HTTP/2 static.doodcdn.co/js/embed3.js
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (27236)
Size 113 kB (112944 bytes)
Hash 49983e649382a6bfd9733ae69af88203
e2da77757b586c41f9fa0a30273b4b054830645b
0392c9a6af1cf5076ba83511b4b7cdb32b4409a0ea90cfdc16f3666f611634b8
GET /js/embed3.js HTTP/1.1
Host: static.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: application/javascript
content-length: 112944
last-modified: Sun, 04 Feb 2024 08:20:24 GMT
etag: "65bf48c8-1b930"
expires: Fri, 28 Mar 2025 05:01:57 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 21460
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594bef94456b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.doodcdn.co/img/no_video_3.svg
200 OK 2.8 kB URL GET HTTP/2 i.doodcdn.co/img/no_video_3.svg
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type SVG Scalable Vector Graphics image
Hash 077bfdaa49ae4877a42611b739ec4752
a2f9e1222b7af9abc05122411ab8902efcc08ead
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Fri, 28 Mar 2025 22:56:58 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 21460
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594bf1efd56cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.doodcdn.co/ads/ad.js
200 OK 20 B IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type ASCII text, with no line terminators
Hash 69a305bcdc8e061bbd43294a477a3678
506582a1d912d546f5942d95ffae95ec7f4c37ce
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa
GET /ads/ad.js HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: application/javascript
content-length: 20
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cache-control: public, max-age=2592000
expires: Thu, 26 Feb 2026 22:56:58 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 21461
accept-ranges: bytes
server: cloudflare
cf-ray: 918594c02f9e56cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET pinkheartmovies.xyz/wp-content/uploads/2023/03/hard_cpl-LIVE-3-3.gif
200 OK 1.6 MB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/uploads/2023/03/hard_cpl-LIVE-3-3.gif
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Size 1.6 MB (1586782 bytes)
Hash ec57129cd6066eb021623be4ff15d5d7
84b2b02a8c9b9d9c98ef5909daed158b4902370f
d2153efd04d07fce26c0fd77339f584155928fe46484cab813985095bff9743f
GET /wp-content/uploads/2023/03/hard_cpl-LIVE-3-3.gif HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; bnState_1997480={"impressions":2,"delayStarted":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/webp
content-length: 1586782
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=3685711
content-disposition: inline; filename="hard_cpl-LIVE-3-3.webp"
last-modified: Mon, 01 Apr 2024 19:12:29 GMT
vary: Accept
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJJwUPg7MAeaHY9E8pMLH8I4FmsekkCjPOc8QhUou6Bs8F6mO7Zgw41H5S%2BFgK4zDSaVbMBV%2F3RSJ9FoHS6mdXzp5TbEQFwV23iaDzoOmTGQRctLkfuSoeD%2B%2BT%2B2CgtCb43ttfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594ba8fa756af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4140&min_rtt=1163&rtt_var=4793&sent=222&recv=56&lost=0&retrans=0&sent_bytes=214698&recv_bytes=14664&delivery_rate=5833580&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=2070&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/uploads/2023/06/favicon-16x16-1.png
200 OK 510 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/uploads/2023/06/favicon-16x16-1.png
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash 737ebb15a8016571b72e8a9627e93d21
5d52baf1cb1ed706ea5eb6721cb300e30ed9d1a8
a7057d1e92899631ec88366f12d07626c98f5d91b5b63953c62ed361074f30ac
GET /wp-content/uploads/2023/06/favicon-16x16-1.png HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; bnState_1997480={"impressions":2,"delayStarted":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/webp
content-length: 510
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1045
content-disposition: inline; filename="favicon-16x16-1.webp"
last-modified: Mon, 01 Apr 2024 19:12:22 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpRJwdnrTqYBf%2FWLp2zPkk1EWqPdAWLgZAwuxMyS%2BWPpL%2B87I%2FymAmoupdNbtSlcrOc6526xb2o4EeCENDqP4xIcUXdY2E8bOpsdVLvOz3QPToEZiuxBnEsg45l62lQzHMGaQds%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594be39d456af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17198&min_rtt=1134&rtt_var=20502&sent=2294&recv=85&lost=66&retrans=67&sent_bytes=2661643&recv_bytes=16936&delivery_rate=2374845&cwnd=216390&unsent_bytes=0&cid=616b883fe0518211&ts=2563&x=1", cfExtPri, cfHdrFlush;dur=178
GET pinkheartmovies.xyz/wp-content/uploads/2023/06/favicon-16x16-1.png
200 OK 510 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/uploads/2023/06/favicon-16x16-1.png
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash 737ebb15a8016571b72e8a9627e93d21
5d52baf1cb1ed706ea5eb6721cb300e30ed9d1a8
a7057d1e92899631ec88366f12d07626c98f5d91b5b63953c62ed361074f30ac
GET /wp-content/uploads/2023/06/favicon-16x16-1.png HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; bnState_1997480={"impressions":2,"delayStarted":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/webp
content-length: 510
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1045
content-disposition: inline; filename="favicon-16x16-1.webp"
last-modified: Mon, 01 Apr 2024 19:12:22 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSDTFmW4iu%2FTdWFHP23t4LiiqUHaxgjZI8PFVf9ubEFcBDPzgSsADtejZJrkU8KrX7lgRx80eCGMoAxHcc9WykDoQblVbmEXeuylaCSPBiJX1K2oe2I5sPc2QztBtB31PJa7ZYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594be39d556af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17198&min_rtt=1134&rtt_var=20502&sent=2294&recv=85&lost=66&retrans=67&sent_bytes=2661643&recv_bytes=16936&delivery_rate=2374845&cwnd=216390&unsent_bytes=0&cid=616b883fe0518211&ts=2561&x=1", cfExtPri, cfHdrFlush;dur=180
GET d1f05vr3sjsuy7.cloudfront.net/?srvfd=908056
200 OK 107 kB URL GET HTTP/2 d1f05vr3sjsuy7.cloudfront.net/?srvfd=908056
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size 107 kB (106692 bytes)
Hash 8fefe77903eea6edae4d80a82d5851ec
43c2e8d167b7801d5c7e6262fcefb066a16f53d8
8eb13c3338f31f5364055d9c04468f42e5cfa22a4b6206cbae43a4ce95ca1e21
GET /?srvfd=908056 HTTP/1.1
Host: d1f05vr3sjsuy7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 106692
date: Thu, 27 Feb 2025 04:55:10 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a4VI1V-dZizZ3lbn-pUELfSP-aJAQqDQkvVQyFTXMmduWuX7u6JoiQ==
X-Firefox-Spdy: h2
GET i.doodcdn.co/img/logo-s.png
200 OK 1.9 kB URL GET HTTP/3 i.doodcdn.co/img/logo-s.png
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash f0c6bed8c2b7297aab801aa1c449dd14
f44f3ee770d099eedc8ecc32fe5d5a2be9d6bd16
0c591bf4d1b3bd51127f30c9c1f4a727bdf146a60d1a8106bfd575f2bf68c9f3
GET /img/logo-s.png HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: image/webp
content-length: 1932
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=6212
content-disposition: inline; filename="logo-s.webp"
etag: "61d3187c-1844"
expires: Fri, 28 Mar 2025 17:23:56 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
vary: Accept
cf-cache-status: HIT
age: 21456
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 918594c2adf956bf-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET i.doodcdn.co/fonts/avertastd-regular-webfont.woff2
200 OK 24 kB URL GET HTTP/2 i.doodcdn.co/fonts/avertastd-regular-webfont.woff2
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type Web Open Font Format (Version 2), TrueType, length 23812, version 1.524
Hash eb586e5a1b86dbf1c866e3ed80f9d18e
280ee78d19c017ab9335f769595e5157d3c4a343
714e70103deac0d67f52a6285c5fabee6088ce4d710ce7e74353503837038baf
GET /fonts/avertastd-regular-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: font/woff2
content-length: 23812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cache-control: max-age=2592000
expires: Fri, 28 Mar 2025 22:56:58 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 21330
accept-ranges: bytes
server: cloudflare
cf-ray: 918594c2ec93b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.doodcdn.co/upload-data/player_logo/logo_1888.png
200 OK 6.4 kB URL GET HTTP/3 i.doodcdn.co/upload-data/player_logo/logo_1888.png
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 300x80, components 3
Hash 733d4240bf3ee7196f7d88e86dbed475
634c580e2f4caf0c46b00469178b8283893cf705
43b3dfbb2d3f78e98610888bf2fc212b262ac8abe0d83af4b16dd192df1aa838
GET /upload-data/player_logo/logo_1888.png HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: image/png
content-length: 6408
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10661
expires: Fri, 28 Mar 2025 23:21:08 GMT
last-modified: Fri, 26 Aug 2022 11:16:29 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594c2adf756bf-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET et.vizierspavan.com/fnWM0kwI7wCwkEF/111551
200 OK 6 B URL GET HTTP/1.1 et.vizierspavan.com/fnWM0kwI7wCwkEF/111551
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerLet's Encrypt
Subjectet.vizierspavan.com
FingerprintAA:C5:D6:93:90:F2:D6:E5:FF:34:7C:BD:85:C0:F5:F8:A7:2E:C9:C1
ValidityThu, 16 Jan 2025 07:59:26 GMT - Wed, 16 Apr 2025 07:59:25 GMT
File type ASCII text, with no line terminators
Hash 4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /fnWM0kwI7wCwkEF/111551 HTTP/1.1
Host: et.vizierspavan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:10 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Origin
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Megageocheckolololo, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, OPTIONS
Set-Cookie: GGI10=G/IAAASeD7dNK/dmKv8IjKne3vVF23LHD4p/239bRbcCCoMg63NMJOcmHtdgLENcdVb9C/8fcU22F4TMszPXDn3bi0JM1sszQtMiPRle3iuF+nW+PadvTJQWghuEE2erh7OxP8CGug0ouFXNMz9sX8bofOhPVVBMTsv72LAiF5aGU46qKWF8uZ1fb+RKCE0MoKV13JEH4pnoZXocf6ywyRddqbWmm1R6/v8=; max-age=3600000; path=/; secure; SameSite=None
GUI4=G9kDAMRQnU1rdNODldiBgqv9J4LR4ZIpRP//vdPfGiAhh/bGvK81pv6iBLaFAYf/eEDZX79sWlES23jH+ZnyC+h/BfcJugQcr2a+Spl4kUudh1pyfvtxGHXpyfm/6l14csbpWPecBaFLH52XIrsbrw2DlBknEdqjUJCtRLH8CRyMHXaHMPIPNMwOiZ+mh90uoml0oMyPyjICQTQG4AssrYMjjlUQfJtTBUeItkBwbYRr+RbFh1BcDk3R9gfOzTdwgECZvJCvansmZmiKWl9FJ0o0tR7RxpKbqSssCJHIVSOPXozMBcX7RmAaOTRuJ+OS7oiHZeWjuObgDENbRRhprx44SQdVi1x8coQULb+KJJ+cg8YxSJfe2lt5pbe17j1KUAAe5e08pTanGtSQH0hQzmwxlVQWvOOf0RqLdTeC7NL5yqNz7YU9l5kbLmS5vodMb6hJTYSEJFraaKuNkmSsCzVtpYasataQshbbfhA7mt1FZBkjR1aKvqhnvC4B8R8QjEMeHmg1RWyNShIFiNqVuHpJ1PLMsq6ivmeuWhIsnYWrr5ZepTS7mSz9Z5CkaE2cpSs7KVG7B500yYXKCt02; max-age=3600000; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
GET i.doodcdn.co/fonts/avertastd-bold-webfont.woff2
200 OK 24 kB URL GET HTTP/2 i.doodcdn.co/fonts/avertastd-bold-webfont.woff2
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type Web Open Font Format (Version 2), TrueType, length 23604, version 1.0
Hash e9133fd11f14c09a2e4556c395a0ef7d
00fad09605f3342df5c9aeba130156fe19ade8b0
06244cc9cd0c998581b1bf93f5222deee7d2d0b09299190e163961afa973ba91
GET /fonts/avertastd-bold-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: font/woff2
content-length: 23604
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cache-control: max-age=2592000
expires: Fri, 28 Mar 2025 22:59:18 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 8353
accept-ranges: bytes
server: cloudflare
cf-ray: 918594c2ec95b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET emittediodids.top/r67bfab0172f04/70849
200 OK 20 kB URL GET HTTP/1.1 emittediodids.top/r67bfab0172f04/70849
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerZeroSSL
Subjectemittediodids.top
Fingerprint6C:67:B8:1C:9C:D4:3B:6B:C1:42:53:D7:6A:B5:37:2A:DB:6D:C6:74
ValidityTue, 25 Feb 2025 00:00:00 GMT - Mon, 26 May 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (61222), with no line terminators
Hash cbfa1be70e5a918c1d49a1cd4f3504b2
4844a6c16ef39509fe3ce36f320d5244e8d991d2
12d02a3a577a692933734988337e5e23529f490443c9f3fa45783272d405b286
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /r67bfab0172f04/70849 HTTP/1.1
Host: emittediodids.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dooodster.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Fri, 28-Feb-2025 04:55:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Fri, 28-Feb-2025 04:55:10 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
GET i.doodcdn.co/fonts/avertastd-semibold-webfont.woff2
200 OK 24 kB URL GET HTTP/2 i.doodcdn.co/fonts/avertastd-semibold-webfont.woff2
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type Web Open Font Format (Version 2), TrueType, length 23800, version 1.524
Hash 3ec2d18c5a3d480b0161ce3c9a69aa5c
a12a5815c1ec2eb7c04dab567ba99c82d7b3d2e0
eca03a9512b9c95df8bc4589fc70bd8ca33319245b95d67e84b5cb584a9fc5fe
GET /fonts/avertastd-semibold-webfont.woff2 HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: font/woff2
content-length: 23800
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cache-control: max-age=2592000
expires: Fri, 28 Mar 2025 22:56:59 GMT
vary: User-Agent,Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 21284
accept-ranges: bytes
server: cloudflare
cf-ray: 918594c2fc9ab4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
HEAD dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
200 OK 0 B URL HEAD HTTP/2 dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdooodster.com
Fingerprint8F:6A:94:3C:7A:A4:33:12:2A:98:6A:78:7C:CC:C0:5B:5D:E8:5D:C1
ValidityFri, 10 Jan 2025 10:41:34 GMT - Thu, 10 Apr 2025 11:40:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/seyydirtqz66uk51cnib56qkt1c5wqb HTTP/1.1
Host: dooodster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 26 Feb 2025 04:55:10 GMT
set-cookie: lang=1; domain=.dooodster.com; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9wrwfgDdifby%2BCCZwI%2F1snlCJRTxThFH9EC604HqvHRKiBM4HRv%2FAY98OZL6NziQUMegOfMhtsHduSOCUhZeJlHjq9iP4LQ8FpRGaaW%2BvDUJXi4bzGDGpuGQLplGvZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594c2acd31bfe-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=3938&min_rtt=435&rtt_var=4514&sent=48&recv=29&lost=0&retrans=1&sent_bytes=39365&recv_bytes=1587&delivery_rate=15873325&cwnd=255&unsent_bytes=0&cid=ba5c1e7cdcba7248&ts=1383&x=0"
X-Firefox-Spdy: h2
GET i.doodcdn.com/theme_2/img/loader.svg
301 Moved Permanently 167 B URL GET HTTP/2 i.doodcdn.com/theme_2/img/loader.svg
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.com
Fingerprint49:28:6E:86:D5:98:B9:88:76:1E:D4:24:84:78:67:2A:60:68:B8:CF
ValidityThu, 30 Jan 2025 16:00:27 GMT - Wed, 30 Apr 2025 16:58:41 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /theme_2/img/loader.svg HTTP/1.1
Host: i.doodcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: text/html
content-length: 167
location: https://i.doodcdn.co/theme_2/img/loader.svg
cache-control: max-age=3600
expires: Thu, 27 Feb 2025 05:55:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MBqUH74vL5Hm6Xj3Mg2myYFluwQltxaP87NC1WsrwzXhZdbzmIYRqb3rRwF%2BHaULesoA9AcqNHdYa5dqiw2fv6PK9iBRp%2BdRXXsUv%2Ff44UOIoEdQ2CoThsP1oK6YRK%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594c35cb6b4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=930&min_rtt=454&rtt_var=976&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1212&delivery_rate=7313131&cwnd=254&unsent_bytes=0&cid=123bc168fcacf595&ts=100&x=0"
X-Firefox-Spdy: h2
GET img.doodcdn.co/splash/vgmjruvngbqa39i0.jpg
200 OK 114 kB URL GET HTTP/2 img.doodcdn.co/splash/vgmjruvngbqa39i0.jpg
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1264x715, components 3
Size 114 kB (113703 bytes)
Hash 9a51671ccf91b80bde0568434286d77c
84dd66dbcf4f5dcaf045cdbea3cbd64b43c042cf
7d666bf66a08793cf1f818f428b8f106c8eb8d7cb15daa1bd06f88f2f6c8c1c6
GET /splash/vgmjruvngbqa39i0.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: image/jpeg
content-length: 113703
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=115049
etag: "670ec3fc-1c169"
expires: Wed, 12 Mar 2025 07:35:54 GMT
last-modified: Tue, 15 Oct 2024 19:35:24 GMT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594c019e256b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET waisheph.com/tag.min.js
200 OK 37 kB IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintE7:88:EE:CD:93:DB:C5:BE:BA:76:E6:0D:56:EB:32:21:DC:F1:FA:91
ValiditySun, 23 Feb 2025 22:17:56 GMT - Sat, 24 May 2025 22:17:55 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 608f9c22aa4c7bbe82658ef96589d803
b23f924fa302e85bd078732aba5b5a8c86f0a7b0
fbc080c10b94a1d49d763c144f72614e691aec3fb3867c135c4103df8b82c5c6
GET /tag.min.js HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: text/javascript; charset=utf-8
content-length: 37248
content-encoding: br
x-trace-id: 751aaa98b2be8669aa677ae0ed14db1c
accept-ranges: bytes
last-modified: Wed, 26 Feb 2025 15:51:47 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET img.doodcdn.co/splash/vgmjruvngbqa39i0.jpg
200 OK 114 kB URL GET HTTP/2 img.doodcdn.co/splash/vgmjruvngbqa39i0.jpg
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1264x715, components 3
Size 114 kB (113703 bytes)
Hash 9a51671ccf91b80bde0568434286d77c
84dd66dbcf4f5dcaf045cdbea3cbd64b43c042cf
7d666bf66a08793cf1f818f428b8f106c8eb8d7cb15daa1bd06f88f2f6c8c1c6
GET /splash/vgmjruvngbqa39i0.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: image/jpeg
content-length: 113703
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=115049
etag: "670ec3fc-1c169"
expires: Wed, 12 Mar 2025 09:01:11 GMT
last-modified: Tue, 15 Oct 2024 19:35:24 GMT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594c2adf856bf-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
POST duomoscrinkum.shop/cuid/?f=https%3A%2F%2Fdooodster.com
200 OK 0 B URL POST HTTP/1.1 duomoscrinkum.shop/cuid/?f=https%3A%2F%2Fdooodster.com
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerLet's Encrypt
Subjectduomoscrinkum.shop
Fingerprint9F:47:EC:B9:44:5C:E5:DF:2F:EE:44:31:BB:2D:E6:6A:68:69:7E:82
ValidityTue, 11 Feb 2025 17:22:29 GMT - Mon, 12 May 2025 17:22:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /cuid/?f=https%3A%2F%2Fdooodster.com HTTP/1.1
Host: duomoscrinkum.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dooodster.com/
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:10 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dooodster.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
POST duomoscrinkum.shop/cuid/?f=https%3A%2F%2Fdooodster.com
200 OK 32 B URL POST HTTP/1.1 duomoscrinkum.shop/cuid/?f=https%3A%2F%2Fdooodster.com
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerLet's Encrypt
Subjectduomoscrinkum.shop
Fingerprint9F:47:EC:B9:44:5C:E5:DF:2F:EE:44:31:BB:2D:E6:6A:68:69:7E:82
ValidityTue, 11 Feb 2025 17:22:29 GMT - Mon, 12 May 2025 17:22:28 GMT
Hash 441658dc485f7f5086acad14cc6d15a1
1e6d75b0f3f748ed88d7ecc52fdbe48743f4d72d
86083263b79d0329c6470597746900a0715d64fc48dd43726d9f6e279005fb33
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /cuid/?f=https%3A%2F%2Fdooodster.com HTTP/1.1
Host: duomoscrinkum.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
Content-Type: application/json
Content-Length: 10
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:10 GMT
Content-Type: application/json
Content-Length: 32
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dooodster.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: a97fa794a0f9=673314558a23e5dab0e8f2; expires=Mon, 17 Jun 2052 20:18:56 GMT; domain=duomoscrinkum.shop; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
GET dooodster.com/pass_md5/91533936-91-90-1740632109-2af151b12b575bc3be2c46d77897ced9/memifh2zu7xstggzvoknausq
200 OK 1.3 kB URL GET HTTP/2 dooodster.com/pass_md5/91533936-91-90-1740632109-2af151b12b575bc3be2c46d77897ced9/memifh2zu7xstggzvoknausq
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdooodster.com
Fingerprint8F:6A:94:3C:7A:A4:33:12:2A:98:6A:78:7C:CC:C0:5B:5D:E8:5D:C1
ValidityFri, 10 Jan 2025 10:41:34 GMT - Thu, 10 Apr 2025 11:40:23 GMT
File type ASCII text, with no line terminators
Hash fb1509310d84160354aff14bc552e12d
d85df8d2341eaf8962ec7bc2c4207a96b7f89028
55baa5e309c26dc2dd6258f42e10f008c18519376203c6efc2c0a6224cdc62fe
GET /pass_md5/91533936-91-90-1740632109-2af151b12b575bc3be2c46d77897ced9/memifh2zu7xstggzvoknausq HTTP/1.1
Host: dooodster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F27m2btGsH%2BA51u4HLa5ynE0kr%2FWf3xcsNfqiNSzY34VoiyYsu3qDpVmwsYc5me%2FI99chfK%2F79YuQeAlbmCj2O2f8IQPiQyV9ZwpixzYdNgUs69syFHDveCW8srZqzc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594c29ccc1bfe-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=3072&min_rtt=435&rtt_var=3709&sent=44&recv=28&lost=0&retrans=0&sent_bytes=38737&recv_bytes=1587&delivery_rate=15873325&cwnd=255&unsent_bytes=0&cid=ba5c1e7cdcba7248&ts=1345&x=0"
X-Firefox-Spdy: h2
GET shakingtacklingunpeeled.com/aas/r45d/vki/1999414/3dc25ad5.js
200 OK 58 kB URL GET HTTP/2 shakingtacklingunpeeled.com/aas/r45d/vki/1999414/3dc25ad5.js
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint4D:79:44:BF:B1:21:6E:06:AE:F6:CB:C3:96:AB:03:90:80:2B:CF:E6
ValidityFri, 20 Sep 2024 14:45:34 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type gzip compressed data, max speed, from Unix
Hash 377692c73b9db0882469b5f973c9e307
cbb6ab85838216cf1539e9e60de8a48d68adfd7c
e0b8513fc07c4920624a140d12d3ee97cdff7a9c193d0d0dd56896043d78546b
GET /aas/r45d/vki/1999414/3dc25ad5.js HTTP/1.1
Host: shakingtacklingunpeeled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Feb 2025 07:55:42 GMT
vary: Accept-Encoding
etag: W/"67bec8fe-24db2"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
GET remarkedoneoftheo.org/dVluRXRaZg02SRYfI3QlGCEnHxMRITl1Nh8dNgsWJB4BCxBELkgxHRFkV3VFR2xWYwQcPVN3TVMqGiQAACpTdFIcNwgqSVMvU3RaRXdYdVpBfxt4RVMtHiQTSGhINQABNVN0Q0FpWHZGRGhec0xD
204 No Content 0 B URL GET HTTP/2 remarkedoneoftheo.org/dVluRXRaZg02SRYfI3QlGCEnHxMRITl1Nh8dNgsWJB4BCxBELkgxHRFkV3VFR2xWYwQcPVN3TVMqGiQAACpTdFIcNwgqSVMvU3RaRXdYdVpBfxt4RVMtHiQTSGhINQABNVN0Q0FpWHZGRGhec0xD
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dVluRXRaZg02SRYfI3QlGCEnHxMRITl1Nh8dNgsWJB4BCxBELkgxHRFkV3VFR2xWYwQcPVN3TVMqGiQAACpTdFIcNwgqSVMvU3RaRXdYdVpBfxt4RVMtHiQTSGhINQABNVN0Q0FpWHZGRGhec0xD HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 27 Feb 2025 04:55:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjYHqlqsnSP3rfvHWxpH6%2BcDI0mDBOmj4n2s2kTs1b5AeT%2BjhlAq807UkKPIIpUtAjLdROMDhrYCVmM88lzIgNOKELLolMgb8Q%2Fx%2BTg3NyBIhMnbt91Pk0FL4CuKKQbb%2B9artEKU2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594c4ecb57127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=530&min_rtt=410&rtt_var=254&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3226&recv_bytes=1574&delivery_rate=7970642&cwnd=252&unsent_bytes=0&cid=3d744e948d50b6b3&ts=223&x=0"
X-Firefox-Spdy: h2
GET remarkedoneoftheo.org/N1A1ZlEYb1YVbGFiQSwzcQZSMz9HM28LE1U2WVMiVWFdUAYFERMSOFNtDFZpB2UDQCFeNAhXd0QkVBIkRG0EQDhZNlpbd0FtBEhiA34GUH8DdkBbYBEkRQc2CmETFiVDPAhXZgNgA1VjBmEFUGUD
204 No Content 0 B URL GET HTTP/2 remarkedoneoftheo.org/N1A1ZlEYb1YVbGFiQSwzcQZSMz9HM28LE1U2WVMiVWFdUAYFERMSOFNtDFZpB2UDQCFeNAhXd0QkVBIkRG0EQDhZNlpbd0FtBEhiA34GUH8DdkBbYBEkRQc2CmETFiVDPAhXZgNgA1VjBmEFUGUD
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /N1A1ZlEYb1YVbGFiQSwzcQZSMz9HM28LE1U2WVMiVWFdUAYFERMSOFNtDFZpB2UDQCFeNAhXd0QkVBIkRG0EQDhZNlpbd0FtBEhiA34GUH8DdkBbYBEkRQc2CmETFiVDPAhXZgNgA1VjBmEFUGUD HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 27 Feb 2025 04:55:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47aiVA6J6x7EROJI%2F4c%2BmkOUXvAZ4erBXbvjk1Y7X4QQb4JKi%2BCaeK%2BagtgS4ejlQajz2cRcSV2D%2F5ddbUuu4cD5QWH1VJz3yXzSmz6RGadtEqVstOZEtVy7XHpl47DVyg5PxOk4uuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594c4ecb67127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=530&min_rtt=410&rtt_var=254&sent=10&recv=13&lost=0&retrans=0&sent_bytes=3805&recv_bytes=1574&delivery_rate=7970642&cwnd=252&unsent_bytes=0&cid=3d744e948d50b6b3&ts=227&x=0"
X-Firefox-Spdy: h2
GET remarkedoneoftheo.org/SUppNjRmdQpFCSseK0BgJDIIdWJwcj5wZQ4dIVJWES0FU1EPJU9CXS13UAEAe35aEEQgLlQHDG85HVdAPDlUBxIgJA9ZCW88VAcaeWRbGAFvP1QHEj06CFEJeGwZQkAld1gBAHl8WgQFeHpfAAI
204 No Content 0 B URL GET HTTP/2 remarkedoneoftheo.org/SUppNjRmdQpFCSseK0BgJDIIdWJwcj5wZQ4dIVJWES0FU1EPJU9CXS13UAEAe35aEEQgLlQHDG85HVdAPDlUBxIgJA9ZCW88VAcaeWRbGAFvP1QHEj06CFEJeGwZQkAld1gBAHl8WgQFeHpfAAI
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SUppNjRmdQpFCSseK0BgJDIIdWJwcj5wZQ4dIVJWES0FU1EPJU9CXS13UAEAe35aEEQgLlQHDG85HVdAPDlUBxIgJA9ZCW88VAcaeWRbGAFvP1QHEj06CFEJeGwZQkAld1gBAHl8WgQFeHpfAAI HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 27 Feb 2025 04:55:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdtD%2BGVYKCMkEoyNaD8%2FyTcUQqTFXLYZ97r%2FnA0E1eqXsNAK%2BmFzEiBHJ3BQU302dg3FGqPYJ7SP%2FDSW0RbmSG6q53vCpud2%2FNfXTEQecFAjYlx0kOkJ9312Vm9DMqeMooqH9wGDoOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594c4ecbb7127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1039&min_rtt=410&rtt_var=1207&sent=11&recv=14&lost=0&retrans=0&sent_bytes=4231&recv_bytes=1574&delivery_rate=7970642&cwnd=254&unsent_bytes=0&cid=3d744e948d50b6b3&ts=230&x=0"
X-Firefox-Spdy: h2
POST fouterwicket.shop/gd/70849?md=eyJhIjo5NDA4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExNDB4NTAwIiwiciI6Imh0dHBzOi8vcGlua2hlYXJ0bW92aWVzLnh5ei8iLCJxIjoiaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYiIsImgiOjY3LCJsIjoiZW4tVVMiLCJ0IjowLCJ6IjoxNTY2LCJrIjowLCJ1IjoiIiwiZiI6dHJ1ZSwid2giOiIxMTQweDUwMCIsImloIjoiMTI4MHgxMDI0IiwiZSI6ImMwMTJrcWV6Zmgzajl1aSIsIm8iOnRydWUsIm0iOjE3NDA2MzIxMTA3NDksInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMmhhcmRfY3BsJTIwTElWRSUyMDMlMjAlRTAlQTQlQUMlRTAlQTQlQTElRTAlQTQlQkMlRTAlQTUlODclMjAlRTAlQTQlQUMlRTAlQTUlODIlRTAlQTQlQUMlRTAlQTUlOEQlRTAlQTQlOUMlRTAlQTQlQkMlMjAlRTAlQTQlQjUlRTAlQTQlQkUlRTAlQTQlQjIlRTAlQTUlODAlMjAlRTAlQTQlQUQlRTAlQTQlQkUlRTAlQTQlQUQlRTAlQTUlODBfX0RPTkUlMjAtJTIwRG9vZCUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJsaXZlJTNBNSUyMiUyQyUyMndpbmRvdyUzQTUlMjIlMkMlMjJ5b3UlM0E0JTIyJTVEJTdEIiwidHMiOjAsInByIjoxLCJoYyI6NDgsImJsIjotMSwiYmMiOjMsInZ2IjoidW5jaGVja2VkIiwidnIiOiJ1bmNoZWNrZWQiLCJhYyI6MTYsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6NjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJmcyI6bnVsbCwiZnNvIjpudWxsfQ&pr=1YB8DBYXc1mTRxnxJxgO3A
200 OK 20 B URL POST HTTP/1.1 fouterwicket.shop/gd/70849?md=eyJhIjo5NDA4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExNDB4NTAwIiwiciI6Imh0dHBzOi8vcGlua2hlYXJ0bW92aWVzLnh5ei8iLCJxIjoiaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYiIsImgiOjY3LCJsIjoiZW4tVVMiLCJ0IjowLCJ6IjoxNTY2LCJrIjowLCJ1IjoiIiwiZiI6dHJ1ZSwid2giOiIxMTQweDUwMCIsImloIjoiMTI4MHgxMDI0IiwiZSI6ImMwMTJrcWV6Zmgzajl1aSIsIm8iOnRydWUsIm0iOjE3NDA2MzIxMTA3NDksInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMmhhcmRfY3BsJTIwTElWRSUyMDMlMjAlRTAlQTQlQUMlRTAlQTQlQTElRTAlQTQlQkMlRTAlQTUlODclMjAlRTAlQTQlQUMlRTAlQTUlODIlRTAlQTQlQUMlRTAlQTUlOEQlRTAlQTQlOUMlRTAlQTQlQkMlMjAlRTAlQTQlQjUlRTAlQTQlQkUlRTAlQTQlQjIlRTAlQTUlODAlMjAlRTAlQTQlQUQlRTAlQTQlQkUlRTAlQTQlQUQlRTAlQTUlODBfX0RPTkUlMjAtJTIwRG9vZCUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJsaXZlJTNBNSUyMiUyQyUyMndpbmRvdyUzQTUlMjIlMkMlMjJ5b3UlM0E0JTIyJTVEJTdEIiwidHMiOjAsInByIjoxLCJoYyI6NDgsImJsIjotMSwiYmMiOjMsInZ2IjoidW5jaGVja2VkIiwidnIiOiJ1bmNoZWNrZWQiLCJhYyI6MTYsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6NjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJmcyI6bnVsbCwiZnNvIjpudWxsfQ&pr=1YB8DBYXc1mTRxnxJxgO3A
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerLet's Encrypt
Subjectfouterwicket.shop
FingerprintBA:8B:9A:CC:CA:80:77:87:BD:01:69:65:7E:F9:37:ED:3F:81:F2:DB
ValidityTue, 07 Jan 2025 13:18:25 GMT - Mon, 07 Apr 2025 13:18:24 GMT
File type gzip compressed data, from Unix
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
OPTIONS /gd/70849?md=eyJhIjo5NDA4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExNDB4NTAwIiwiciI6Imh0dHBzOi8vcGlua2hlYXJ0bW92aWVzLnh5ei8iLCJxIjoiaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYiIsImgiOjY3LCJsIjoiZW4tVVMiLCJ0IjowLCJ6IjoxNTY2LCJrIjowLCJ1IjoiIiwiZiI6dHJ1ZSwid2giOiIxMTQweDUwMCIsImloIjoiMTI4MHgxMDI0IiwiZSI6ImMwMTJrcWV6Zmgzajl1aSIsIm8iOnRydWUsIm0iOjE3NDA2MzIxMTA3NDksInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMmhhcmRfY3BsJTIwTElWRSUyMDMlMjAlRTAlQTQlQUMlRTAlQTQlQTElRTAlQTQlQkMlRTAlQTUlODclMjAlRTAlQTQlQUMlRTAlQTUlODIlRTAlQTQlQUMlRTAlQTUlOEQlRTAlQTQlOUMlRTAlQTQlQkMlMjAlRTAlQTQlQjUlRTAlQTQlQkUlRTAlQTQlQjIlRTAlQTUlODAlMjAlRTAlQTQlQUQlRTAlQTQlQkUlRTAlQTQlQUQlRTAlQTUlODBfX0RPTkUlMjAtJTIwRG9vZCUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJsaXZlJTNBNSUyMiUyQyUyMndpbmRvdyUzQTUlMjIlMkMlMjJ5b3UlM0E0JTIyJTVEJTdEIiwidHMiOjAsInByIjoxLCJoYyI6NDgsImJsIjotMSwiYmMiOjMsInZ2IjoidW5jaGVja2VkIiwidnIiOiJ1bmNoZWNrZWQiLCJhYyI6MTYsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6NjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJmcyI6bnVsbCwiZnNvIjpudWxsfQ&pr=1YB8DBYXc1mTRxnxJxgO3A HTTP/1.1
Host: fouterwicket.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dooodster.com/
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dooodster.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
POST fouterwicket.shop/gd/70849?md=eyJhIjo5NDA4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExNDB4NTAwIiwiciI6Imh0dHBzOi8vcGlua2hlYXJ0bW92aWVzLnh5ei8iLCJxIjoiaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYiIsImgiOjY3LCJsIjoiZW4tVVMiLCJ0IjowLCJ6IjoxNTY2LCJrIjowLCJ1IjoiIiwiZiI6dHJ1ZSwid2giOiIxMTQweDUwMCIsImloIjoiMTI4MHgxMDI0IiwiZSI6ImMwMTJrcWV6Zmgzajl1aSIsIm8iOnRydWUsIm0iOjE3NDA2MzIxMTA3NDksInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMmhhcmRfY3BsJTIwTElWRSUyMDMlMjAlRTAlQTQlQUMlRTAlQTQlQTElRTAlQTQlQkMlRTAlQTUlODclMjAlRTAlQTQlQUMlRTAlQTUlODIlRTAlQTQlQUMlRTAlQTUlOEQlRTAlQTQlOUMlRTAlQTQlQkMlMjAlRTAlQTQlQjUlRTAlQTQlQkUlRTAlQTQlQjIlRTAlQTUlODAlMjAlRTAlQTQlQUQlRTAlQTQlQkUlRTAlQTQlQUQlRTAlQTUlODBfX0RPTkUlMjAtJTIwRG9vZCUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJsaXZlJTNBNSUyMiUyQyUyMndpbmRvdyUzQTUlMjIlMkMlMjJ5b3UlM0E0JTIyJTVEJTdEIiwidHMiOjAsInByIjoxLCJoYyI6NDgsImJsIjotMSwiYmMiOjMsInZ2IjoidW5jaGVja2VkIiwidnIiOiJ1bmNoZWNrZWQiLCJhYyI6MTYsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6NjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJmcyI6bnVsbCwiZnNvIjpudWxsfQ&pr=1YB8DBYXc1mTRxnxJxgO3A
200 OK 550 B URL POST HTTP/1.1 fouterwicket.shop/gd/70849?md=eyJhIjo5NDA4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExNDB4NTAwIiwiciI6Imh0dHBzOi8vcGlua2hlYXJ0bW92aWVzLnh5ei8iLCJxIjoiaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYiIsImgiOjY3LCJsIjoiZW4tVVMiLCJ0IjowLCJ6IjoxNTY2LCJrIjowLCJ1IjoiIiwiZiI6dHJ1ZSwid2giOiIxMTQweDUwMCIsImloIjoiMTI4MHgxMDI0IiwiZSI6ImMwMTJrcWV6Zmgzajl1aSIsIm8iOnRydWUsIm0iOjE3NDA2MzIxMTA3NDksInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMmhhcmRfY3BsJTIwTElWRSUyMDMlMjAlRTAlQTQlQUMlRTAlQTQlQTElRTAlQTQlQkMlRTAlQTUlODclMjAlRTAlQTQlQUMlRTAlQTUlODIlRTAlQTQlQUMlRTAlQTUlOEQlRTAlQTQlOUMlRTAlQTQlQkMlMjAlRTAlQTQlQjUlRTAlQTQlQkUlRTAlQTQlQjIlRTAlQTUlODAlMjAlRTAlQTQlQUQlRTAlQTQlQkUlRTAlQTQlQUQlRTAlQTUlODBfX0RPTkUlMjAtJTIwRG9vZCUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJsaXZlJTNBNSUyMiUyQyUyMndpbmRvdyUzQTUlMjIlMkMlMjJ5b3UlM0E0JTIyJTVEJTdEIiwidHMiOjAsInByIjoxLCJoYyI6NDgsImJsIjotMSwiYmMiOjMsInZ2IjoidW5jaGVja2VkIiwidnIiOiJ1bmNoZWNrZWQiLCJhYyI6MTYsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6NjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJmcyI6bnVsbCwiZnNvIjpudWxsfQ&pr=1YB8DBYXc1mTRxnxJxgO3A
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerLet's Encrypt
Subjectfouterwicket.shop
FingerprintBA:8B:9A:CC:CA:80:77:87:BD:01:69:65:7E:F9:37:ED:3F:81:F2:DB
ValidityTue, 07 Jan 2025 13:18:25 GMT - Mon, 07 Apr 2025 13:18:24 GMT
Hash 342580f31d981a62a938181afd36edbc
171bd0d52b435380102dfe82e4530fef7d91b649
299a7583ad836a18fb6989e4ce7d0fd31f0b667ab9f68dfd437952c97d25c53c
POST /gd/70849?md=eyJhIjo5NDA4LCJzIjoiMTI4MHgxMDI0IiwiYiI6IjExNDB4NTAwIiwiciI6Imh0dHBzOi8vcGlua2hlYXJ0bW92aWVzLnh5ei8iLCJxIjoiaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYiIsImgiOjY3LCJsIjoiZW4tVVMiLCJ0IjowLCJ6IjoxNTY2LCJrIjowLCJ1IjoiIiwiZiI6dHJ1ZSwid2giOiIxMTQweDUwMCIsImloIjoiMTI4MHgxMDI0IiwiZSI6ImMwMTJrcWV6Zmgzajl1aSIsIm8iOnRydWUsIm0iOjE3NDA2MzIxMTA3NDksInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMmhhcmRfY3BsJTIwTElWRSUyMDMlMjAlRTAlQTQlQUMlRTAlQTQlQTElRTAlQTQlQkMlRTAlQTUlODclMjAlRTAlQTQlQUMlRTAlQTUlODIlRTAlQTQlQUMlRTAlQTUlOEQlRTAlQTQlOUMlRTAlQTQlQkMlMjAlRTAlQTQlQjUlRTAlQTQlQkUlRTAlQTQlQjIlRTAlQTUlODAlMjAlRTAlQTQlQUQlRTAlQTQlQkUlRTAlQTQlQUQlRTAlQTUlODBfX0RPTkUlMjAtJTIwRG9vZCUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJsaXZlJTNBNSUyMiUyQyUyMndpbmRvdyUzQTUlMjIlMkMlMjJ5b3UlM0E0JTIyJTVEJTdEIiwidHMiOjAsInByIjoxLCJoYyI6NDgsImJsIjotMSwiYmMiOjMsInZ2IjoidW5jaGVja2VkIiwidnIiOiJ1bmNoZWNrZWQiLCJhYyI6MTYsImN0IjoidW5rbm93biIsImNldCI6InVua25vd24iLCJjZGxtIjotMSwiY2RsIjotMSwiY3J0dCI6LTEsInRtcyI6NjAsImNlIjp0cnVlLCJjZCI6MjQsIm9yIjoibGFuZHNjYXBlLXByaW1hcnkiLCJmcyI6bnVsbCwiZnNvIjpudWxsfQ&pr=1YB8DBYXc1mTRxnxJxgO3A HTTP/1.1
Host: fouterwicket.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
Content-Type: application/json
Content-Length: 82
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:11 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://dooodster.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2B2dUFnYQDeASKlPDqi1fwkRT6B%2BtCuykV9PYSE32bTH6T8TwvKB7gb8kZ4afgeGKsbdqaV21ZD62o%2Br5tGl72vC1ZxceR46zWzol%2BJhfhtC7Cus5tES4TabJq6AYjKcPjof6aqza7jhD3VmiZIV4OMWdIe2v2lWwRItJiIaSvytJovg4hPoxFyJ7rIyt9ZL9EYNYizO%2BQviktj2V%2BQcDKPE883N9m4UZjl07JxEc8WSEJ%2FgtOg3A0GfuNVNJ6deYGmFl2%2F%2F73ONxZiUTSpgZCbNw72R%2B3Z03l; expires=Fri, 28-Feb-2025 04:55:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Fri, 28-Feb-2025 04:55:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
GET dg370v.cloudatacdn.com/favicon.ico?i
200 OK 15 kB URL GET HTTP/1.1 dg370v.cloudatacdn.com/favicon.ico?i
IP
Requested by moz-nullprincipal:{5871d625-b441-4b26-90ae-bc461eff3ebc}?https://dooodster.com
Certificate IssuerSectigo Limited
Subject*.cloudatacdn.com
FingerprintD9:CB:D6:1F:B4:DA:36:1F:52:6C:5B:2E:68:48:4B:77:51:76:16:5B
ValidityWed, 31 Jul 2024 00:00:00 GMT - Thu, 31 Jul 2025 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 30d3656f43c817e38c3e7d70b2bfbdad
1aa43b43755e7cba5e145d0978517f7bedad7da6
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
GET /favicon.ico?i HTTP/1.1
Host: dg370v.cloudatacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 04:55:11 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 15406
Connection: keep-alive
Last-Modified: Sat, 29 Feb 2020 09:26:04 GMT
ETag: "3c2e-59fb38b06e300"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
POST shakingtacklingunpeeled.com/solid.gif?z=1999414&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBev4Bxa-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&psr=2ksT9nNaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&ix=0&x=1140&y=500&md=0&psu=nFl85FAaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYg&afid=2928823833071616&eclog=0&seu=QS1F6K4aHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&snc=0&ssc=0&vp=1&im=1&noch=1&de=0&cs=5
200 OK 43 B URL POST HTTP/2 shakingtacklingunpeeled.com/solid.gif?z=1999414&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBev4Bxa-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&psr=2ksT9nNaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&ix=0&x=1140&y=500&md=0&psu=nFl85FAaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYg&afid=2928823833071616&eclog=0&seu=QS1F6K4aHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&snc=0&ssc=0&vp=1&im=1&noch=1&de=0&cs=5
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint4D:79:44:BF:B1:21:6E:06:AE:F6:CB:C3:96:AB:03:90:80:2B:CF:E6
ValidityFri, 20 Sep 2024 14:45:34 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1999414&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBev4Bxa-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&psr=2ksT9nNaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&ix=0&x=1140&y=500&md=0&psu=nFl85FAaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYg&afid=2928823833071616&eclog=0&seu=QS1F6K4aHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&snc=0&ssc=0&vp=1&im=1&noch=1&de=0&cs=5 HTTP/1.1
Host: shakingtacklingunpeeled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:11 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Thu, 02 Apr 2026 04:55:11 GMT; Secure; SameSite=None
UID=25022623553eb531bbb0b0427a88af002d25; Path=/; Expires=Thu, 02 Apr 2026 04:55:11 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET d1f05vr3sjsuy7.cloudfront.net/ZRlJiSXQlPQwvSzI7BnRNdmpSfEJgIhAsEns2DSYbIiEWLAZoMQ0kUiwhDScEews7DTIJIToYIAo9URwQPHQWMxB7YkQlFSg1X28RKDFfeFInNgB0QGAmEiYfezAEJhgvOw0+Bi10FyhJKz0YIBgqM0d7MnN8UmxGdnoVIBoiPRU6UXRiDD1RdGJTeVp2d1-ELUXRiFSAacGZHejZjYFIxQnJ3UQtRdGIQP1F1E1N6QGhiS2xGdjUHKh8pd1APRnZjUnlFdmNHe0QgOxAsEikqR3syd2FWZ0RgJ194
200 OK 631 B URL GET HTTP/2 d1f05vr3sjsuy7.cloudfront.net/ZRlJiSXQlPQwvSzI7BnRNdmpSfEJgIhAsEns2DSYbIiEWLAZoMQ0kUiwhDScEews7DTIJIToYIAo9URwQPHQWMxB7YkQlFSg1X28RKDFfeFInNgB0QGAmEiYfezAEJhgvOw0+Bi10FyhJKz0YIBgqM0d7MnN8UmxGdnoVIBoiPRU6UXRiDD1RdGJTeVp2d1-ELUXRiFSAacGZHejZjYFIxQnJ3UQtRdGIQP1F1E1N6QGhiS2xGdjUHKh8pd1APRnZjUnlFdmNHe0QgOxAsEikqR3syd2FWZ0RgJ194
IP
Requested by https://hecathedralinth.org/QzNOSWQiUS0kWyIOLG8RMV9zbFYFFnwPAHJVfnwSMQA9Ixc2SnlnBy9cOy0CMVwgPUotVjpsVgVpHCUuKmAWGAgTYjk/Nzl6eQsKEX0qJBQQVQsDAwpbDzohLUB8DTcaUQcgIRR/DxMLDmJ+IjEqRCYNNyB2Kz4XdHcaAC4KZyEQLQJcdxw2NGIeATUUfjYLUxpYHyUiEFR/EVZ7YQUNIiVWCAAKDVQMeTUEciMMDRpVKzMlBnkmLhIMRH5sVgFxJ3hUBUomAy85AxcAJiRCA3kAdH4gB1wWXjYOAC1cGAAmLFoeGzF1ZhYbDQd3fxsABHkaLDIzASp4SQZ/GxE2KnUdCAUgdBQBASlpJBAiCksfJy5wZh89Nid0Bxg0cnV/DFUNBR8ODCpgfDEjJ1kbAS8rCz4tVQJjHCc+KWYgJSInXgABAXNiKQYcAkALIA8yYX06HScBCB4+c2EpA1V6B2gjFyxdPnQ9GncIBhcbYhoFC3BmKjM
Certificate IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT
File type ASCII text, with very long lines (883), with no line terminators
Hash 0b6e84e15b7d504f5850dc15810f2e7d
4632c7da19bb2a417077ea3f1580d85ed9a07cba
7d8ceb671ad6cd30df8776543b451953be4c1634b05055b7ca8266fd4337ba70
GET /ZRlJiSXQlPQwvSzI7BnRNdmpSfEJgIhAsEns2DSYbIiEWLAZoMQ0kUiwhDScEews7DTIJIToYIAo9URwQPHQWMxB7YkQlFSg1X28RKDFfeFInNgB0QGAmEiYfezAEJhgvOw0+Bi10FyhJKz0YIBgqM0d7MnN8UmxGdnoVIBoiPRU6UXRiDD1RdGJTeVp2d1-ELUXRiFSAacGZHejZjYFIxQnJ3UQtRdGIQP1F1E1N6QGhiS2xGdjUHKh8pd1APRnZjUnlFdmNHe0QgOxAsEikqR3syd2FWZ0RgJ194 HTTP/1.1
Host: d1f05vr3sjsuy7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hecathedralinth.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 631
date: Thu, 27 Feb 2025 04:55:11 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bUNPPYxV65kq2Z90neRaGSZA2-j75oLWlwd22_LGuDE_UwWZ1Wp62w==
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBB:4E:17:F4:9E:56:B5:92:B9:18:49:BF:8D:2C:CB:84:B0:ED:95:CA
ValidityMon, 10 Feb 2025 08:52:24 GMT - Mon, 05 May 2025 08:52:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:q_7cZTum2CtYiVYHBsowXwfc_0wHZw:S9jlSg9v_a9TVlFf; Expires=Sat, 27-Feb-2027 04:55:11 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Feb 2025 04:55:11 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHyko4dnlnJSbXliRfHfakEA1cV5VDLU1SNPa-Gc1Cnhi2e9mS6IZVF_j8Ql1mueVoFewrSjRT9A
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-7m4xNg0Y5fvmiOLpHxszxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBB:4E:17:F4:9E:56:B5:92:B9:18:49:BF:8D:2C:CB:84:B0:ED:95:CA
ValidityMon, 10 Feb 2025 08:52:24 GMT - Mon, 05 May 2025 08:52:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:ePKqq4vQnRvqkct9OLpo57BFe8uAqQ:BhQVXxmQtC8pUMyx; Expires=Sat, 27-Feb-2027 04:55:11 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Feb 2025 04:55:11 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHykpz_IUCERsaAXL88QhPtiyiQtNXc5lxyZ8J8zJIbeDG9wnEs292vctLNFINUnVFAHJX9OVNDA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-vx3PeW9RpVhQifFoQ0GtPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET ukankingwithea.com/asd100.bin
200 OK 103 kB URL GET HTTP/2 ukankingwithea.com/asd100.bin
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
FingerprintE8:14:F0:35:7D:16:C6:75:8B:49:F3:D0:CD:D7:52:BF:0E:4A:BA:B8
ValidityWed, 01 Jan 2025 13:14:55 GMT - Tue, 01 Apr 2025 14:13:37 GMT
Size 103 kB (102679 bytes)
Hash 3ea6b3c1131e1aeef885dc2fe8bf7261
4ae2b725acafe6281d0c655ac0ddb5b61b75435d
5139e9cca13550b669ee7aef73305ecd336473d5c0efae84ef9fb061765f2968
GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:11 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://dooodster.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5757
last-modified: Thu, 27 Feb 2025 03:19:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BBQ6WX2XCMUQKyOh4lu%2FDQpy7SYA5fCzohJuR5T8iebOqUS%2FRe94VdaoUUcw%2FPMKxvNLcwKMuNx6BSU0ttrfHRbfOKyE%2BivbItroB5kH8UpepifqtFdN1pvPvta24JjwUCF65iQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594c85f487127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=753&min_rtt=445&rtt_var=615&sent=9&recv=14&lost=0&retrans=0&sent_bytes=3293&recv_bytes=1429&delivery_rate=7784946&cwnd=252&unsent_bytes=0&cid=004c55699bde777b&ts=91&x=0"
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHyko4dnlnJSbXliRfHfakEA1cV5VDLU1SNPa-Gc1Cnhi2e9mS6IZVF_j8Ql1mueVoFewrSjRT9A
302 Found 425 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHyko4dnlnJSbXliRfHfakEA1cV5VDLU1SNPa-Gc1Cnhi2e9mS6IZVF_j8Ql1mueVoFewrSjRT9A
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBB:4E:17:F4:9E:56:B5:92:B9:18:49:BF:8D:2C:CB:84:B0:ED:95:CA
ValidityMon, 10 Feb 2025 08:52:24 GMT - Mon, 05 May 2025 08:52:23 GMT
File type HTML document, ASCII text, with very long lines (394)
Hash 2df301efdcf6ec5d8062d3cadbfd7114
eb05a30a7af85659b26c8a3646b0991f483a0bee
1cb98bfa51d138406b50bb281d569a60cfd87eaa50aab825cd0f37aaaed5e73a
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASSHyko4dnlnJSbXliRfHfakEA1cV5VDLU1SNPa-Gc1Cnhi2e9mS6IZVF_j8Ql1mueVoFewrSjRT9A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:3ZcUffObrQueZmRvcgrQbQbYRxUOlw:5eBh7lJiOj7ZLaLX;Path=/;Expires=Sat, 27-Feb-2027 04:55:11 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Feb 2025 04:55:11 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHykqv_8Q0Y4sjuZCWjgxGfBGXh13mwbt7li0kQyB69cTB-BIaqYE9bK4IrIQ-fVQX-bC6veOTxA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1948290841%3A1740632111543535&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-wU4ut_2A53YDcdB1mrt93g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHykpz_IUCERsaAXL88QhPtiyiQtNXc5lxyZ8J8zJIbeDG9wnEs292vctLNFINUnVFAHJX9OVNDA
302 Found 419 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHykpz_IUCERsaAXL88QhPtiyiQtNXc5lxyZ8J8zJIbeDG9wnEs292vctLNFINUnVFAHJX9OVNDA
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBB:4E:17:F4:9E:56:B5:92:B9:18:49:BF:8D:2C:CB:84:B0:ED:95:CA
ValidityMon, 10 Feb 2025 08:52:24 GMT - Mon, 05 May 2025 08:52:23 GMT
File type HTML document, ASCII text, with very long lines (390)
Hash a74c39cd3654d33927fdeb72d8a82861
d01f9e1b7595d7cd9a531caef72463388dc4ee7a
8026b6e011e2a0accccc5f985902ec28de44944e18a478f4dbd4c2273dc3ad74
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASSHykpz_IUCERsaAXL88QhPtiyiQtNXc5lxyZ8J8zJIbeDG9wnEs292vctLNFINUnVFAHJX9OVNDA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:6oEqvNpdpXJFPlwzs7seK0Pa7pTpzQ:aPNZePHr3Pg7nsGO;Path=/;Expires=Sat, 27-Feb-2027 04:55:11 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Feb 2025 04:55:11 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykrZCjMcrkbVrlIb5BksEr6TIkHma3gniXYnU4JoDicsDtSJiIuCxX-GP8SZ_gMjeMJE6r0fnQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1010333518%3A1740632111544909&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-4wJyIjLqDphGOccAsoULWQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 419
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHykqv_8Q0Y4sjuZCWjgxGfBGXh13mwbt7li0kQyB69cTB-BIaqYE9bK4IrIQ-fVQX-bC6veOTxA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1948290841%3A1740632111543535&ddm=1
403 Forbidden 874 B URL GET HTTP/2 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHykqv_8Q0Y4sjuZCWjgxGfBGXh13mwbt7li0kQyB69cTB-BIaqYE9bK4IrIQ-fVQX-bC6veOTxA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1948290841%3A1740632111543535&ddm=1
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBB:4E:17:F4:9E:56:B5:92:B9:18:49:BF:8D:2C:CB:84:B0:ED:95:CA
ValidityMon, 10 Feb 2025 08:52:24 GMT - Mon, 05 May 2025 08:52:23 GMT
Hash eb61714118d32950fe4a0b3026ebf22b
bac5af8525205c7508c77ef80b12b81067683fbd
bfe4af2697c64d3b784f5053620d941b468e7b7a0873c3179403546477201f22
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASSHykqv_8Q0Y4sjuZCWjgxGfBGXh13mwbt7li0kQyB69cTB-BIaqYE9bK4IrIQ-fVQX-bC6veOTxA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1948290841%3A1740632111543535&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Feb 2025 04:55:11 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-syUjSWTu6DXBKxgoBZYJIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.4HZuFT5d2vk.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET getrunkhomuto.info/multi?cs=RmdpRUd%2BUlt2cHZXUXRwdl5RcHc&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=1&tid=901258&rxy=1280_1024&u=369014800682439&agec=1740632111&fs=1&mbkb=124.84394506866417&ref=https%3A%2F%2Fdooodster.com%2Fe%2Fseyydirtqz66uk51cnib56qkt1c5wqb&osr=pinkheartmovies.xyz&jst=8&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_zcFI=1740632111703&crc=1
200 OK 41 B URL GET HTTP/2 getrunkhomuto.info/multi?cs=RmdpRUd%2BUlt2cHZXUXRwdl5RcHc&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=1&tid=901258&rxy=1280_1024&u=369014800682439&agec=1740632111&fs=1&mbkb=124.84394506866417&ref=https%3A%2F%2Fdooodster.com%2Fe%2Fseyydirtqz66uk51cnib56qkt1c5wqb&osr=pinkheartmovies.xyz&jst=8&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_zcFI=1740632111703&crc=1
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerAmazon
Subjectgetrunkhomuto.info
Fingerprint07:6C:15:28:EC:56:65:DE:8C:55:1C:BF:A5:DB:7B:96:8F:38:56:0E
ValidityMon, 01 Apr 2024 00:00:00 GMT - Wed, 30 Apr 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash d39207bea620cffa8e65d3b12e8f1547
220ebce5a61ee5d771133e1cd20c469443ccfd76
f058a19c34ccdfbb47e68ba58b254ffa5d774fdaeeaa0b1fb9f19d3c055c0a21
GET /multi?cs=RmdpRUd%2BUlt2cHZXUXRwdl5RcHc&abt=0&red=1&sm=76&k=&v=1.0.60.4&sts=0&prn=0&emb=1&tid=901258&rxy=1280_1024&u=369014800682439&agec=1740632111&fs=1&mbkb=124.84394506866417&ref=https%3A%2F%2Fdooodster.com%2Fe%2Fseyydirtqz66uk51cnib56qkt1c5wqb&osr=pinkheartmovies.xyz&jst=8&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64%3B%20rv%3A134.0)%20gecko%2F20100101%20firefox%2F134.0&tzd=0&uloc=&if=0&_zcFI=1740632111703&crc=1 HTTP/1.1
Host: getrunkhomuto.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
content-length: 41
date: Thu, 27 Feb 2025 04:55:11 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=fs0aDr2QfLjdLlSC2hfVsMdsoc+otFPt/+KbhdC86kljdP2yRUi9ZP2WWLqso4wRPhvME3WIDeyJ4spqp3e37by1J2hkje6Ewh+z945mgrfYx36wuX6zhp2K+K7k; Expires=Thu, 06 Mar 2025 04:55:11 GMT; Path=/
AWSALBCORS=fs0aDr2QfLjdLlSC2hfVsMdsoc+otFPt/+KbhdC86kljdP2yRUi9ZP2WWLqso4wRPhvME3WIDeyJ4spqp3e37by1J2hkje6Ewh+z945mgrfYx36wuX6zhp2K+K7k; Expires=Thu, 06 Mar 2025 04:55:11 GMT; Path=/; SameSite=None
csu=cc9b9be1-e061-4545-800b-73557c0d1053
csu=369014800682439
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://dooodster.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 ff51bc3614c373d274030fe4ca1a34fc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: VI4dhLd_kY34jgKCNMlWlJKOkBME3_6TFxb6oXdb2FFAsdaBQPL-Ow==
X-Firefox-Spdy: h2
GET ukankingwithea.com/
200 OK 11 kB IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectukankingwithea.com
FingerprintE8:14:F0:35:7D:16:C6:75:8B:49:F3:D0:CD:D7:52:BF:0E:4A:BA:B8
ValidityWed, 01 Jan 2025 13:14:55 GMT - Tue, 01 Apr 2025 14:13:37 GMT
File type ASCII text, with no line terminators
Hash ee029702f5c56b44d89984448b542e5e
b1a1c570ca0e91e078bc50d2205beffd3b1bc5be
94e654dc5e941a9b3f4d5ed47235fba7a5a714a1f762eabc64531b614f375f94
GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:11 GMT
content-type: text/plain
set-cookie: csu=369014800682439@1@1740632111; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://dooodster.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bmyw18GPAtf%2F3Hodalie6QKLtnr4VZ%2FgeR3Y8y5HvfkzpBpzeKDEHjZzIxTznVwCePqFkTYuG194OSjGUD8HRJhfEDTGkvqKw7EbIZcdjIWB78IhwBXzc6E8aoUnT95%2Fy10uQsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594c86f517127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=649&min_rtt=432&rtt_var=156&sent=162&recv=54&lost=0&retrans=0&sent_bytes=211886&recv_bytes=1429&delivery_rate=42145530&cwnd=214&unsent_bytes=0&cid=004c55699bde777b&ts=321&x=0"
X-Firefox-Spdy: h2
GET shakingtacklingunpeeled.com/get/1999414?zoneid=1999414&jp=_clumltayujeqkwjnnimchn&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBev4Bxa-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&psr=2ksT9nNaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&ix=0&x=1140&y=500&md=0&psu=nFl85FAaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYg&afid=2928823833071616&eclog=0&seu=QS1F6K4aHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&snc=0&ssc=0&vp=1&im=1&noch=1&de=0&cs=5&uf=0
200 OK 12 kB URL GET HTTP/2 shakingtacklingunpeeled.com/get/1999414?zoneid=1999414&jp=_clumltayujeqkwjnnimchn&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBev4Bxa-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&psr=2ksT9nNaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&ix=0&x=1140&y=500&md=0&psu=nFl85FAaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYg&afid=2928823833071616&eclog=0&seu=QS1F6K4aHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&snc=0&ssc=0&vp=1&im=1&noch=1&de=0&cs=5&uf=0
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint4D:79:44:BF:B1:21:6E:06:AE:F6:CB:C3:96:AB:03:90:80:2B:CF:E6
ValidityFri, 20 Sep 2024 14:45:34 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type gzip compressed data, from Unix
Hash 898750f03a12278c240c45193b344537
81dd922fa6e0711740e04e6e7f26b6dd35c0fdab
e22683104061e6695655e8eeb82d54c081df37681c2b1239e400e6616cd4521a
GET /get/1999414?zoneid=1999414&jp=_clumltayujeqkwjnnimchn&nojs=0&abvar=0&febuild=1.0.484&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBev4Bxa-f&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&psr=2ksT9nNaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&ix=0&x=1140&y=500&md=0&psu=nFl85FAaHR0cHM6Ly9kb29vZHN0ZXIuY29tL2Uvc2V5eWRpcnRxejY2dWs1MWNuaWI1NnFrdDFjNXdxYg&afid=2928823833071616&eclog=0&seu=QS1F6K4aHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6Lw&snc=0&ssc=0&vp=1&im=1&noch=1&de=0&cs=5&uf=0 HTTP/1.1
Host: shakingtacklingunpeeled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:11 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Thu, 02 Apr 2026 04:55:11 GMT; Secure; SameSite=None
UID=2502262355593b6b750ca94bccb6a0ccc415; Path=/; Expires=Thu, 02 Apr 2026 04:55:11 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET i.doodcdn.co/get_slides/1271/vgmjruvngbqa39i0.jpg
200 OK 3.2 kB URL GET HTTP/3 i.doodcdn.co/get_slides/1271/vgmjruvngbqa39i0.jpg
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type ASCII text, with very long lines (3268), with no line terminators
Hash fe7233c1379db6d2c253686b851f32ce
bee68a2430987dba761f65bf1c365f9047b92317
565d742705b35f819bdba081750fd1bb79580df8f4c770023a1c70bc599b2595
GET /get_slides/1271/vgmjruvngbqa39i0.jpg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: text/vtt
access-control-allow-origin: *
last-modified: Wed, 26 Feb 2025 07:51:54 GMT
cache-control: max-age=86400
cf-cache-status: HIT
priority: u=3,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594c2adfb56bf-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET hecathedralinth.org/QzNOSWQiUS0kWyIOLG8RMV9zbFYFFnwPAHJVfnwSMQA9Ixc2SnlnBy9cOy0CMVwgPUotVjpsVgVpHCUuKmAWGAgTYjk/Nzl6eQsKEX0qJBQQVQsDAwpbDzohLUB8DTcaUQcgIRR/DxMLDmJ+IjEqRCYNNyB2Kz4XdHcaAC4KZyEQLQJcdxw2NGIeATUUfjYLUxpYHyUiEFR/EVZ7YQUNIiVWCAAKDVQMeTUEciMMDRpVKzMlBnkmLhIMRH5sVgFxJ3hUBUomAy85AxcAJiRCA3kAdH4gB1wWXjYOAC1cGAAmLFoeGzF1ZhYbDQd3fxsABHkaLDIzASp4SQZ/GxE2KnUdCAUgdBQBASlpJBAiCksfJy5wZh89Nid0Bxg0cnV/DFUNBR8ODCpgfDEjJ1kbAS8rCz4tVQJjHCc+KWYgJSInXgABAXNiKQYcAkALIA8yYX06HScBCB4+c2EpA1V6B2gjFyxdPnQ9GncIBhcbYhoFC3BmKjM
200 OK 3.1 kB URL GET HTTP/2 hecathedralinth.org/QzNOSWQiUS0kWyIOLG8RMV9zbFYFFnwPAHJVfnwSMQA9Ixc2SnlnBy9cOy0CMVwgPUotVjpsVgVpHCUuKmAWGAgTYjk/Nzl6eQsKEX0qJBQQVQsDAwpbDzohLUB8DTcaUQcgIRR/DxMLDmJ+IjEqRCYNNyB2Kz4XdHcaAC4KZyEQLQJcdxw2NGIeATUUfjYLUxpYHyUiEFR/EVZ7YQUNIiVWCAAKDVQMeTUEciMMDRpVKzMlBnkmLhIMRH5sVgFxJ3hUBUomAy85AxcAJiRCA3kAdH4gB1wWXjYOAC1cGAAmLFoeGzF1ZhYbDQd3fxsABHkaLDIzASp4SQZ/GxE2KnUdCAUgdBQBASlpJBAiCksfJy5wZh89Nid0Bxg0cnV/DFUNBR8ODCpgfDEjJ1kbAS8rCz4tVQJjHCc+KWYgJSInXgABAXNiKQYcAkALIA8yYX06HScBCB4+c2EpA1V6B2gjFyxdPnQ9GncIBhcbYhoFC3BmKjM
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerAmazon
Subjecthecathedralinth.org
FingerprintE1:DD:64:B3:B5:33:B0:31:35:46:56:B9:06:53:B3:4B:7D:B5:86:22
ValidityTue, 18 Feb 2025 00:00:00 GMT - Thu, 19 Mar 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (3100), with no line terminators
Hash dc6f0e0e6a49dd94d7258b5addd7705a
727757deaf26bd13645315c543ab4b0a85e651d3
1b7f93ad9140d49ee05ef537b02b894593ea28783b9bc4cb02c522ea730ca8a1
GET /QzNOSWQiUS0kWyIOLG8RMV9zbFYFFnwPAHJVfnwSMQA9Ixc2SnlnBy9cOy0CMVwgPUotVjpsVgVpHCUuKmAWGAgTYjk/Nzl6eQsKEX0qJBQQVQsDAwpbDzohLUB8DTcaUQcgIRR/DxMLDmJ+IjEqRCYNNyB2Kz4XdHcaAC4KZyEQLQJcdxw2NGIeATUUfjYLUxpYHyUiEFR/EVZ7YQUNIiVWCAAKDVQMeTUEciMMDRpVKzMlBnkmLhIMRH5sVgFxJ3hUBUomAy85AxcAJiRCA3kAdH4gB1wWXjYOAC1cGAAmLFoeGzF1ZhYbDQd3fxsABHkaLDIzASp4SQZ/GxE2KnUdCAUgdBQBASlpJBAiCksfJy5wZh89Nid0Bxg0cnV/DFUNBR8ODCpgfDEjJ1kbAS8rCz4tVQJjHCc+KWYgJSInXgABAXNiKQYcAkALIA8yYX06HScBCB4+c2EpA1V6B2gjFyxdPnQ9GncIBhcbYhoFC3BmKjM HTTP/1.1
Host: hecathedralinth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1219
date: Thu, 27 Feb 2025 04:55:10 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=HRAa+vGnQoDhqFN+5GTv0gfwOnmBJwTL0aTmPLhnL0vZeriIPGzC4ABLfWfur+vGazdZXTYQjqr/V8pJmqlG/nsFJtJKzskU2UXBnR0K6DyXooUk/UxmGQoQZQH5; Expires=Thu, 06 Mar 2025 04:55:10 GMT; Path=/
AWSALBCORS=HRAa+vGnQoDhqFN+5GTv0gfwOnmBJwTL0aTmPLhnL0vZeriIPGzC4ABLfWfur+vGazdZXTYQjqr/V8pJmqlG/nsFJtJKzskU2UXBnR0K6DyXooUk/UxmGQoQZQH5; Expires=Thu, 06 Mar 2025 04:55:10 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 7146458eabc0c79851363d3a7ad4d72c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: U4kC_JTbzW3R0B7z7EzJ9ABpXwJwyJV_6wEVUu-USKPXfvFBtSAksw==
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykrZCjMcrkbVrlIb5BksEr6TIkHma3gniXYnU4JoDicsDtSJiIuCxX-GP8SZ_gMjeMJE6r0fnQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1010333518%3A1740632111544909&ddm=1
403 Forbidden 0 B URL GET HTTP/2 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykrZCjMcrkbVrlIb5BksEr6TIkHma3gniXYnU4JoDicsDtSJiIuCxX-GP8SZ_gMjeMJE6r0fnQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1010333518%3A1740632111544909&ddm=1
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectaccounts.google.com
FingerprintBB:4E:17:F4:9E:56:B5:92:B9:18:49:BF:8D:2C:CB:84:B0:ED:95:CA
ValidityMon, 10 Feb 2025 08:52:24 GMT - Mon, 05 May 2025 08:52:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASSHykrZCjMcrkbVrlIb5BksEr6TIkHma3gniXYnU4JoDicsDtSJiIuCxX-GP8SZ_gMjeMJE6r0fnQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1010333518%3A1740632111544909&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Feb 2025 04:55:11 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-moHnZF_h8SrzLwdVzXf9PQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.4HZuFT5d2vk.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET shakingtacklingunpeeled.com/check.html
200 OK 926 B URL GET HTTP/2 shakingtacklingunpeeled.com/check.html
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint4D:79:44:BF:B1:21:6E:06:AE:F6:CB:C3:96:AB:03:90:80:2B:CF:E6
ValidityFri, 20 Sep 2024 14:45:34 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 71505e12f216b8af6226e1843db2386c
726011ff922cfdc35e1cf98e8b62d060fb556239
464a6028d1f5fa91381b83da8285bb2e8eae86ff3f92037d418a38a1cad9bf37
GET /check.html HTTP/1.1
Host: shakingtacklingunpeeled.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 20 Feb 2025 11:07:42 GMT
vary: Accept-Encoding
etag: W/"67b70cfe-39e"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 90 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1218347
expires: Tue, 17 Feb 2026 04:55:09 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIOe7KbM1TrwpCXRn30rwQdThJT6g1wqy7HVSgzpD4MpCZUx9wW3xCcFc%2FRcrGe2Y%2FMpGDHyVKbsOs4xhwxWKEzlza7qwtlWT0xJBN2C5ujhbuDjCddNOFSE%2FveTt8JWhpZXMFJT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 918594bce97f56c0-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET remarkedoneoftheo.org/popunder.gif
200 OK 0 B URL GET remarkedoneoftheo.org/popunder.gif
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectremarkedoneoftheo.org
Fingerprint8F:DC:4D:BA:54:E5:DD:94:77:6D:34:BC:48:22:B6:26:A5:38:90:A1
ValidityMon, 17 Feb 2025 13:43:22 GMT - Sun, 18 May 2025 14:40:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: remarkedoneoftheo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:11 GMT
content-type: image/gif
content-length: 58
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 44111
last-modified: Wed, 26 Feb 2025 16:40:00 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Q57G4o3ED6QgtPDItct8Ly2OqrJtXRCr2rUbnrAS4fhh6OuwM9fhBsINo3eEaNlfPsx6yvzlf%2FsGc7mWLBTTetAEGqrtLJMlnckWi1AQI8hMqEQLa%2FcoMmSsxfNMIUv2DxzVZYFp4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594ca0a7356ae-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5260&min_rtt=4920&rtt_var=2088&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4123&recv_bytes=1205&delivery_rate=120710&cwnd=12000&unsent_bytes=0&cid=e1cfb9cfe2a467e9&ts=664&x=1", cfExtPri, cfHdrFlush;dur=0
GET cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
200 OK 1.3 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT
File type JavaScript source, ASCII text, with very long lines (1355), with no line terminators
Hash 071e147dd13a3f658b986c3c1f19e871
54830bf6a660ff11d8591aadeb1109a24e744a33
0981720261636a0ed2447dc8c2f91e3ce8aa6bb5d88342532e71b6725fad5adc
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 203320
expires: Tue, 17 Feb 2026 04:55:09 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMFMB%2FvddodEOsN9RHudfgM6DzuhF8WG1Efb4fc9X4V8bfDcK%2FEZvT96iCshA5lEQLJ2W49kUM5rC%2BqleWa8Q6iyepoqReV1SOxiDtNod45gNcxnIHKMyfBNNFvgfgvpytNEktVS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 918594bce98056c0-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET waisheph.com/5/6936539/?oo=1&aab=1
200 OK 4.2 kB URL GET HTTP/2 waisheph.com/5/6936539/?oo=1&aab=1
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintE7:88:EE:CD:93:DB:C5:BE:BA:76:E6:0D:56:EB:32:21:DC:F1:FA:91
ValiditySun, 23 Feb 2025 22:17:56 GMT - Sat, 24 May 2025 22:17:55 GMT
File type troff or preprocessor input, ASCII text, with very long lines (4177), with no line terminators
Hash 788af4bf4465c4bb3c8c96fd6e25d64b
a203cf6832542ca96809f7d36934bdce02d9a79c
564e1a37adbaf2ceb863ccc37ccff0d2bd4c2d561dea77b57b5aa788216eff24
GET /5/6936539/?oo=1&aab=1 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: application/json
x-trace-id: 47e56b8f9ad9dc9b8f03642bfb43a135
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://dooodster.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00817ddab4634c2feb2fc7ec4a6f480c; expires=Fri, 27 Feb 2026 04:55:10 GMT; path=/; secure; SameSite=None
oaidts=1740632110; expires=Fri, 27 Feb 2026 04:55:10 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/img/btn-overlay.png
200 OK 1.0 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/img/btn-overlay.png
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash 00a2cfb256d8fa5a2daaa329db233830
fa3228f5eeae0f1b565fb5ea71dab6e843a8a57b
2a3887f8b813045eda5e12c06d6b2f691512de29a17d508bf7bd225899381a17
GET /wp-content/themes/PsyPlay125/assets/css/img/btn-overlay.png HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/theme.main.css?ver=1.2.5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: image/webp
content-length: 1014
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3191
content-disposition: inline; filename="btn-overlay.webp"
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FnOVFCBcXJblEvcnqtxBXYyq0l1RW%2Fh2f2b9E7Rhebkh%2BVMVC9L58d%2BFtDey4PUBLZd5%2BLkzV22qwcBUVJrt72Vlz3nK96KtcYXGrzfGm0jEGpt5XFE1%2BHtwq8xVKcV%2Fogqthhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b5fd4056af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2228&min_rtt=1163&rtt_var=955&sent=190&recv=47&lost=0&retrans=0&sent_bytes=185112&recv_bytes=11838&delivery_rate=7267&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=1494&x=1", cfExtPri, cfHdrFlush;dur=0
GET i.doodcdn.co/theme_2/img/loader.svg
200 OK 694 B URL GET HTTP/3 i.doodcdn.co/theme_2/img/loader.svg
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
File type exported SGML document, ASCII text, with very long lines (750), with no line terminators
Hash e0c38124a46835a055de826afbf33d9b
255567da0faa3de6c4bcef1780e9990ba7c9c0ff
e186e235e7552b286f217c94c747abdd5a8df8279c2334a61202817f937ea960
GET /theme_2/img/loader.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://i.doodcdn.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:10 GMT
content-type: image/svg+xml
last-modified: Mon, 03 Jan 2022 15:43:40 GMT
cache-control: max-age=2592000
expires: Fri, 28 Mar 2025 04:47:58 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 21456
priority: u=4,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 918594c50c3f5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/theme.style.css?ver=1.2.5
200 OK 163 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/theme.style.css?ver=1.2.5
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 163 kB (162732 bytes)
Hash ac5666ee586d923e18e044aad5faea71
803e97561ac5c0b11740c064e564299108325b32
ffd02558818fb3c2312a62a3904a2eaba3d203862d090996444a58478440dd0e
GET /wp-content/themes/PsyPlay125/assets/css/theme.style.css?ver=1.2.5 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=163028
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIMPnECS%2BMDqMYlhIcoNaahXLyUCxuFRVdtlaLq40qFtmg25izLsSAlWznryG7w1rlHfkOHc4K%2Bt3v8bhU3fKi83wnXkUeRm3ffLmQaFryZi7xI%2BIUtutCDL87I93Cucj8KIU54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba4d56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2822&min_rtt=1163&rtt_var=2014&sent=72&recv=30&lost=0&retrans=0&sent_bytes=56040&recv_bytes=8678&delivery_rate=2745978&cwnd=24000&unsent_bytes=0&cid=616b883fe0518211&ts=779&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
200 OK 102 kB URL User Request GET HTTP/2 pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
IP
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
Size 102 kB (101800 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/ HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: text/html; charset=UTF-8
last-modified: Fri, 21 Feb 2025 21:59:19 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kcXm7Yv9%2BDhgPy%2FpmC%2Fu4KEXSTDd15YjwzPX2DwQgcIJ7hGp%2FrHzESP7JDlAa%2BmgmU2nj35ZvhSuhE4xQptDiS0FjhrRv1djtjtumkuoe0eLKrw7DSbB0NcXuCxMbtS8sIq1PbY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594ac991c5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6073&min_rtt=453&rtt_var=11216&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3222&recv_bytes=1267&delivery_rate=6360175&cwnd=254&unsent_bytes=0&cid=5f4718e8fcad57eb&ts=400&x=0"
X-Firefox-Spdy: h2
GET endowmentoverhangutmost.com/get/1997480?zoneid=1997480&jp=_clrcpihoyjczchpgamjzyv&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&bp=2&pid=__clb-1997480_1&uf=0&freq=0
200 OK 7.0 kB URL GET HTTP/2 endowmentoverhangutmost.com/get/1997480?zoneid=1997480&jp=_clrcpihoyjczchpgamjzyv&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&bp=2&pid=__clb-1997480_1&uf=0&freq=0
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerBuypass AS-983163327
Subject
FingerprintA6:69:1C:17:89:EB:E3:18:A2:AB:44:48:75:FC:12:8C:1A:BF:B7:97
ValidityFri, 20 Sep 2024 14:26:10 GMT - Tue, 18 Mar 2025 22:59:00 GMT
File type ASCII text, with very long lines (7148), with no line terminators
Hash aa93a0ff22f4438fb2e5e52560635478
050c883f3c263d434d522f57f0c9f3d661a21565
2e993b9d440eb9118e88cd82872bffefca1323d9cfbeb33a7696028460477d00
GET /get/1997480?zoneid=1997480&jp=_clrcpihoyjczchpgamjzyv&nojs=0&abvar=771&febuild=b4f01a5fab43a07d8e26fe0a79f4f9fb9f5f4fe7&t=0&wcks=1&wgl=0&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=1vcuteBevgNtiXj7v0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&psu=px3AzjSaHR0cHM6Ly9waW5raGVhcnRtb3ZpZXMueHl6L2hhcmRfY3BsLWxpdmUtMy0lMjVFMCUyNUE0JTI1QUMlMjVFMCUyNUE0JTI1QTElMjVFMCUyNUE0JTI1QkMlMjVFMCUyNUE1JTI1ODctJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNTgyJTI1RTAlMjVBNCUyNUFDJTI1RTAlMjVBNSUyNThEJTI1RTAlMjVBNCUyNTlDJTI1RTAlMjVBNCUyNUJDLSUyNUUwJTI1QTQlMjVCNSUyNUUwJTI1QTQlMjVCRSUyNUUwJTI1QTQlMjVCMiUyNUUwJTI1QTUlMjU4MC0lMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE0JTI1QkUlMjVFMCUyNUE0JTI1QUQlMjVFMCUyNUE1JTI1ODAv&afid=6306523553467904&eclog=0&snc=0&ssc=0&vp=0&im=1&noch=1&de=0&cs=5&bp=2&pid=__clb-1997480_1&uf=0&freq=0 HTTP/1.1
Host: endowmentoverhangutmost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Thu, 02 Apr 2026 04:55:08 GMT; Secure; SameSite=None
UID=2502262355dfe6a9e7ae1a4a29a76ff87d07; Path=/; Expires=Thu, 02 Apr 2026 04:55:08 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
200 OK 57 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pinkheartmovies.xyz
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:08 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 56780
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "65993753-ddcc"
last-modified: Sat, 06 Jan 2024 12:19:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 204037
expires: Tue, 17 Feb 2026 04:55:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wL%2FWjnVoe2ufWXuDOjHsk6wjAtgaFpDlV7aW237634%2FwzqVpvqqNPLAJRBuEGXfFt8%2BGjaYMA7LiQzx8qk6%2FGFHCxkFMYN2DKXoyCgJ1lyNHSF33%2FTlr0JVCsi8CdUcWi2nmqtnr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 918594b58d01712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET waisheph.com/?rb=g_mqBxbzDga6uToK0jZHcAVrdcB_Rff4c9j325YaU_jgCCkUqaFWkq4kFiKTrYpWCQ7TsCv31nLgCXbYxow6eKLfV3V7keuu8Bqo5_c75hJztWw9Ch-b6wGwWWKEpIkWyeuwMWTS-xyYPSb7BSP2hKIsNi7oPFD13sQi504N-A2uBxMwnN93I4pqHfz2QSVh3qi1E5bmsJfMwxHZn8W5lYOqoN31zLjlcBHNmy550ubaaUk-tpBeLwOhA1T8O6NA1Wv4dklE8-T__vwIOlz2eTur0hhvOYgdhkBM9Q%3D%3D&request_ab2=0&zoneid=6936539&js_build=iclick-v1.1097.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=500&wiw=1140&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1140&wfc=4&pl=https%3A%2F%2Fdooodster.com%2Fe%2Fseyydirtqz66uk51cnib56qkt1c5wqb&drf=https%3A%2F%2Fpinkheartmovies.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=5&wgl=&js_build=iclick-v1.1097.0&navlng=en-US&vsbl=true&pnt=0&pnrc=1&bs=036a64ab-f2c4-49c3-a351-0f3c650ca28a&wasm=1&userId=00817ddab4634c2feb2fc7ec4a6f480c&m=link
200 OK 2.3 kB URL GET HTTP/2 waisheph.com/?rb=g_mqBxbzDga6uToK0jZHcAVrdcB_Rff4c9j325YaU_jgCCkUqaFWkq4kFiKTrYpWCQ7TsCv31nLgCXbYxow6eKLfV3V7keuu8Bqo5_c75hJztWw9Ch-b6wGwWWKEpIkWyeuwMWTS-xyYPSb7BSP2hKIsNi7oPFD13sQi504N-A2uBxMwnN93I4pqHfz2QSVh3qi1E5bmsJfMwxHZn8W5lYOqoN31zLjlcBHNmy550ubaaUk-tpBeLwOhA1T8O6NA1Wv4dklE8-T__vwIOlz2eTur0hhvOYgdhkBM9Q%3D%3D&request_ab2=0&zoneid=6936539&js_build=iclick-v1.1097.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=500&wiw=1140&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1140&wfc=4&pl=https%3A%2F%2Fdooodster.com%2Fe%2Fseyydirtqz66uk51cnib56qkt1c5wqb&drf=https%3A%2F%2Fpinkheartmovies.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=5&wgl=&js_build=iclick-v1.1097.0&navlng=en-US&vsbl=true&pnt=0&pnrc=1&bs=036a64ab-f2c4-49c3-a351-0f3c650ca28a&wasm=1&userId=00817ddab4634c2feb2fc7ec4a6f480c&m=link
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerLet's Encrypt
Subjectwaisheph.com
FingerprintE7:88:EE:CD:93:DB:C5:BE:BA:76:E6:0D:56:EB:32:21:DC:F1:FA:91
ValiditySun, 23 Feb 2025 22:17:56 GMT - Sat, 24 May 2025 22:17:55 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2365), with no line terminators
Hash 6cef65d5450ee9a76cca27d0a08f029f
23f2014fb86063192342ce08ce5026f828216bc0
4d823ef44a7b0f419b42f6dfb0bf55ed6a492c9d458729209fd8611ba586faee
GET /?rb=g_mqBxbzDga6uToK0jZHcAVrdcB_Rff4c9j325YaU_jgCCkUqaFWkq4kFiKTrYpWCQ7TsCv31nLgCXbYxow6eKLfV3V7keuu8Bqo5_c75hJztWw9Ch-b6wGwWWKEpIkWyeuwMWTS-xyYPSb7BSP2hKIsNi7oPFD13sQi504N-A2uBxMwnN93I4pqHfz2QSVh3qi1E5bmsJfMwxHZn8W5lYOqoN31zLjlcBHNmy550ubaaUk-tpBeLwOhA1T8O6NA1Wv4dklE8-T__vwIOlz2eTur0hhvOYgdhkBM9Q%3D%3D&request_ab2=0&zoneid=6936539&js_build=iclick-v1.1097.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=500&wiw=1140&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1140&wfc=4&pl=https%3A%2F%2Fdooodster.com%2Fe%2Fseyydirtqz66uk51cnib56qkt1c5wqb&drf=https%3A%2F%2Fpinkheartmovies.xyz%2F&np=1&pt=0&nb=1&ng=0&ix=1&nw=1&tb=false&btz=UTC&bto=0&tt=5&wgl=&js_build=iclick-v1.1097.0&navlng=en-US&vsbl=true&pnt=0&pnrc=1&bs=036a64ab-f2c4-49c3-a351-0f3c650ca28a&wasm=1&userId=00817ddab4634c2feb2fc7ec4a6f480c&m=link HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dooodster.com/
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Cookie: OAID=00817ddab4634c2feb2fc7ec4a6f480c; oaidts=1740632110
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 27 Feb 2025 04:55:11 GMT
content-type: application/json
x-trace-id: 0348d95d3424d4600a29715b3c24fc2e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://dooodster.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00817ddab4634c2feb2fc7ec4a6f480c; expires=Fri, 27 Feb 2026 04:55:11 GMT; path=/; secure; SameSite=None
oaidts=1740632111; expires=Fri, 27 Feb 2026 04:55:11 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 06 Mar 2025 04:55:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET pinkheartmovies.xyz/wp-content/uploads/2023/03/hard_cpl-LIVE-3-4.gif
200 OK 1.2 MB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/uploads/2023/03/hard_cpl-LIVE-3-4.gif
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Size 1.2 MB (1234630 bytes)
Hash 7ebbfbc90ccb4e27c5a222f40d5be43c
f4d2d51285d0b5fc1ac20f82d6dfd7291da7d9ac
56307318d87faf6031d5e6da83d11c0fee33522d362b449402ec5c1db2bef5ca
GET /wp-content/uploads/2023/03/hard_cpl-LIVE-3-4.gif HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; bnState_1997480={"impressions":2,"delayStarted":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/webp
content-length: 1234630
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=2908812
content-disposition: inline; filename="hard_cpl-LIVE-3-4.webp"
last-modified: Mon, 01 Apr 2024 19:12:29 GMT
vary: Accept
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cCiACEBVTSV8OMWUAhn7S%2FzYmXCB8YEgk4V5BWM6xHekSy5%2BztxhJ8KgO2z0YifS2Re0gcDyayVNrp05EKsKzFGA2F7KDhvyrquFlAy0T9Vos113%2BjjDHz8vPAKAZk2V6dTnEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594ba8fa456af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3800&min_rtt=1163&rtt_var=4276&sent=262&recv=57&lost=0&retrans=0&sent_bytes=261971&recv_bytes=14709&delivery_rate=25234486&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=2083&x=1", cfExtPri, cfHdrFlush;dur=0
GET my.rtmark.net/gid.js?userId=00817ddab4634c2feb2fc7ec4a6f480c
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=00817ddab4634c2feb2fc7ec4a6f480c
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint56:7F:53:10:57:2F:C3:F4:06:8B:DB:2F:C1:F7:6A:1D:68:59:14:3F
ValiditySat, 04 Jan 2025 10:02:11 GMT - Fri, 04 Apr 2025 11:00:33 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 51303e86148fb293135141894e80af5c
aedd1da624b2efbc3a9d6e1ba42426307373ffdc
f81655974c23c35f03a4822e6bb5835eb7fa4b79051298e068bd3d4e462e1b50
GET /gid.js?userId=00817ddab4634c2feb2fc7ec4a6f480c HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dooodster.com
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:11 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dooodster.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=00817ddab4634c2feb2fc7ec4a6f480c; expires=Fri, 27 Feb 2026 04:55:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 918594c74d865684-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fastlycdn.com/ajax/libs/react/18.3.1/cjs/react.production.min.js
200 OK 90 kB URL GET HTTP/2 fastlycdn.com/ajax/libs/react/18.3.1/cjs/react.production.min.js
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectfastlycdn.com
Fingerprint5A:03:C0:AF:15:37:1F:68:2F:F6:74:53:17:44:74:A4:BD:62:7E:F0
ValidityWed, 19 Feb 2025 03:48:23 GMT - Tue, 20 May 2025 04:48:18 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 4f6bfb70659c4e69a8c64b0ab5d91654
6c71a1ed4086f1f8bd3480c75d45eeae4605220b
384aade1bb638dac512359c28e335e8d7f930d87229c54230aca5d22dfd17583
GET /ajax/libs/react/18.3.1/cjs/react.production.min.js HTTP/1.1
Host: fastlycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: text/javascript
etag: W/"4f6bfb70659c4e69a8c64b0ab5d91654"
last-modified: Thu, 24 Oct 2024 11:13:26 GMT
vary: Accept-Encoding
cache-control: max-age=86400
cf-cache-status: HIT
age: 52568
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AA0as%2F%2FJ0S%2BirUZZBBuGY7HNh2ybRbpYukXvy6ic7KUJ4TQIscR1U3iyieyXxvmgvKVJRB28pl7uMJdrAmi0gVDOmoOhpHCOuIO0ICSRrkA%2BdeY2fcoFVcu%2BR5%2F3EE6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594be6b770b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=413&min_rtt=379&rtt_var=103&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3263&recv_bytes=1186&delivery_rate=8758064&cwnd=253&unsent_bytes=0&cid=5b0baba007e2e124&ts=213&x=0"
X-Firefox-Spdy: h2
GET undefined/cGliWGgRCwE1VxFUAH4dAgVffVo2TFAeDEEPUm0eAloRMhsFEFV2CxwGFzwOAgYMLEYeDBZ9WjZYMwAABzM3FQE2EVYcDjQ8MB4uGF8GMxAzPDoaBjMoKxkiKB4BEB8fGigJGzUoJh4eNxFaETIjGi4QHwMTBBofNCpRNz08DjM8LUM4NhYuPQUvaVw1IRs8UCMvOxIhGVEEDD09BC4gHD4/JQ0POCsoAQxCCiwdPhccLj8hKioxYA8oPCsyDB1QKw4+FBMDCVAqKhs7HTQeLBkLKCw1Gi0yEQENBDE6URYDIxMoGQsoLDIfOQRYBg5ZNCNQAhIjKE8wPBRbMBQlGysaOzkfLjMQKTE6NxY6EjEkCj4mDRgSAEA9JjEQGzoIAjATWiAROTY7GDsuQSo0Cz0fKgoNLDwtDjw5GScbOwMIDDQPPUA7Nx1OGhoNNhhNDRE2USU/FiA4RQImbg4C
0 B URL GET undefined/cGliWGgRCwE1VxFUAH4dAgVffVo2TFAeDEEPUm0eAloRMhsFEFV2CxwGFzwOAgYMLEYeDBZ9WjZYMwAABzM3FQE2EVYcDjQ8MB4uGF8GMxAzPDoaBjMoKxkiKB4BEB8fGigJGzUoJh4eNxFaETIjGi4QHwMTBBofNCpRNz08DjM8LUM4NhYuPQUvaVw1IRs8UCMvOxIhGVEEDD09BC4gHD4/JQ0POCsoAQxCCiwdPhccLj8hKioxYA8oPCsyDB1QKw4+FBMDCVAqKhs7HTQeLBkLKCw1Gi0yEQENBDE6URYDIxMoGQsoLDIfOQRYBg5ZNCNQAhIjKE8wPBRbMBQlGysaOzkfLjMQKTE6NxY6EjEkCj4mDRgSAEA9JjEQGzoIAjATWiAROTY7GDsuQSo0Cz0fKgoNLDwtDjw5GScbOwMIDDQPPUA7Nx1OGhoNNhhNDRE2USU/FiA4RQImbg4C
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cGliWGgRCwE1VxFUAH4dAgVffVo2TFAeDEEPUm0eAloRMhsFEFV2CxwGFzwOAgYMLEYeDBZ9WjZYMwAABzM3FQE2EVYcDjQ8MB4uGF8GMxAzPDoaBjMoKxkiKB4BEB8fGigJGzUoJh4eNxFaETIjGi4QHwMTBBofNCpRNz08DjM8LUM4NhYuPQUvaVw1IRs8UCMvOxIhGVEEDD09BC4gHD4/JQ0POCsoAQxCCiwdPhccLj8hKioxYA8oPCsyDB1QKw4+FBMDCVAqKhs7HTQeLBkLKCw1Gi0yEQENBDE6URYDIxMoGQsoLDIfOQRYBg5ZNCNQAhIjKE8wPBRbMBQlGysaOzkfLjMQKTE6NxY6EjEkCj4mDRgSAEA9JjEQGzoIAjATWiAROTY7GDsuQSo0Cz0fKgoNLDwtDjw5GScbOwMIDDQPPUA7Nx1OGhoNNhhNDRE2USU/FiA4RQImbg4C HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/theme.main.css?ver=1.2.5
200 OK 116 kB URL GET HTTP/3 pinkheartmovies.xyz/wp-content/themes/PsyPlay125/assets/css/theme.main.css?ver=1.2.5
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 116 kB (116339 bytes)
Hash 9b71963ec738c7ea765f63700169db2f
e19dd01d878d1b711ee27e533a70f4f59eb591ca
2cef767cd2150a7daa320a190323b1d36cc58795eeaa95d627bd93096ff7c8f9
GET /wp-content/themes/PsyPlay125/assets/css/theme.main.css?ver=1.2.5 HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:07 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-bgj: minify
cf-polished: origSize=117070
last-modified: Mon, 01 Apr 2024 19:12:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdnKIQ%2BfC0h6K0FQmLiSJ7JkXFdOvkojEoBPeMpLk%2FKvcCRmJiJiC4vcMUSkovIJBOHEsNr5c%2BYT9x9HgInIzd1gpx51SOqmwaayjqhIJkJEKeD8gyTaVDJUGBflzu5cC6OFnHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594b1ba4f56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4393&min_rtt=1285&rtt_var=2701&sent=25&recv=24&lost=0&retrans=0&sent_bytes=4513&recv_bytes=8418&delivery_rate=499357&cwnd=12000&unsent_bytes=0&cid=616b883fe0518211&ts=553&x=1", cfExtPri, cfHdrFlush;dur=0
GET pinkheartmovies.xyz/wp-content/plugins/wp-postratings/images/stars_flat(png)/rating_off.png
200 OK 296 B URL GET HTTP/3 pinkheartmovies.xyz/wp-content/plugins/wp-postratings/images/stars_flat(png)/rating_off.png
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectpinkheartmovies.xyz
FingerprintC3:95:22:8E:50:29:CB:9A:66:A7:3F:21:90:74:30:53:59:B9:6E:0B
ValidityTue, 25 Feb 2025 11:32:15 GMT - Mon, 26 May 2025 12:32:02 GMT
File type RIFF (little-endian) data, Web/P image
Hash 17b188cf2c6f480a4e8d5ee1c5935054
374fc0e96ba2e98d8f3eeab73f6474df502b3c49
aeb7e906d5421dc4ca7ab4ec50cbe91d71ace475684f057779bb155f6d2b281e
GET /wp-content/plugins/wp-postratings/images/stars_flat(png)/rating_off.png HTTP/1.1
Host: pinkheartmovies.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Cookie: UGVyc2lzdFN0b3JhZ2U=%7B%7D; bnState_1997480={"impressions":2,"delayStarted":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: image/webp
content-length: 296
cache-control: public, max-age=14400
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=424
content-disposition: inline; filename="rating_off.webp"
last-modified: Tue, 16 Jul 2024 17:38:02 GMT
vary: Accept
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsIOh0p7xmmRYWtTm9ZTe4P2j6yQ%2B2ZHXPaw99xrO4Uu4xF3PNShwQPeBPQLF38s1pZZ9SM%2FJdVxpPRlD%2B7Z4JjCATMvzCIQQhCewOcMarAiDeI5caeJIXl%2FASVSpTCab12RIp0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594ba7fa056af-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2391&min_rtt=1163&rtt_var=1802&sent=476&recv=64&lost=0&retrans=0&sent_bytes=511118&recv_bytes=15026&delivery_rate=29831824&cwnd=96000&unsent_bytes=0&cid=616b883fe0518211&ts=2178&x=1", cfExtPri, cfHdrFlush;dur=0
GET dooodster.com/e/gt3f3b2t0hcnvaqmi1jhqftxrp73tctq
302 Found 98 kB URL GET HTTP/2 dooodster.com/e/gt3f3b2t0hcnvaqmi1jhqftxrp73tctq
IP
Requested by https://pinkheartmovies.xyz/hard_cpl-live-3-%E0%A4%AC%E0%A4%A1%E0%A4%BC%E0%A5%87-%E0%A4%AC%E0%A5%82%E0%A4%AC%E0%A5%8D%E0%A4%9C%E0%A4%BC-%E0%A4%B5%E0%A4%BE%E0%A4%B2%E0%A5%80-%E0%A4%AD%E0%A4%BE%E0%A4%AD%E0%A5%80/
Certificate IssuerGoogle Trust Services
Subjectdooodster.com
Fingerprint8F:6A:94:3C:7A:A4:33:12:2A:98:6A:78:7C:CC:C0:5B:5D:E8:5D:C1
ValidityFri, 10 Jan 2025 10:41:34 GMT - Thu, 10 Apr 2025 11:40:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/gt3f3b2t0hcnvaqmi1jhqftxrp73tctq HTTP/1.1
Host: dooodster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pinkheartmovies.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 27 Feb 2025 04:55:09 GMT
content-length: 0
set-cookie: lang=1; domain=.dooodster.com; path=/
referer=; domain=.dooodster.com; path=/; expires=Thu, 27-Feb-2025 04:56:09 GMT
location: /e/seyydirtqz66uk51cnib56qkt1c5wqb
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sk%2Bvs7DGCDi0B5acmkOyLFauuo1fddj1Nfozgd%2BJop6WulpziY5oOR0qHELKe93vVX2O%2FM7uBNpo1m7cMMu0ST3UePxFb%2Fmp8NNr6Sj6RUkVzFMyVMGbABm8BWzHigY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918594bac9b21bfe-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6420&min_rtt=446&rtt_var=11920&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3206&recv_bytes=1170&delivery_rate=6928229&cwnd=254&unsent_bytes=0&cid=ba5c1e7cdcba7248&ts=125&x=0"
X-Firefox-Spdy: h2
GET undefined/dlkycm4XO1EfURdkUFQbBDUPV1wwfAA0Ckc/AkcYBGpBGB0DIAVcDRo2RxYIBDZcBkAYPEZXXDAtY0EoOBR1Nwk+MHwlNhw6azk/RwBRQixTa3QwOBo1cyZXIBsBRjg/NQo9JAEQByQ8OC13GyQSC0sZLT81BiAIERx5Iwc3KnQbLCUQRSg2OQxdNAgdH0AqLzctdBwvIRtxQj0VGHQ6Jx4MRDY4IDVwJl8QGlxGOj1oCjwlHj5bIBY7NmQIBiQBcUYLOGhZPCIOG10zBxJrakFeIAwBPDQ5NVkiJA5tBCNeJCFjISAzC3o0LBAYcCINRwsXQCwVMmAKPyJ0QigqRQ90Ey87M2gZIE8KdBZdIBEHCzw+H3AiXiwcUTYsThgDJBonDmMkO0UUZTkoOxJ+NDxTa3QWAjgjYzpeNwx6PC8XGHggJCQ+F0AoIAhRAS0hPnE4XTwaVyBbJANjIBk3CBQYHRk3Qk8eMStzHQkbO3A3
0 B URL GET undefined/dlkycm4XO1EfURdkUFQbBDUPV1wwfAA0Ckc/AkcYBGpBGB0DIAVcDRo2RxYIBDZcBkAYPEZXXDAtY0EoOBR1Nwk+MHwlNhw6azk/RwBRQixTa3QwOBo1cyZXIBsBRjg/NQo9JAEQByQ8OC13GyQSC0sZLT81BiAIERx5Iwc3KnQbLCUQRSg2OQxdNAgdH0AqLzctdBwvIRtxQj0VGHQ6Jx4MRDY4IDVwJl8QGlxGOj1oCjwlHj5bIBY7NmQIBiQBcUYLOGhZPCIOG10zBxJrakFeIAwBPDQ5NVkiJA5tBCNeJCFjISAzC3o0LBAYcCINRwsXQCwVMmAKPyJ0QigqRQ90Ey87M2gZIE8KdBZdIBEHCzw+H3AiXiwcUTYsThgDJBonDmMkO0UUZTkoOxJ+NDxTa3QWAjgjYzpeNwx6PC8XGHggJCQ+F0AoIAhRAS0hPnE4XTwaVyBbJANjIBk3CBQYHRk3Qk8eMStzHQkbO3A3
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dlkycm4XO1EfURdkUFQbBDUPV1wwfAA0Ckc/AkcYBGpBGB0DIAVcDRo2RxYIBDZcBkAYPEZXXDAtY0EoOBR1Nwk+MHwlNhw6azk/RwBRQixTa3QwOBo1cyZXIBsBRjg/NQo9JAEQByQ8OC13GyQSC0sZLT81BiAIERx5Iwc3KnQbLCUQRSg2OQxdNAgdH0AqLzctdBwvIRtxQj0VGHQ6Jx4MRDY4IDVwJl8QGlxGOj1oCjwlHj5bIBY7NmQIBiQBcUYLOGhZPCIOG10zBxJrakFeIAwBPDQ5NVkiJA5tBCNeJCFjISAzC3o0LBAYcCINRwsXQCwVMmAKPyJ0QigqRQ90Ey87M2gZIE8KdBZdIBEHCzw+H3AiXiwcUTYsThgDJBonDmMkO0UUZTkoOxJ+NDxTa3QWAjgjYzpeNwx6PC8XGHggJCQ+F0AoIAhRAS0hPnE4XTwaVyBbJANjIBk3CBQYHRk3Qk8eMStzHQkbO3A3 HTTP/1.1
Host: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET i.doodcdn.co/css/embed.css
200 OK 80 kB URL GET HTTP/2 i.doodcdn.co/css/embed.css
IP
Requested by https://dooodster.com/e/seyydirtqz66uk51cnib56qkt1c5wqb
Certificate IssuerGoogle Trust Services
Subjectdoodcdn.co
Fingerprint7D:35:A3:4C:8C:E0:50:F3:EA:C6:29:C7:70:A1:56:97:E4:AE:86:0D
ValidityFri, 24 Jan 2025 18:52:05 GMT - Thu, 24 Apr 2025 19:52:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/embed.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dooodster.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 27 Feb 2025 04:55:09 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
vary: Accept-Encoding
etag: W/"61d3187c-13812"
expires: Fri, 28 Mar 2025 22:56:58 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 21460
server: cloudflare
cf-ray: 918594befef456cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.73.4
3.164.230.5
212.117.186.84
23.109.170.222
141.94.143.88
139.45.197.119
95.173.205.15